CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities

The Computer Emergency Response Team of Ukraine CERT-UA has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. "The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust...

CVE-2024-50044

creationtimestamp| type| source ---|---|--- 2024-10-21 22:43:17+00:00| seen| https://t.me/cvedetector/8563 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-47712

creationtimestamp| type| source ---|---|--- 2024-10-21 15:09:52+00:00| seen| https://t.me/cvedetector/8466 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

US Government Says Relying on Chinese Lithium Batteries Is Too Risky

A new document shows the Department of Homeland Security is concerned that Chinese investment in lithium batteries to power energy grids will make them a threat to US supply chain security...

Justice Department Indicts Tech CEO for Falsifying Security Certifications

The Wall Street Journal is reporting that the CEO of a still unnamed company has been indicted for creating a fake auditing company to falsify security certifications in order to win government business...

Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant

The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper aka SnipBot or RomCom...

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

Summary The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, the Communications Security Establishment Canada CSE, the Australian Federal Police AFP, and Australian Signals Directorate's Australian Cyber Security...

CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

Today, CISA—with the Federal Bureau of Investigation FBI, the National Security Agency NSA, and international partners—released joint Cybersecurity Advisory Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure. This advisory provides known indicators...

About Cross Site Scripting – Roundcube Webmail (CVE-2024-37383) vulnerability

About Cross Site Scripting - Roundcube Webmail CVE-2024-37383 vulnerability. Roundcube is a web-based email client with functionality comparable to desktop email clients such as Outlook Express or Mozilla Thunderbird. The vulnerability is caused by an error in the processing of SVG elements in th...

More on My AI and Democracy Book

In July, I wrote about my new book project on AI and democracy, to be published by MIT Press in fall 2025. My co-author and collaborator Nathan Sanders and I are hard at work writing. At this point, we would like feedback on titles. Here are four possibilities: 1. Rewiring the Republic: How AI Wi...

Cyberattack Group 'Awaken Likho' Targets Russian Government with Advanced Tools

Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. "The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain remote access to systems,...

Dutch Police Hacked, 63,000 Officers’ Details Exposed

A foreign government is believed to have hacked into the Dutch police force's systems, exposing the contact details…...

Cyber Threats Targeting the US Government During the Democratic National Convention

Cyber Threats Targeting the US Government During the Democratic National Convention By Anne An · October 2, 2024 Introduction Trellix global sensors detected increased threat activities during the days that the Democratic National Convention DNC was held in August 2024, culminating into a massive...

Russia-Backed Media Outlets Are Under Fire in the US—but Still Trusted Worldwide

The US government says outlets like RT work closely with Russian intelligence, and platforms have removed or banned their content. But they’re still influential all around the world...

Ukraine Bans Telegram Use for Government and Military Personnel

Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity NCCC in a post shared on...

FBI Dismantles Chinese-Linked Botnet of 260,000 IoT Devices

The FBI, in collaboration with U.S. government agencies, dismantled a Chinese state-backed botnet known as Flax Typhoon, comprising…...

The Iranian Cyber Capability

The Iranian Cyber Capability By Ernesto Fernández Provecho, Pham Duy Phuc, and John Fokker · September 19, 2024 Introduction In recent years, The Islamic Republic of Iran has extensively promoted the execution of cyber campaigns to protect its national interests, deter adversaries, and conduct...

We can try to bridge the cybersecurity skills gap, but that doesn’t necessarily mean more jobs for defenders

I have written about the dreaded " cybersecurity skills gap" more times than I can remember in this newsletter, but I feel like it's time to revisit this topic again. That's because the White House announced a new initiative last week for the U.S. government called the " Service for America"...

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iraqi government networks have emerged as the target of an "elaborate" cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister's Office and the Ministry of Foreign Affairs, cybersecurity compa...

CVE-2024-32848

creationtimestamp| type| source ---|---|--- 2024-09-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1369 2024-09-12 04:44:44+00:00| seen| https://t.me/cvedetector/5423 2025-01-14 18:10:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1559...