Cyber Threats
North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say
“The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will have far reaching impacts,” a chief Google analyst said.
Pro-Iran hackers claim breach of FBI director’s email
The leaks appear to be authentic, according to a person familiar with the matter.
European officials highlight private sector help in major cybercrime takedowns
Industry helped European law enforcement groups in operations that tracked and dismantled assets tied to major cybercrime gangs like Scattered Spider.
Google launches threat disruption unit, stops short of calling it ‘offensive’
The unit will use legal authorizations and technical capabilities to impede cyber threat groups, though company execs say it will not go so far as to hack into adversaries' systems.
CISA, FBI have engaged with Stryker staff after cyberattack, official says
Industry groups are seeing a “steady state” of Iran-linked hacking activity but observers should still keep their eyes peeled, CISA’s Nick Andersen said.
National cyber director doesn’t envision industry doing offensive hacking
Sean Cairncross wants the private sector to use its technical prowess to inform U.S. government offensive and defensive decisions.
Stryker hack could set stage for more pro-Iran cyber sabotage
A top lawmaker said his team is in touch with the company.
Suspected pro-Iran hacker group tied to Stryker cyberattack
“We are currently experiencing a global network disruption affecting the Windows environment. Our teams are actively working to restore systems and operations. Stryker has business continuity measures in place, and we’re committed to serve our customers,” the company said in a statement.
Russia-linked hackers appear on Iran war’s cyber front, but their impact is murky
Some experts question the significance of pro-Russia “hacktivist” groups.
FBI is probing ‘suspicious’ breach into bureau networks
Initial reporting tied the incident to the FBI’s wiretap systems, which are used to lawfully surveil suspected criminals and spies.
Exclusive
Trump’s CISA nominee said he left Coast Guard to address GOP hold
Sean Plankey confirmed the intent to Nextgov/FCW and said he’s “prepared to lead the nation’s cyber defense agency to protect the federal civilian networks and our nation’s critical infrastructure from physical and cyber attacks.”
Potential US-built hacking tools obtained by foreign spies and cybercriminals, research says
iVerify has described the activity as the “first known mass iOS attack” campaign of its kind. Google said fragments of the exploit first appeared last February, with ties to an unnamed “customer of a surveillance company.”
Featured eBooks
Intelligence firms watch for uptick in Iran cyber activity after US, Israel strikes
Analysts say organizations should remain vigilant, though early indications show Iran-linked hackers have overstated their success.
Hackers are exploiting exposed Cisco products, Five Eyes intelligence agencies say
A Cisco threat intelligence report calls the cyberintruders “highly sophisticated” but stops short of naming any affiliation with a foreign nation.
Treasury sanctions Russian firm said to have stolen and sold US cyber tools
The sanctions coincide with an FBI investigation into Peter Williams, a former employee of U.S. defense contractor L3Harris who pleaded guilty to selling cyber exploits to a Russian entity.
Exclusive
Energy Department patched flaws enabling email impersonation in critical minerals system
The vulnerabilities could have let malicious users masquerade as agency officials, potentially misleading researchers, contractors and others.
Senator says AT&T and Verizon blocked release of Salt Typhoon security reports
“AT&T and Verizon apparently intervened” to block a major cyber intelligence firm from sending documentation about the telecom hackers, Sen. Maria Cantwell wrote in a letter.
White House cyber shop is crafting AI security policy framework, top official says
ONCD chief Sean Cairncross also said a bedrock National Cyber Strategy, initially expected last month, is coming “sooner rather than later” without specifying a date.
NIST releases a new draft cybersecurity framework for systems that never stop moving
Sometimes the most important cybersecurity work is not flashy.
Building government resilience in an era of AI-driven cyberattacks
COMMENTARY | As AI reshapes cyber threats, resilience will hinge on speed.
