Access and Government - Information Management Today

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

broadband providers and gained access to private communications of a limited number of U.S. government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. China-linked threat actors breached U.S. broadband providers.

Government

Government Communications Access Risk

Government contractor Conduent disclosed a data breach

Security Affairs

APRIL 16, 2025

“On January 13, 2025, Conduent Incorporated (the “Company”) experienced an operational disruption and learned that a threat actor gained unauthorized access to a limited portion of the Companys environment.” ” reads the FORM-8K filed with SEC.

Data breaches

Data breaches Government Business Services Personal data

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

WIRED Threat Level

APRIL 24, 2024

Sources suspect China is behind the targeted exploitation of two zero-day vulnerabilities in Cisco’s security appliances.

Access

Access Government Security

Webinars

Going Beyond Chatbots: Connecting AI to Your Tools, Systems, & Data

Automation, Evolved: Your New Playbook for Smarter Knowledge Work

MORE WEBINARS

Massive cyberattacks hit French government agencies

Security Affairs

MARCH 11, 2024

A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. “Several “intense” cyberattacks targeted multiple French government agencies since Sunday night, as disclosed by the prime minister’s office.” ” reported the French newspaper Le Monde.

Government

Government Information Security Access Security

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

However, they often struggle with increasingly larger data volumes, reverting back to bottlenecking data access to manage large numbers of data engineering requests and rising data warehousing costs. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Cloud

French Government Investigates Suspected Chinese Espionage

Data Breach Today

JULY 26, 2024

National Police Probe Botnet Campaign That Infected 3,000 Machines The French government has launched an investigation into a suspected Chinese espionage campaign that infected thousands of networks in France. The botnet campaign pushed out the PlugX remote access Trojan that has infected 3,000 machines in France since 2020.

Government

Government Access

Cisco addressed Webex flaws used to compromise German government meetings

Security Affairs

JUNE 5, 2024

Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited vulnerabilities in the German government’s implementation of the Cisco Webex software to access internal meetings.

Government

Government Metadata Military Passwords

ACLU Warns DOGE’s ‘Unchecked’ Access Could Violate Federal Law

WIRED Threat Level

FEBRUARY 7, 2025

The ACLU says it stands ready to sue for access to government records that detail DOGEs access to sensitive personnel data.

Access

Access Government IT Security

U.S. CISA: hackers breached a state government organization

Security Affairs

FEBRUARY 16, 2024

CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The government experts conducted an incident response assessment of the state government organization after its documents were posted on the dark web.

Government

Government Authentication Cybersecurity Data breaches

Partner Webinar: A Framework for Building Data Mesh Architecture

Speaker: Jeremiah Morrow, Nicolò Bidotti, and Achille Barbieri

Yet they are continually challenged with providing access to all of their data across business units, regions, and cloud environments. In this session, you will learn: How the silos development led to challenges with data growth, data quality, data sharing, and data governance (an example of datamesh paradigm adoption).

Government

Private Firm Accessed Italian Govt Database: Prosecutors

Data Breach Today

OCTOBER 29, 2024

Foreign Minister Tajani Condemns Conspiracy as 'Threat to Democracy' The foreign minister of Italy condemned Monday as a threat to democracy the private investigation firm that prosecutors in Milan say illegally accessed government databases for years to assemble illicit dossiers. Four individuals are under house arrest.

Access

Access Government

Ukraine bans Telegram for government agencies, military, and critical infrastructure

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. ” continues the announcement.

Military

Military Government Personal data Phishing

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

AUGUST 13, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities. This malware enables hidden, unauthorized access to computers.” The campaign, tracked as UAC-0198, has been active since July.

Phishing

Phishing Government File names Access

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.” ” Chinese law requires researchers to disclose zero-day vulnerabilities to the government. reads the advisory.

Government

Government Cloud Access IT

Beware of Pixels & Trackers on U.S. Healthcare Websites

Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities (..)

Cybersecurity

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Government

Government Privacy Risk Data collection

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records

WIRED Threat Level

NOVEMBER 20, 2023

A WIRED analysis of leaked police documents verifies that a secretive government program is allowing federal, state, and local law enforcement to access phone records of Americans who are not suspected of a crime.

Access

Access Government Privacy Security

Russian cyber spies stole data and emails from UK government systems

Security Affairs

AUGUST 8, 2024

Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media. Earlier this year, Russia’s foreign intelligence service stole internal emails and data on individuals from the UK government. ” reported The Record Media. “We

Government

Government Data breaches Access IT

Clop group obtained access to the email addresses of about 632,000 US federal employees

Security Affairs

NOVEMBER 2, 2023

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. ” states Bloomberg.

Access

Access Agriculture Data breaches Ransomware

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” Device code phishing attacks exploit authentication flows to steal tokens, granting attackers access to accounts and data. . ” continues the report.

Phishing

Phishing Authentication Access Government

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

WIRED Threat Level

NOVEMBER 7, 2023

The Government Surveillance Reform Act of 2023 pulls from past privacy bills to overhaul how police and the feds access Americans’ data and communications.

Government

Government Communications Privacy Access

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies. broadband providers.

Government

Government Communications Access Passwords

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 The threat actors had access to the company’s information technology systems and encrypted some of its data files. . million year-to-date. ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Cybersecurity Access

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection

Data collection Authentication Access Cybersecurity

Australian government announced sanctions for Medibank hacker

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Gennadievich Ermakov (aka GustaveDore, aiiis_ermak, blade_runner, JimJones), a Russian national who is a member of the REvil ransomware group.

Government

Government Insurance Ransomware Data breaches

UNC1860 provides Iran-linked APTs with access to Middle Eastern networks

Security Affairs

SEPTEMBER 20, 2024

Iran-linked APT group UNC1860 is operating as an initial access facilitator that provides remote access to Middle Eastern Networks. Mandiant researchers warn that an Iran-linked APT group, tracked as UNC1860, is operating as an initial access facilitator that provides remote access to target networks in the Middle East.

Access

Access Encryption Government Security

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Security Affairs

DECEMBER 2, 2024

The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” ” reads the announcement published by Tor Project.

Government

Government Access Security IT

Awaken Likho APT group targets Russian government with a new implant

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises. The threat actor continues to target Russian government entities and enterprises.

Government

Government Archiving Phishing Access

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

FEBRUARY 19, 2024

The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. “TAG70 has demonstrated a high level of sophistication in its attack methods.

Military

Military Government Access Risk

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

MARCH 28, 2024

In 2023, the researchers attributed a combined total of 48 out of 58 zero-day vulnerabilities to commercial surveillance vendors (CSVs) and government espionage actors, while 10 zero-day flaws were attributed to financially motivated actors. ” continues the report. ” concludes the report.

Government

Government Ransomware Libraries Access

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. As companies jump online, into the cloud, into SaaS, deeper into cyberspace, and further into third-party dependency, locking down their access points is of critical concern.

B2B

B2B Cybersecurity Risk Access

China-linked APT Mustang Panda upgrades tools in its arsenal

Security Affairs

APRIL 17, 2025

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

IT

IT Archiving Encryption Communications

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

Active since 2021, Storm-0940 gains access through password spraying, brute-force attacks, and exploiting network edge services, targeting sectors like government, law, defense, and NGOs in North America and Europe. “Microsoft assesses that a threat actor located in China established and maintains this network.

Passwords

Passwords Access Cloud Government

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels.

Government

Government Authentication Communications Access

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

Building upon the same concept, GigaOm rolled out its first-ever DSPM vendor evaluation report, defining DSPM as a tool that offers “visibility into where sensitive data is, who has access to it, and how it is being used. Who has access to it? Consequently, organizations face various security, governance, privacy, and compliance risks.

Data Privacy

Data Privacy Privacy GDPR Compliance

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. In recent years, multiple threat actors, including the group TA569 , have been observed using the software as a Remote Access Trojan (RAT).

Education

Education Government Business Services Archiving

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., A French law enforcement agency has gained access to the C2 server (45.142.166.112) used to control the malware. European, and Asian entities. A court operation recently removed PlugX infections from U.S.

Government

Government Cybersecurity Access IT

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. “Mailed notices will include information on how affected individuals can access free credit monitoring services from the Port. reads the update published by the agency.

Data breaches

Data breaches Ransomware Manufacturing Education

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The charges result from an investigation conducted by the US government into public companies potentially impacted by the supply chain attack on SolarWinds’ Orion software. ” reads the press release published by SEC.

Cybersecurity

Cybersecurity Risk Access Government

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

Spanish Police arrested an unnamed hacker who allegedly breached tens of government institutions in Spain and the US. Spanish National Police arrested a hacker responsible for multiple cyberattacks on government institutions in Spain and the U.S. Targe including the U.S. Army, UN, NATO, and other agencies.

Data breaches

Data breaches Information Security Government Access

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

According to the indictment, Ptitsyn facilitated the worldwide use of a dangerous ransomware strain to target corporations and various organizations, including government agencies, healthcare facilities, educational institutions, and critical infrastructure. Barron for the District of Maryland.

Ransomware

Ransomware Education Sales Government

Strengthening data reliability at WGU through smarter governance

Collibra

APRIL 17, 2025

In a recent episode of Data Citizens Dialogues , Garth Gelbach , Head of Data Governance at Western Governors University (WGU) , described how the university transitioned from fragmented data management to a more structured governance model. Before we had the data governance initiative, it was a scramble for data.

Government

Government Metadata Marketing IT

DOGE Teen Owns ‘Tesla.Sexy LLC’ and Worked at Startup That Has Hired Convicted Hackers

WIRED Threat Level

FEBRUARY 5, 2025

Experts question whether Edward Coristine, a DOGE staffer who has gone by Big Balls online, would pass the background check typically required for access to sensitive US government systems.

Government

Government Access Security

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Government contractor Conduent disclosed a data breach

Webinars

Trending Sources

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

Webinars

Massive cyberattacks hit French government agencies

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

French Government Investigates Suspected Chinese Espionage

Cisco addressed Webex flaws used to compromise German government meetings

ACLU Warns DOGE’s ‘Unchecked’ Access Could Violate Federal Law

U.S. CISA: hackers breached a state government organization

Partner Webinar: A Framework for Building Data Mesh Architecture

Private Firm Accessed Italian Govt Database: Prosecutors

Ukraine bans Telegram for government agencies, military, and critical infrastructure

CERT-UA warns of a phishing campaign targeting government entities

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Beware of Pixels & Trackers on U.S. Healthcare Websites

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records

Russian cyber spies stole data and emails from UK government systems

Clop group obtained access to the email addresses of about 632,000 US federal employees

Storm-2372 used the device code phishing technique since August 2024

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Australian government announced sanctions for Medibank hacker

UNC1860 provides Iran-linked APTs with access to Middle Eastern networks

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Awaken Likho APT group targets Russian government with a new implant

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

China-linked APT Mustang Panda upgrades tools in its arsenal

Chinese threat actors use Quad7 botnet in password-spray attacks

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Why DSPM is Essential for Achieving Data Privacy in 2024

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

FBI deleted China-linked PlugX malware from over 4,200 US computers

Port of Seattle ‘s August data breach impacted 90,000 people

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Russian Phobos ransomware operator faces cybercrime charges

Strengthening data reliability at WGU through smarter governance

DOGE Teen Owns ‘Tesla.Sexy LLC’ and Worked at Startup That Has Hired Convicted Hackers

Stay Connected