The U.S. Treasury Department announced sanctions Thursday against two individuals and four entities allegedly involved in generating revenue for North Korea through illicit remote IT workforce operations, the latest salvo in ongoing efforts to disrupt financial streams that support Pyongyang’s weapons programs. The sanctions focus on efforts in which North Korea sent thousands of skilled…
Category: Geopolitics
Department of Justice (DOJ), FSB, Geopolitics, Global Security News, Government, Microsoft, phishing, Russia, Star Blizzard, Threats, WhatsApp
Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp
The cat-and-mouse game between state-sponsored Russian hackers and one of the world’s biggest technology companies has continued into 2025. Microsoft’s threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change…
china, Cyber Command, Cybersecurity, Department of Defense (DOD), Geopolitics, Global Security News, Government, National Security Agency (NSA), North America, offensive cybersecurity, Salt Typhoon, Stuxnet, Technology, Volt Typhoon
Trump and others want to ramp up cyber offense, but there’s plenty of doubt about the idea
In recent months, incoming Trump administration national security adviser Mike Waltz and some lawmakers have suggested that in response to Chinese cyber breaches, the United States needs to prioritize taking more aggressive offensive actions in cyberspace rather than emphasizing defense. It’s been said before. And it’s easier said than done. Experts that spoke with reporters…
Asia Pacific, china, Christopher Wray, Department of Treasury, fbi, Federal Bureau of Investigation (FBI), Financial, Flax Typhoon, Geopolitics, Global Security News, Integrity Technology Group, internet of things, Internet of Things (IoT), State Department, Technology, Treasury Department
U.S. sanctions take aim at Chinese company said to aid hackers’ massive botnet
The U.S. government on Friday sanctioned a Chinese company that Western nations had connected to a Beijing-sponsored hacking group’s botnet, which had compromised hundreds of thousands of devices before a joint takedown operation last year. Flax Typhoon hackers made use of infrastructure at Integrity Technology Group to exploit victims, according to the Treasury Department’s Office…
disinformation, election hacking, Geopolitics, Global Security News, Government, Iran, Russia, sanctions, Technology, Threats
US sanctions Russian, Iranian groups for election interference
The U.S. State Department has sanctioned two foreign organizations and one individual who it alleges worked on behalf of Russian and Iranian intelligence agencies to interfere in the 2024 U.S. general election. “These actors sought to stoke sociopolitical tensions and undermine our election institutions during the 2024 U.S. general election,” said State Department Press Secretary…
Budapest Convention, Chris Painter, Cybercrime, David Kaye, Electronic Frontier Foundation, Geopolitics, Global Forum on Cyber Expertise, Global Security News, human rights, North America, Policy, privacy, Russia, State Department, treaties, United Nations
After UN adoption, controversial cybercrime treaty’s next steps could prove vital
A divisive United Nations cybercrime treaty — one that critics say is a huge danger to human rights and that the United States cautiously agreed to advance — is now in the hands of member nations. The U.N. General Assembly adopted the treaty without a vote last week, leaving ratification to individual states. If the…
Asia Pacific, china, Commentary, critical infrastructure, Cybersecurity, cybersecurity harmonization, Federal Communications Commission, Geopolitics, Global Security News, Government, Salt Typhoon, Threats, White House
Feds lay blame while Chinese telecom attack continues
The United States’ telecommunications infrastructure has been infiltrated by actors affiliated with China. Some of our nation’s most powerful leaders have been targeted — including President-elect Donald Trump and Vice President-elect JD Vance. This is one of the most severe cybersecurity incidents against telecom the United States has ever been subject to, and — worse…
Asia Pacific, backdoors, china, Cyber Command, Geopolitics, Global Security News, Government, Microsoft Exchange, National Security Agency, National Security Agency (NSA), nsa, Salt Typhoon, telecoms, trojan
Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets
China’s national cyber incident response center accused the U.S. government of launching cyberattacks against two Chinese tech companies in a bid to steal trade secrets. In a notice Wednesday, the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT) said a suspected U.S. intelligence agency was behind the attacks, and that CNCERT had…
Central Intelligence Agency, Commerce Department, Geopolitics, Global Security News, Google, Kaspersky, Mastercard, Money, North America, Recorded Future, Russia, Ukraine
Russia bans cybersecurity company Recorded Future
Russia banned the cybersecurity company Recorded Future on Wednesday, labeling it an “undesirable” organization — much to its CEO’s delight. The company stands accused of collaborating with the Central Intelligence Agency, Ukraine and other countries. “They provide information and technical support for the propaganda campaign launched by the West against Russia,” Russia’s Office of Prosecutor…
APT41, Asia Pacific, backdoor, china, Cybercrime, Geopolitics, Global Security News, Government, malware, nation-state hackers, php, QiAnXin, Threats, Winnti
PHP backdoor looks to be work of Chinese-linked APT group
Cybersecurity researchers at a China-based cybersecurity company have uncovered an advanced PHP backdoor that suggests a new asset in the arsenal of Chinese-linked Advanced Persistent Threat group Winnti. Researchers at QiAnXin’s XLab discovered the backdoor, which they titled Glutton, targeting China, the United States, Cambodia, Pakistan, and South Africa. After initially discovering the malware in…
Amnesty International, Amnesty Tech, Cellebrite, Donald Trump, Donncha Ó Cearbhaill, Geopolitics, Global Security News, Norway, NoviSpy, NSO Group, pegasus, privacy, Serbia, Spyware, surveillance, Threats
Amnesty International exposes Serbian police’s use of spyware on journalists, activists
Serbian police and intelligence authorities have combined phone-cracking technology with spyware to eavesdrop on activists and journalists there, Amnesty International revealed in a report Monday, in what the human rights group says could be a disturbing preview of a future era of digital surveillance. Amnesty International’s 87-page document surveys the broader picture of digital spying…
china, Cybercrime, Department of Justice, Department of Justice (DOJ), Department of State, Geopolitics, Global Security News, Justice Department, Mandiant, North America, North Korea, North Korean IT workers, Russia, State Department, U.S. courts, U.S. Department of Justice, U.S. Department of State
Court indicts 14 North Korean IT workers tied to $88 million in illicit gains
A federal court has indicted 14 more North Korean IT workers as part of an ongoing U.S. government campaign to crack down on Pyongyang’s use of tech professionals to swindle American companies and nonprofits. The Justice Department said the 14 indicted workers generated at least $88 million throughout a conspiracy that stretched over approximately six…
atlantic council, Ben Ray Lujan, budget, CALEA, china, CISA, Congress, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), FCC, Federal Bureau of Investigation (FBI), Federal Communications Commission, Geopolitics, Global Security News, Government, Jerry Moran, Jessica Rosenworcel, John Thune, Justin Sherman, Money, National Defense Authorization Act, NDAA, Policy, regulation, Salt Typhoon, Senate Commerce Committee, Technology, Ted Cruz, telecommunications, telecoms
Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches
The $3 billion that Congress folded into the annual defense policy bill to remove Chinese-made telecommunications technology from U.S. networks would be a huge start to defending against breaches like the Salt Typhoon espionage campaign, senators and hearing witnesses said Wednesday. Federal Communications Commission Chairwoman Jessica Rosenworcel recently told Hill leaders that the $1.9 billion…
Cybersecurity, Exploits, Geopolitics, Global Security News, Microsoft, Research, Threats, Turla
Turla living off other cybercriminals’ tools in order to attack Ukrainian targets
A Russian nation-state threat actor has been observed leveraging tools from other cybercriminal groups to compromise targets in Ukraine, a recent report by Microsoft Threat Intelligence disclosed. This clandestine approach, which is the second time in as many weeks that Microsoft has highlighted the group’s effort, shows how Turla uses a wide range of attack…