intelligence agencies | Breaking Cybersecurity News | The Hacker News

U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten , which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described as connected to the government of Iran and uses an Iranian information technology (IT) company, Danesh Novin Sahand, likely as a cover. "Their malicious cyber operations are aimed at deploying ransomware attacks to obtain and develop network access," the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Department of Defense Cyber Crime Center (DC3) said . "These operations aid malicious cyber actors in further collaborating with affiliate actors to continue deploying ransomware." Targets of the attacks include education, finance, hea...

WikiLeaks has just published another Vault 7 leak, revealing how the CIA spies on their intelligence partners around the world, including FBI, DHS and the NSA, to covertly collect data from their systems. The CIA offers a biometric collection system—with predefined hardware, operating system, and software—to its intelligence liaison partners around the world that helps them voluntary share collected biometric data on their systems with each other. But since no agency share all of its collected biometric data with others, the Office of Technical Services (OTS) within CIA developed a tool to secretly exfiltrate data collections from their systems. Dubbed ExpressLane , the newly revealed CIA project details about the spying software that the CIA agents manually installs as part of a routine upgrade to the Biometric system. The leaked CIA documents reveal that the OTS officers, who maintain biometric collection systems installed at liaison services, visit their premises and se...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Vodafone , the world's second-largest mobile carrier with more than 400 million customers around the world has issued its first " Law Enforcement Disclosure Report ", reveals that the governments in some of the countries it operates, have direct access to its network allowing them to listen to all conversations. The Company has broken its silence on government surveillance and after Snowden's revelations about NSA , this is the only most comprehensive transparency report ever published by an International company detailing that how some Governments are taking advantage of their laws to infiltrate citizens privacy. Vodafone operates in 29 countries, where the government agencies need legal notices to tap into customers' communications, but some of those countries are actually tapping directly into their network, without any need for a warrant or any explanation. There are many countries like Albania, Egypt, Hungary, India , Malta, Qatar, Romania, South Africa and Turk...

The United States charged two men for their involvement in a conspiracy to hack into the computer systems of dozens of government and commercial organizations, including the U.S. Navy and National Geospatial-Intelligence Agency (NGA), according to the U.S. Attorney's Office in Tulsa. On Monday, the U.S. Department of Justice announced that the 27 year old Virginia man, Nicholas Knight , who served as systems administrator in the nuclear reactor department of an aircraft carrier, was one of two individuals charged with one count of conspiring to hack the computer systems of about 30 public and private organizations, while he was active in his duty as a Navy member. Along with Knight, a 20 year old Illinois man, Daniel Krueger, who was a student at an Illinois community college where he studied network administration, was also charged with the conspiracy count for his participation to hack into the computer servers as part of a plan to steal identities, obstruct justice,...

Think twice before using some words like ' Bomb ', ' Attack ', ' Blast ' or ' kill ' in your Facebook status update, tweets or emails, because this may flag you as a potential terrorist under a surveillance project of Indian Security agencies. This Indian Internet surveillance project named as NETRA ( Network Traffic Analysis) ,   capable of detecting and capture any dubious voice traffic passing through software such as Skype or Google Talk, according to  the Economic Times . In Hindi, NETRA means " eye " and this project is an Indian version of PRISM i.e. A spying project by US National Security Agency (NSA), that also allows the government to monitor the Internet and telephone records of citizens. Reportedly, NETRA is under testing right now by the Indian Intelligence Bureau and Cabinet Secretariat and after on success will be deployed by all Indian National security agencies. Centre for Artificial Intelligence and Robotics (CAIR), a lab under Defe...

On Wednesday, Chief of National Security Agency (NSA) , General Keith Alexander defended US surveillance programs as part of a Noble Mission to protect the nation. He said that the collection of bulk phone records by U.S. Intelligence agencies are essential to preventing terrorist attacks. He referenced the criticism thrown at the intelligence services in late 2001 for not connecting the dots that led up to the Sept. 11 attacks. " We need our nation to understand why we need these tools, and what those tools mean for civil liberties and privacy and what they mean to defend this country, " General Keith Alexander said during a keynote speech at the Billington Cyber Security Summit in Washington. In recent months NSA has been targeted for severe criticism from privacy advocates, members of Congress and foreign allies of America, whose citizens may have been targets of this surveillance. Alexander pleaded for support of NSA programs during his speech at ...

Belgacom , the largest telecommunications company in Belgium today announced that their IT Systems were hacked and infected with an unknown Malware . In order to eliminate that virus effectively, they clean up the entire system. The company also highlights that they have no indication of any impact on their telecommunication services, customer and employee data. According to the complexity of the malware, it appears to be the work of a state-sponsored entity. Belgacom which handles some of the undersea cables that carry voice and data traffic around the world, so the NSA or Britain's GCHQ could be behind the intrusion. That traffic would be a likely target for an attacker. The attack reportedly affected a few dozen machines on Belgacom's network, including some servers and the intrusion had been active for as long as two years by the time the Belgian company discovered it. Hacked data might help intelligence agencies to gather data on communications coming fr...

New issue of English-language al-Qaeda magazine posted on the terror group's website earlier this week linked to the Boston terrorist attacks has possibly been hacked by Western intelligence agencies and its content beyond its cover page was scrambled. The magazine, produced by al Qaeda's Yemeni affiliate, al Qaeda in the Arabian Peninsula, which regularly includes how-to instructions for followers to carry out terrorist attacks in the West, has received significant scrutiny in recent weeks. Investigators believe that Boston bomber Tamerlan Tsarnaev accessed Inspire magazine, and the material had instructions on bomb-making, a law enforcement official said.  According to analysts , the explosive devices the Boston bombers built had striking similarities to a bomb recipe in the first issue of the magazine, " How to build a bomb in your Mom's kitchen ", that has been downloaded by militants in multiple Islamist terrorist plots. Previous issu...