Tag: cisa
Elon Musk Blames ‘Massive Cyberattack’ for Widespread X Outage – March 10th
Social media platform X suffered a major outage on March 10, with tens of thousands of users unable to access the site. Owner Elon Musk blamed the disruption on a "massive cyberattack," suggesting that a well-funded group or nation-state may have been involved. The outage, which peaked around 10 a.m. EST, affected both the X app and website, with intermittent service disruptions continuing throughout the day. As frustrated users flocked to alternative platforms like Threads and Bluesky, concerns grew over the security of X’s infrastructure.
DragonForce Ransomware Hits Saudi Firm, 6TB of Data Leaked – February 27th
A Riyadh-based real estate and construction company has fallen victim to a ransomware attack by DragonForce, resulting in the theft of 6TB of sensitive data. The attackers initially set a February 27 ransom deadline, one day before the start of Ramadan, but upon non-compliance, published the stolen data on a dedicated leak site (DLS). DragonForce operates as a Ransomware-as-a-Service (RaaS) group, equipping cybercriminals with attack tools in exchange for a share of ransom payments. Their leak platform also employs advanced CAPTCHA mechanisms to evade security firms.
US takes on Chinese hackers
A man alleged to be behind the recent Salt Typhoon US telecoms network and US Treasury department breaches has been sanctioned by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC). Yin Kecheng “has been a cyber actor for over a decade and is affiliated with the People’s Republic of China Ministry of State Security (MSS)”, says the Treasury Office. Yin is alleged to have had direct and associated involvement in both breaches. Two key individuals in President Donald Trump’s new administration, Elon Musk, and the president’s nominee to head the Department of Homeland Security, Kristi Noem, have specifically cited the two devastating breaches as the prime examples of why the nation’s cybersecurity strategy is in pressingly urgent need of being overhauled.
Fresh Focus on Cyber-Attacks for CISA
One of the greatest challenges now facing President Trump’s new administration is to protect the US’s critical infrastructure and its economy from the rapidly growing menace of cyber-attacks. On Friday, the president’s nominee to head the Department of Homeland Security, Kristi Noem, signalled a new direction for America’s main cybersecurity agency, the Cybersecurity and Infrastructure Security Agency (CISA), which, she says, urgently needs to be realigned away from focusing on misinformation and curtailing free speech and more towards preventing cyber-attacks on critical infrastructure in the US.
FBI unplugs Chinese hackers
The US Justice Department and FBI have completed a law enforcement operation to delete Chinese malware from approximately 4,258 U.S.-based computers and networks. The international operation was led by French law enforcement and France-based private cybersecurity company Sekoia.io. According to court documents unsealed in the Eastern District of Pennsylvania, a group of hackers paid by the People’s Republic of China (PRC), known as “Mustang Panda” and “Twill Typhoon,” used a version of PlugX malware to infect, control, and steal information from victim computers. Since at least 2014, Mustang Panda hackers have infiltrated thousands of computer systems in campaigns targeting US victims, European and Asian governments and businesses, and Chinese dissident groups.
German Intelligence warns of Russian cyber-attacks
The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020. Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.
Boeing Discloses $200M Ransomware Attempt – May 13th
Boeing made a significant disclosure: The LockBit ransomware group targeted the company, which demanded a staggering $200M extortion payment. Boeing did not pay LockBit a ransom despite 43 GB of company data leaked on the ransomware group's website in November 2023. Boeing is now in contact with the FBI to mitigate the breach.
95% of Organizations Changed their Cyber Strategy in the Past Year – April 30th
LogRhythm announced that 95% of companies reported that they’ve altered their cybersecurity strategies within the last twelve months. The “2024 State of the Security Team: Navigating Constant Change” report also disclosed that 98% of respondents state that keeping pace with the shifting regulatory landscape is the leading factor in driving changes in security strategy.
UK Government Launches Updated Cyber Regulations – April 29th
As a testament to the UK's £2.6 billion National Cyber Strategy, the UK Government has proactively launched regulations to safeguard UK consumers and businesses from cyber-attacks. The updated regulations now mandate that manufacturers of consumer electronics adhere to minimum security standards. Additionally, consumers are prohibited from using easily guessable default passwords, a measure aimed at bolstering their personal cyber security.
CISA Warns of “Volt Typhoon” Group Targeting Critical Infrastructure – March 21st
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the Chinese-linked "Volt Typhoon" group, which is targeting critical infrastructure. The CISA warning, issued in collaboration with the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), confirmed the recent critical infrastructure attacks initiated by “Volt Typhoon” and the group's tactics and motives.
CISA Systems Shut Down Due to Third-Party Breach – March 11th
Cybersecurity and Infrastructure Security Agency (CISA) confirmed that two of its systems were voluntarily shut down due to a breach stemming from Ivanti vulnerabilities last month. Despite the successful attack mitigation, CISA claims to upgrade and modernize its systems to avoid breaches of this nature in the future.
UK and US Develop Global AI Security Guidelines – November 27th
The UK's National Cyber Security Center (NCSC), in partnership with the US's Cybersecurity and Infrastructure Security Agency (CISA) launched the 'Guidelines for Secure AI System Development'. The guidelines are set to secure AI system development, to help developers make informed cybersecurity decisions at every step of the AI development process. These AI guidelines were also co-signed in cooperation with 21 other international agencies and ministries from across the world.