Security News

The U.S. Department of Justice has unveiled an indictment against Alireza Shafie Nasab, a 39-year-old Iranian national, for his role in a cyber-espionage campaign targeting U.S. government and defense entities. The U.S. DoJ announcement says Nasab's job with Mahak Rayan Afraz was merely a front for the hacker's malicious operations.

Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML...

An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including...

CISA, the FBI, and the Environmental Protection Agency shared a list of defense measures U.S. water utilities should implement to better defend their systems against cyberattacks. The fact sheet they published today outlines the top eight actions U.S. Water and Wastewater Systems sector organizations can take to reduce cyberattack risks and boost their resilience against malicious activity.

The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world. In a joint advisory published by Germany's Federal...

In an advisory today Germany's federal intelligence agency and South Korea's National Intelligence Service warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government. Today's joint cybersecurity advisory highlights two cases attributed to North Korean actors, one of them the Lazarus group, to provide the tactics, techniques, and procedures used by the attackers.

Chinese state-sponsored hackers have breached the Dutch Ministry of Defense last year and deployed a new remote access trojan malware to serve as a backdoor. "The effects of the intrusion were limited because the victim network was segmented from the wider MOD networks," the Dutch Military Intelligence and Security Service and the General Intelligence and Security Service noted.

Dutch authorities are lifting the curtain on an attempted cyberattack last year at its Ministry of Defense, blaming Chinese state-sponsored attackers for the espionage-focused intrusion. Specialists from the Netherlands' Military Intelligence and Security Service and the General Intelligence and Security Service were called in to investigate an intrusion at an MOD network last year, uncovering a previously unseen malware they're calling Coathanger.

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported versions of Windows could spell trouble for enterprise defenders. "I have only tested the whole thing a few times in a domain network consisting of a Windows 10 machine and a Windows Server 2022 domain controller. I was able to crash the event log service of the domain controller as an unprivileged user from the Windows 10 machine, and that was about it."

Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like...