Chinese Hackers Breach Senior US Treasury Officials' Computers in Major Security Incident
Chinese state-sponsored hackers compromised approximately 100 US Treasury Department computers, accessing sensitive but unclassified information through a third-party security vendor. The breach exposed internal documents and communications, though classified systems remained secure.
New Guidelines Aim to Standardize Cyber Threat Actor Naming Conventions
Security experts have released comprehensive recommendations to address the chaos in naming malicious cyber threat actors, targeting issues like multiple aliases and ambiguous naming practices. The new RFC document provides practical guidelines for organizations to improve threat intelligence sharing and analysis.
Google Chrome Extension Vulnerability Exposes Millions to 2FA Bypass Attacks
A sophisticated phishing campaign targeting Chrome extensions has compromised two-factor authentication protection for millions of users since December 2023. The attacks, including a major breach at Cyberhaven, allow hackers to steal and reuse authentication cookies to bypass security measures.
China's Cyber Assault: Unraveling the Wave of State-Sponsored Attacks on US Infrastructure
A series of sophisticated cyber attacks targeting US government agencies and telecommunications giants has been attributed to Chinese state-sponsored hackers, marking what FBI officials call China's most extensive cyber-espionage campaign. The breaches have compromised sensitive data across multiple sectors, including the Treasury Department and major telecom providers.
Hacker Resurrects Dead Satellite: Decade-Old Beesat-1 Gets Second Life in Space
In a groundbreaking achievement, hacker PistonMiner successfully repaired and regained control of Beesat-1, a miniature satellite defunct since 2013, through remote intervention from Earth. The remarkable feat, demonstrated at the 38th Chaos Communications Congress, extends the CubeSat's operational life by up to 20 years.
The Trust Paradox: Why We Depend on Software We Can't Fully Verify
In our digital-first world, users must place enormous trust in software vendors despite limited ability to verify code security. While tools like code signing and audits help, the challenge of software trust remains a fundamental issue that affects everyone using modern technology.
Chinese Hackers Breach US Treasury Through BeyondTrust Software
The US Treasury Department revealed a major security breach where suspected Chinese state-sponsored hackers gained access through compromised BeyondTrust remote support software. The incident, currently under investigation by CISA and FBI, is part of a broader pattern of sophisticated cyber attacks targeting US government infrastructure.
Chinese Hackers Breach US Treasury Through Third-Party Security Provider
The US Treasury Department revealed a major cybersecurity breach by Chinese state-sponsored hackers who gained access through BeyondTrust, a third-party security provider. The incident, classified as 'major,' prompted immediate response from federal agencies including the FBI and CISA.
French Tech Giant Atos Investigates Space Bears Ransomware Attack Claims
Atos SE, a major French IT company specializing in cybersecurity and digital services, is investigating alleged ransomware attack claims by the Space Bears group. While the threat actors claim database compromise, Atos reports no evidence of breach and continues thorough investigation.
FTC Cracks Down on AI-Powered Weapons Scanner Maker for Misleading Claims
The Federal Trade Commission orders Evolv Technologies to stop exaggerating its AI-based weapons detection system's capabilities after revealing it performs similarly to standard metal detectors at higher costs. The settlement particularly impacts educational institutions, allowing them to cancel contracts following performance issues and misrepresented claims.