Cybersecurity
Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors
Nearly 880 spoofed domains of worldwide IT, defense and aerospace firms were identified between December and March, DomainTools Investigations says.
Cybersecurity
Lawmakers targeted in encrypted messaging phishing scam
Officials have been urging Americans and federal staff to pivot to encrypted messaging services amid a recent Chinese breach into telecommunications networks.
Cybersecurity
Chinese hackers used a ‘range of sophisticated methods’ to breach US telecom providers, insider says
Salt Typhoon deployed various methods to break into telecommunications firms that went far beyond a singular run-of-the-mill credential-stealing attempt, according to a person familiar.
Cybersecurity
DHS cyber review board to examine China-linked cyberattacks of Microsoft
The Cyber Safety Review Board will assess how a hacking group reportedly linked to China leveraged a vulnerability in Microsoft Exchange Online to access government emails.
Digital Government
New FCC Rule Aims to Kill Spam Texts at the Source
Additional proposals would give consumers more options, such as adding text messages to the Do-Not-Call registry.
Cybersecurity
Malicious Emails Surged for Election Workers in 2 Battleground States Ahead of Primaries
Research conducted by cybersecurity firm Trellix found that county election workers in Arizona and Pennsylvania saw an increase in phishing schemes ahead of their primary elections.
Ideas
Phishing Threats Attempt to Hook New Government Victims
While the government is focused on the dangers of ransomware, phishing campaigns can circumvent the usual protections placed on its networks.
Ideas
You Know How to Identify Phishing Emails
A cybersecurity researcher explains how to trust your instincts to foil the attacks.
Cybersecurity
Beware of Emails Promising a Third Stimulus Check, FTC Says
The emails are impersonating the IRS and soliciting personal and financial information.
Cybersecurity
Most Local Governments Provide Cyber Awareness Training. Why Do 25% Let Elected Leaders Opt Out?
A new survey from the CompTIA Public Technology Institute highlights cybersecurity concerns among municipal IT professionals, including remote work and rising insurance premiums.
Cybersecurity
Expired Driver’s Licenses Open Lane for Cybercriminals
Fraudsters send out texts or emails falsely warning that the target’s license needs to be updated, is missing information or is expiring.
Cybersecurity
Survey: Nearly 3 in 4 Organizations Suffered Data Breaches Due to Phishing
More than half of respondents indicated concerns about hybrid work environments and defending against malicious emails.
Ideas
Government Employees' Online Personal Info Presents Unmitigated Risk Vector
Today, 1 in 15 government workers is exposed to social engineering attacks.
Cybersecurity
Report: Mobile Phishing to Steal Government Credentials Increased 67% in 2020
State and local governments are more exposed than federal agencies in the new teleworking age, but threats have increased across the board.
Cybersecurity
CISA Warns of Vulnerabilities in Cloud Use, Shares Solutions List
Basic cyber hygiene isn’t so basic when it comes to remote environments.
Cybersecurity
CISA, FBI Warn that U.S. Think Tanks Are in Hackers’ Crosshairs
The agencies share guidance for shoring up defenses in a remote work environment that can disguise attackers.
Ideas
To Achieve Cyber Agility, Think Long-Term
Agencies must instead invest in cyber platforms to become more agile and responsive to adversaries.
Cybersecurity
Foreign Hackers Cripple Texas County’s Email System, Raising Election Security Concerns
The malware attack, which sent fake email replies to voters and businesses, spotlights an overlooked vulnerability in counties that don’t follow best practices for computer security.
Cybersecurity
Foreign Hacker Sentenced in $1M Scam Targeting Federal Employees and Contractors
The criminal ring used phishing emails and fake websites to get almost $1 million worth of printer toner to sell on black markets.
Cybersecurity