International Atomic Energy Agency | Breaking Cybersecurity News | The Hacker News

Hackers and malware are everywhere, waiting for you around every corner of the Internet. The International Atomic Energy Agency (IAEA) , which holds highly sensitive information and plays a key role in global efforts to prevent the spread of nuclear weapons, said on Tuesday that some of its computers were infected by malicious software, during the past several months. Malware can typically be used by cyber-attackers to gain remote access to systems, or to steal data, however spokesman Serge Gas said . " No data from the IAEA network has been affected ." The computers were located in common areas of the agency's Vienna headquarters, known as the Vienna International Centre (VIC). A third-party technician or visitor with the USB-drive infected with crimeware can be used to infect the system. " The (IAEA) secretariat does not believe that the USB devices themselves were infected or that they could spread the malware further " he said. Last November, the IAEA rev...

The UN nuclear watchdog has acknowledged one of its former computer servers had been hacked. The stolen information was contained in a statement by a group with an Iranian-sounding name calling for an inquiry into Israel's nuclear activities. The International Atomic Energy Agency (IAEA) is investigating Iran's nuclear program. A group called Parastoo Farsi for the swallow bird and a common Iranian girl's name claimed responsibility for posting the names on its website two days ago. The group had been known to be critical of Israel's undeclared nuclear weapons program. " The IAEA deeply regrets this publication of information stolen from an old server that was shut down some time ago ," agency spokesperson said and agency experts had been working to eliminate any " possible vulnerability " in it even before it was hacked. Israel and the United States accuse Iran of seeking to develop a nuclear weapons capability, a charge Tehran denies, and says the Islamic state is th...

The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture.  The solution is more complex. For this article, we'll focus on the device threat vector. The risk they pose is significant, which is why device management tools like Mobile Device Management (MDM) and Endpoint Detection and Response (EDR) are essential components of an organization's security infrastructure. However, relying solely on these tools to manage device risk actually creates a false sense of security. Instead of the blunt tools of device management, organizations are looking for solutions that deliver device trust . Device trust provides a comprehensive, risk-based approach to device security enforcement, closing the large gaps left behind by traditional device management solutions. Here are 5 of those limitations and how to ov...