December 3, 2024 at 06:49AM The UK’s National Cyber Security Centre reported a significant increase in severe cyber threats, tripling to 12 incidents, with overall cases rising by 16%. Predicted vulnerabilities emphasize the urgency for enhanced cybersecurity measures, particularly against risks from state actors like China and Russia, amid a growing cybercrime ecosystem. ### Meeting … Read more
November 16, 2024 at 02:16AM Switzerland’s NCSC warned citizens about malware spread through fake letters from the Federal Office of Meteorology, promoting a dangerous “Severe Weather Warning App.” The app, a malicious imitation of Alertswiss, contains the Coper trojan, targeting banking credentials. This method of delivery via postal service is unprecedented, indicating targeted spear-phishing efforts. … Read more
November 4, 2024 at 12:49PM The UK’s NCSC analyzed “Pygmy Goat,” a Linux malware targeting Sophos XG firewalls used in attacks by Chinese threat actors. It employs advanced techniques for maintaining persistence and remote access. The report offers detection strategies and highlights similarities with “Castletap” malware linked to state-sponsored actors. ### Meeting Takeaways 1. **Malware … Read more
November 1, 2024 at 10:45AM The NCSC reported a stealthy backdoor, dubbed ‘Pygmy Goat,’ discovered on compromised Sophos XG firewall devices. This malware is designed to operate on a wider variety of Linux-based devices, raising security concerns regarding its potential impact on broader systems. **Meeting Notes Takeaways:** 1. **Discovery of a Backdoor**: A stealthy network … Read more
September 3, 2024 at 05:49AM Transport for London (TfL) is addressing an ongoing cyber security incident, confirming measures to prevent further access to systems and protect customer data. The organization is collaborating with government agencies, and so far, there is no evidence of compromised customer data or impact to services. The incident has affected backroom … Read more
September 2, 2024 at 02:20PM Transport for London (TfL) is actively investigating an ongoing cyberattack with no current impact on its services. The agency assured customers that there is no evidence of compromised customer data and promptly reported the attack to government authorities. Measures have been implemented to prevent further system access, as TfL works … Read more
August 8, 2024 at 08:59AM CISA director Jen Easterly, alongside counterparts from the UK and EU, emphasized the strong preparation for securing elections. With 2024 being a pivotal year for global elections, they discussed the resilience of voting systems to outside threats. While recognizing the complexity of the threat environment, they stressed the importance of … Read more
August 5, 2024 at 01:24PM The South Korean National Cyber Security Center (NCSC) warns that state-backed DPRK hackers exploited VPN software flaws to deploy malware and breach networks. The activity is connected to a nationwide industrial modernization project announced by Kim Jong-un. The threat groups implicated are Kimsuky and Andariel, targeting the same sector simultaneously. … Read more
August 2, 2024 at 06:43AM The UK’s NCSC plans to launch ACD 2.0, a refreshed suite of cyber defense services. Specific details are yet to be revealed, but key principles include providing unique capabilities and transferring services to other government or industry partners within three years. The NCSC seeks input from various sectors for future … Read more
June 12, 2024 at 10:06AM The Netherlands’ cybersecurity agency revealed an extensive Chinese state-sponsored malware attack on FortiGate systems, compromising at least 20,000 units, impacting Western governments, defense companies, and international organizations. Coathanger malware provided persistent access and is distinct from other RATs. Dutch intelligence suspects continued Chinese control over infected systems worldwide, highlighting edge … Read more