Cyberespionage and nation state cyberattacks
- March 25, 2020
A dual cyberespionage and cybercrime group known as APT41 exploited vulnerabilities in Citrix NetScaler/ADC and other products in an extensive, global threat campaign.
- March 24, 2020
What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event.
- March 19, 2020
Deepfakes may seem like a scary new threat in today's world, but should the world be worried? SearchSecurity asked numerous experts to weigh in at RSA Conference 2020.
- February 28, 2020
Four panelists discussed the ban on the world's largest telecommunications equipment manufacturer in relation to to supply chain risk.
- February 27, 2020
During his RSA Conference keynote, CrowdStrike co-founder Dmitri Alperovitch explains why the U.S. Department of Justice's indictments against Chinese hackers has been effective.
- February 10, 2020
Four members of China's military have been charged for hacking Equifax following a 2017 breach that compromised nearly 150 million Americans' personal information.
- January 08, 2020
Cybersecurity experts weigh in on the risks of potential nation-state cyberattacks from Iran following a DHS warning and heightened tensions between the country and the U.S.
- October 08, 2019
Nation-state hackers are exploiting previously disclosed vulnerabilities in VPNs from Pulse Secure, Palo Alto Networks and Fortinet, according to a security advisory from the NSA.
- October 04, 2019
This week's Risk & Repeat podcast looks at President Trump's recent comments about CrowdStrike and the DNC 'server' and the misinformation around Russian election interference.
- September 25, 2019
In a call with the Ukrainian president that is now the focus of an impeachment inquiry, President Trump discussed CrowdStrike and asked for help with finding a 'server.'
- August 19, 2019
Confidence in the security of the 2020 election spanned the gamut, depending on who you asked at DEF CON's Voting Village, with local officials more optimistic than technologists.
- August 09, 2019
In its latest report on industrial control system threats, Dragos said it believes the first major 'destructive' ICS attack will likely occur at an oil and gas facility.
- June 24, 2019
The cyberthreat warning from Christopher Krebs, director of the DHS Cybersecurity and Infrastructure Security Agency, follows escalating tension between Iran and the U.S.
- June 14, 2019
Dragos says Xenotime, the threat group behind a devastating ICS attack in 2017, has been probing the networks of U.S. electric utilities and also attempted network intrusions.
- May 08, 2019
The 2019 Verizon Data Breach Investigations Report showed significant increases in cyberespionage and nation-state activity. It also painted a gloomy picture for email threats.
- May 01, 2019
Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.
- March 13, 2019
Fragile electronic voting systems and the weaponization of social media continue to menace U.S. election systems as presidential candidates ramp up their 2020 campaigns.
- March 13, 2019
Citrix disclosed a potential data breach blamed on poor password security, but a lack of details about the attack leaves only unconfirmed claims from a single cybersecurity firm.
- March 08, 2019
Facebook and Twitter executives say finding a pattern of malicious activity is more effective in identifying bad actors on sites than looking at the misleading information itself.
- March 07, 2019
Incident response experts say nation-state cyberattacks are so common that they find threat actors from multiple nations operating in the same victim environment.
- January 22, 2019
A Democratic National Committee lawsuit regarding Russian cyberattacks in the lead-up to the 2016 election now also claims Russia attacked DNC systems after the 2018 midterms.
- January 10, 2019
This week's Risk & Repeat podcast discusses how a Chinese state-sponsored threat group known as APT10 hacked into managed service providers to gain access to their clients.
- December 21, 2018
The Department of Justice indicted two alleged members of the Chinese state-sponsored hacking group APT10, which hacked managed service providers to steal data from enterprises.
- November 29, 2018
The FBI indicted two threat actors involved with the SamSam ransomware attacks while the US Treasury sanctioned two others for their role in exchanging Bitcoin earned from attacks.
- November 16, 2018
Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to an accidental misconfiguration and not malicious activity.
- November 14, 2018
An international cybercrime agreement was signed by 50 nations and 150 companies in Paris, but the U.S., China and Russia were not part of the accord.
- October 25, 2018
FireEye security researchers claimed the Russian government was 'most likely' behind the Triton malware attack on an industrial control system in Saudi Arabia last year.
- October 19, 2018
Researchers claim a new threat group called GreyEnergy is the successor to BlackEnergy, but experts are unsure if the evidence supports the claims or warnings of future attacks.
- October 12, 2018
News roundup: An APT group called TeleBots group was linked to Industroyer malware and NotPetya ransomware, according to researchers. Plus, Imperva is acquired by Thoma Bravo and more.
- October 05, 2018
The U.S., U.K. and other allies accused seven Russian military officers in cybercrimes around the world, and the GRU indictment from the U.S. formally pressed charges.
- October 04, 2018
Security researchers tracked an aggressive cybertheft campaign -- attributed to North Korean APT38 -- in which threat actors attempted to steal more than $1 billion and destroy all evidence along the way.
- September 25, 2018
Microsoft announced that, six months after its introduction, the Cybersecurity Tech Accord has nearly doubled its membership and partnered with the Global Forum on Cyber Expertise.
- September 07, 2018
The Department of Justice charged one Lazarus Group hacker, Park Jin Hyok, for his role in the WannaCry attack, Sony hack, SWIFT banking theft and more.
- August 24, 2018
News roundup: Social media platforms shut down accounts spreading misinformation. The Facebook accounts deleted were tied to Iran, Russia. Plus, Ryuk ransomware spreads, and more.
- August 23, 2018
Expert Laura Norén believes companies should be held to standards of data science ethics both when it comes to customer data and also for the data collected about employees.
- August 09, 2018
At Black Hat 2018, security researcher Carsten Schuermann unveiled the results of a forensic analysis of eight WinVote voting machines that had been used in Virginia elections.
- August 08, 2018
In her Black Hat 2018 keynote, Google's Parisa Tabriz celebrated the unrecognized, long-term work that can cause real change in security and challenge the status quo.
- August 03, 2018
Using two-factor authentication with one-time passwords sent via SMS has come under question again after a Reddit breach was blamed on the faulty 2FA method.
- August 02, 2018
The SearchSecurity team covers the latest threats and vulnerabilities featured at this year's Black Hat USA with news, interviews and more from Las Vegas.
- July 27, 2018
Senator Ron Wyden wrote a letter to multiple government agencies advocating that the entire U.S. government stop Adobe Flash use on all systems due to security risks.
- July 26, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new warning from the Department of Homeland Security regarding Russian hackers targeting the U.S. power grid.
- July 26, 2018
For the first time, DHS has offered more detailed and unclassified information about electrical grid attacks carried out by Russian hackers and the dangers to U.S. infrastructure.
- July 17, 2018
The indictment of Russian intelligence officers accused of hacking the DNC revealed a troubling timeline, including the X-Agent malware lurking on DNC systems for months.
- July 13, 2018
A grand jury for special counsel Robert Mueller's election-interference investigation indicted 12 Russian intelligence officers for crimes related to the DNC and DCCC hacks.
- June 29, 2018
Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done.
- June 27, 2018
A new side-channel attack on Intel chips, named TLBleed, can extract signing keys. But the researcher who discovered it said users shouldn't worry, because it's not the next Spectre.
- June 20, 2018
The Pentagon reportedly approved the use of offensive cyberattacks by the U.S. Cyber Command, and one expert said enterprises should be ready to handle the 'return fire.'
- June 13, 2018
Despite a summit between President Trump and North Korean leader Kim Jong Un, the threat of North Korean hacking and cyberespionage still looms large, according to experts.
- May 31, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware.
- May 31, 2018
One of four Yahoo hackers was sentenced to five years in prison for his role in the massive 2014 breach, which included accessing millions of sensitive email accounts.
- May 31, 2018
In part two of this interview from RSA Conference 2018, Dragos CEO Robert Lee discusses the latest threats to industrial control systems and how those threats can be exaggerated.
- May 30, 2018
The U.S. government claims two notable malware campaigns are the work of North Korean nation-state hacking group Hidden Cobra, also known as the Lazarus Group.
- May 25, 2018
Dragos' Robert Lee talks with SearchSecurity at RSA Conference 2018 about why there are reasons to be optimistic about the state of ICS security, despite growing threats.
- May 22, 2018
Recorded Future's Levi Gundert discusses how the Iranian government uses proxies and contractors to launch cyberattacks, and how its strategy presents challenges for the country.
- May 22, 2018
The 'Sun Team' group of North Korean hackers placed malicious apps in the Google Play store to target defectors and steal personal data such as photos, contacts and SMS messages.
- May 21, 2018
Recorded Future's Levi Gundert explains why major cyberattacks against Western enterprises are expected to resume following the United States' withdrawal from the Iran nuclear deal.
- May 16, 2018
The U.S. government has identified a man already in custody on unrelated charges as the suspect in the Vault 7 leak, but it is unclear how much evidence supports the case.
- May 10, 2018
Android P security features, which were previewed at Google I/O, include notable improvements for data privacy and encryption and preventing malicious apps from spying on users.
- April 27, 2018
Microsoft released new fixes that include the Intel microcode patches for Spectre variant 2 to help protect users on Windows 10 and Windows Server 2016.
- April 20, 2018
A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage.
- April 17, 2018
The RSAC keynote speakers pushed a unified idea of collaboration across public and private sectors, improved teamwork and the value of incremental improvements in cybersecurity.
- April 17, 2018
At RSA Conference 2018, Microsoft President Brad Smith warned of nation-state cyberattacks and called on governments and the private sector to do more to address them.
- April 16, 2018
The second annual Black Report -- a hacker survey aimed at getting a different perspective on cybersecurity -- detailed how long it takes to breach a perimeter and what attacks are easiest.
- April 12, 2018
Cryptojacking attacks are on the rise, but experts are unsure if the threat can overtake the malware dominance of ransomware due to regulatory and profit questions.
- March 16, 2018
The U.S. Treasury Department levied sanctions for Russian government hacking, as a joint alert from the FBI and DHS confirms election meddling and critical infrastructure attacks.
- March 12, 2018
New research claims Olympic Destroyer was not the work of the North Korea-backed Lazarus Group; rather, it was a false flag cyberattack designed to mislead attribution efforts.
- March 08, 2018
Researchers discovered evidence of an NSA tracking program designed to watch nation-state hackers and gather information as attacks were in progress.
- January 19, 2018
The Trisis ICS malware used in a cyberattack on an oil and gas company in Saudi Arabia in December has been publicly available for weeks after being copied by unknown actors.
- January 12, 2018
News roundup: The hacking group called Fancy Bears claims to have hacked the Olympics again. Plus, a former NSA contractor pleads guilty to stealing government data, and more.
- December 27, 2017
Researchers believe North Korean nation-state hackers from the Lazarus Group are targeting cryptocurrency exchanges and owners in a wave of financially motivated attacks.
- December 22, 2017
News roundup: Cryptocurrency exchanges are folding because of targeted cyberattacks. Plus, five hackers were arrested in connection with international ransomware attacks, and more.
- December 19, 2017
The White House officially said North Korea was behind the WannaCry attacks, and it credited Facebook and Microsoft for work in attribution. But it left questions unanswered.
- December 01, 2017
One of the Yahoo data breach hackers pleaded guilty to his involvement in the attack. Plus, the FBI failed to notify U.S. officials that they were targets of Fancy Bear, and more.
- November 16, 2017
A lengthy Kaspersky report offers more insight into how the antivirus company discovered Equation Group malware and came to possess classified U.S. government data.
- October 31, 2017
Kaspersky Lab finally explained how it came to possess Equation Group malware, but does the company's latest statement answer enough questions about the ongoing drama?
- October 20, 2017
The Kaspersky controversy continued this week as the antivirus company responded to several explosive news stories about its relationship with the Russian government.
- October 20, 2017
News roundup: Former employees reveal a 2013 database breach exposed Microsoft's bug tracking system, DHS sets new rules for federal agencies on web, email security, and more.
- October 17, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss reports implicating Kaspersky antivirus scans in the recently disclosed breach at the National Security Agency.
- October 07, 2017
An NSA contractor became the target of a cyberattack after storing agency spying software on a personal device, and this NSA breach has caused a rise in fears regarding Russia.
- October 05, 2017
Newly uncovered information indicated that all 3 billion users were affected by the 2013 Yahoo data breach, but Oath claimed passwords and credit card info was safe.
- August 29, 2017
The specter of Kaspersky-Russian ties has reportedly led to an FBI campaign urging private organizations to drop Kaspersky Lab products; experts urge the FBI to share more evidence.
- August 23, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors examine claims from intelligence veterans that the DNC hack was an inside job, and not the work of Russian hackers.
- August 18, 2017
Former CIA officer Valerie Plame discusses why America's cyberdefense is lagging behind -- and what the government and private sector should do to reverse the trend.
- August 11, 2017
Dell SecureWorks researchers detected suspicious activity on social media accounts of Mia Ash. When they dug deeper, they discovered a new, complex social engineering attack.
- July 28, 2017
At Black Hat 2017, security researcher Matt Suiche analyzed the Shadow Brokers dumps, postings and behavior to get to the bottom of one of the infosec industry's biggest questions.
- June 20, 2017
At the 2017 Cloud Identity Summit, former covert CIA officer Valerie Plame discussed the increasing risks of nation-state cyberattacks focused on geopolitical influence.
- June 14, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss former FBI Director James Comey's testimony on election hacking and election interference from Russia.
- June 12, 2017
RSA's GM Peter Tran sheds light on the value of cyber attribution, explains why the 'how' and 'why' of an attack may be more important than finding who did it.
- June 07, 2017
A new NSA leak allegedly shows Russian agents engaged in election cyberattacks against local U.S. governments and proves people are still the hardest cybersecurity risk to mitigate.
- May 26, 2017
Possible voting machine hacking has been a topic of conversation since before the 2016 election and at DEFCON 2017; professional pentesters will find out what damage can be done.
- April 25, 2017
A new security tool will let users scan their systems for the presence of NSA spyware found in the latest Equation Group leak, and tens of thousands are already infected.
- April 21, 2017
Security researchers say the vulnerability behind the infamous Stuxnet worm is still the most exploited in the world, seven years after being patched.
- April 13, 2017
The government needs a better definition for an act of cyberwarfare, says ex-CIA Director Michael Hayden, because he doesn't think the U.S. election hacking applies.
- April 11, 2017
Security researchers said the CIA Vault 7 tools and techniques are linked to cyberattacks over the past six years targeting various foreign entities.