Security News

The United States and Australia have signed a first-ever bilateral agreement that allows the U.S. Cyber Command and the Information Warfare Division of the Australian Defense Force to jointly develop and share a virtual cyber training platform. The two countries' departments of defense will achieve this by incorporating IWD's feedback into USCYBERCOM's simulated training domain known as the Persistent Cyber Training Environment.

China poses the greatest threat to America and the rest of the free world since World War II, outgoing National Intelligence Director John Ratcliffe said Thursday as the Trump administration ramps up anti-Chinese rhetoric to pressure President-elect Joe Biden to be tough on Beijing. "It offered nothing new but repeated the lies and rumors aimed at smearing China and playing up the China threat by any means," Hua said at a daily briefing on Friday.

In the modern twist on old-fashioned war games, the U.S. military dispatched cyber fighters to Estonia this fall to help the small Baltic nation search out and block potential cyber threats from Russia. The U.S. Cyber Command operation occurred in Estonia from late September to early November, officials from both countries disclosed this week, just as the U.S. was working to safeguard its election systems from foreign interference and to keep coronavirus research from the prying reach of hackers in countries including Russia and China.

The American Civil Liberties Union has sued the US government, claiming Homeland Security agents trampled over people's constitutional rights - by buying phone location data from commercial brokers rather than getting necessary search warrants. "These practices raise serious concerns that federal immigration authorities are evading Fourth Amendment protections for cell phone location information by paying for access instead of obtaining a warrant," the ACLU said in a statement this week.

US securities industry regulator FINRA warned brokerage firms earlier this week of ongoing phishing attacks using a recently registered web domain spoofing a legitimate FINRA website. WHOIS domain data does not provide any information on who registered the phishing domain since all personal information is redacted using the registrar's privacy service.

They also provided a set of extensive mitigation measures to be immediately implemented by think tank organizations' leaders, staff, and IT staff to strengthen their security posture and defend against ongoing attacks by nation-state hacking groups. The FBI also issued a 'TLP:WHITE' private industry notification in April 2020 regarding the continued targeting of US think tanks by state-backed APT groups since at least 2014, with the end goal of gaining access to and exfiltrating sensitive information.

For many of us stuck working from home for most of the year, the lines between work and home activities have blurred. Similar to how social distancing can help prevent the spread of COVID-19, keeping a 'six foot distance' between our digital home life and digital work life can go a long way when it comes to safeguarding our most sensitive data, too.

The US Treasury on Wednesday said it had extended by seven days the November 27 deadline given to the Chinese owner of TikTok to sell the popular social media platform's American business. Trump, who lost his bid for re-election this month, has claimed that TikTok - which has some 100 million US users - can be used to collect data on Americans for Chinese espionage, a claim denied by the company.

US Fertility, the largest network of fertility centers in the U.S., says that some of its systems were encrypted in a ransomware attack that affected the company two months ago, in September 2020. The US Fertility network is comprised of 55 locations across 10 states that completed almost 25,000 IVF cycles in 2018 through its clinics and more than 80 physicians.

Cybercriminals looking to steal personal information are baiting U.S. citizens with emails purporting to be from government agencies offering federal assistance. Bad actors are sending out messages purporting to be from federal government entities offering financial aid or unemployment assistance during the pandemic.