24 matches found
CVE-2026-54105
The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS expose sensitive account information through the 'update-profile/' API endpoint. A remote, unauthenticated attacker can submit a reque...
Wiz achieves FedRAMP High authorization
Unified cloud security without compromise, delivering commercial features to sensitive government systems...
Qrator Labs Mitigated Record L7 DDoS Attack from 5.76M-Device Botnet
Qrator Labs blocked a record L7 DDoS attack from a 5.76M-device botnet targeting government systems, showing rapid global growth since March...
Australia Bans Kaspersky Software Over National Security and Espionage Concerns
Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns. "After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian...
Man certifies his own (fake) death after hacking into registry system using stolen identity
A 39-year-old man has been sentenced to 81 months in jail after hacking governments systems to fake his own death to dodge paying child support. Yes, you read that right. The press release by the US Attorneys Office, Eastern District of Kentucky, paints a detailed picture of what went down. In...
Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions
Exciting news from Australia! Rapid7 has successfully completed an Information Security Registered Assessors Program IRAP assessment to PROTECTED Level for several of our Insight Platform solutions. What is IRAP? An IRAP assessment is an independent assessment of the implementation,...
Chinese Espionage Group “ChamelGang” Uses Attacks for Disruption and Data Theft
Beware! Chinese cyberespionage group ChamelGang targets critical infrastructure like aviation and government systems. SentinelOne report reveals potential attacks across Asia. Learn more about ChamelGang's cyberespionage activities...
Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild
The Cybersecurity and Infrastructure Security Agency CISA added one new vulnerability to its Known Exploited Vulnerabilities Catalog affecting Ivanti Endpoint Manager Mobile, based on evidence of active exploitation. All Federal Civilian Executive Branch FCEB agencies must remediate this...
Chinese Spies Hacked a Livestock App to Breach US State Networks
Vulnerabilities in animal tracking software USAHERDS and Log4j gave the notorious APT41 group a foothold in multiple government systems...
NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks
CISA, the National Security Agency NSA, and the Federal Bureau of Investigation FBI have released a Joint Cybersecurity Advisory CSA on Russian Foreign Intelligence Service SVR actors scanning for and exploiting vulnerabilities to compromise U.S. and allied networks, including national security a...
Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack
Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities. "The purpose of the attack was the mass contamination of informatio...
Georgia Election Data Hit in Ransomware Attack
Ransomware gangs have officially entered the 2020 election fray, with reports of one of the first breaches of the voting season, on Hall County, Ga. The county’s database of voter signatures was impacted in the attack along with other government systems. Although the county said the voting proces...
CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies
The U.S. government’s cybersecurity agency has issued a draft directive mandating all agencies to develop vulnerability disclosure policies, which would give ethical hackers clear guidelines for submitting bugs found in government systems. Security experts hope that the directive will light a fir...
U.S. DoD Hopes To Stamp Out Threats With Bug Bounty Program
The U.S. Department of Defense is doubling down on routing out vulnerabilities in its massive government systems. On Monday, the DoD announced it was expanding its bug bounty program to include the agency’s massive Defense Travel System. The “Hack the DTS” program launched in partnership with bug...
NSA Contractor Secretly Charged With Stealing Classified Secrets
The Federal Bureau of Investigation arrested a National Security Agency contractor working for Booz Allen Hamilton and charged him with stealing highly classified documents. Harold T. Martin III, of Glen Burnie, Md was charged in a criminal complaint filed in late August that became public...
British Court rules Hacktivist 'Lauri Love' can be extradited to USA
British citizen and alleged hacker Lauri Love will be extradited to the United States to face allegations of hacking into United States government computer systems, a UK judge ruled on Friday. Love, 31, is currently facing up to 99 years in prison for allegedly hacking into the FBI, the US Army,...
FBI Quietly Admits to Multi-Year APT Attack, Sensitive Data Stolen
The FBI issued a rare bulletin admitting that a group named Advanced Persistent Threat 6 APT6 hacked into US government computer systems as far back as 2011 and for years stole sensitive data. The FBI alert was issued in February and went largely unnoticed. Nearly a month later, security experts...
OHOCMS exposed 0day vulnerabilities-government system faced a serious threat-vulnerability warning-the black bar safety net
Recently, the Ann constant information security researcher found that the current in the domestic government, education, public security, healthcare and other sectors using a very high rate of government system“OHOCMS”multiple vulnerabilities, including arbitrary file upload, arbitrary file...
USPS Breach Hits Customers, Employees
The United States Postal Service is continuing its investigation around a cyber attack at the agency that managed to compromise the information of both employees and customers earlier this year. The USPS announced in a statement on Monday that it recently fell victim to a “cyber intrusion inciden...
Anonymous hackers launch massive cyber assault on Israel Cyberspace, #OpIsrael
A cyber attack campaign, dubbed OpIsrael by hacking group Anonymous, targeting Israeli websites caused massive disruption to government, academic and private sites Sunday. Israeli media said small business had been targeted. Some homepage messages were replaced with anti-Israel slogans. Anonymous...