Tag: government
93 articles

GoSerpent Malware Targets Southeast Asian Governments for Espionage
A stealthy cyber threat, known as GoSerpent, has been secretly targeting Southeast Asian governments and diplomats since late 2025, with the goal of gathering sensitive intelligence. This sophisticated malware has been evolving, with a new set of malicious tools deployed as recently as May 2026.

Private 5G Networks Expose Government to Hidden Security Risks
Government agencies and military organizations risk exposing themselves to hidden security threats if they don't adopt a zero-trust approach to their private 5G networks, leaving them vulnerable to potentially devastating attacks. Without proper security measures in place, adversaries could gain unrestricted access to sensitive information and wreak havoc.

PhantomEnigma Campaign Exploits Hijacked Government Sites
The PhantomEnigma campaign has hijacked over 20 Brazilian government websites, turning them into malware delivery channels in a sophisticated multi-stage operation. This sneaky attack exploited trusted infrastructure to fly under the radar, using legitimate links and email accounts to spread malware.

CISA Bolsters Protections After Major Credential Leak
CISA swiftly sprang into action after discovering a major credential leak on May 15, taking swift and decisive steps to halt the breach and prevent further damage. By sharing their incident response experience, CISA aims to help other organizations bolster their defenses and avoid similar security mishaps.

Solution Architects Bridge Mission, Technology Gaps in Government
Solution architects play a vital role in bridging the gap between mission objectives and technology, ensuring that complex services are intuitive and accessible for citizens. By prioritizing user experience and mission goals, they turn policy and operations into real-world solutions that make a tangible impact.

Vantor Expands Global Reach with Spatial Intelligence Deals
Vantor is revolutionizing its approach, shifting from traditional satellite imagery to cutting-edge spatial intelligence solutions that cater to a diverse customer base, including national security and non-defense government agencies. This strategic overhaul has enabled the company to tap into the growing global demand for advanced spatial intelligence.

Federal Agencies Modernize Security with Zero Trust Architecture
Federal agencies are revolutionizing their security approach with Zero Trust Architecture, shifting from mere compliance to a robust operational framework that enables seamless mobility, cloud modernization, and AI-driven decision making. By embracing this cutting-edge strategy, leaders are transforming their organizations to stay ahead of emerging threats.

Governments Struggle to Secure Open-Source Software
The alarming reality is that years of underinvestment in open-source software security are catching up with us, with a new supply chain compromise emerging almost every week. A recent scan by Project Glasswing found over 6,000 high-risk vulnerabilities in popular open-source projects, but only a tiny fraction have been patched.

Federal Agencies Pivot to Human-Centered Modernization
To modernize effectively, federal agencies must put people first, prioritizing clear communication and collaboration to drive worker buy-in and prepare employees for success in new environments and roles. By doing so, they can reduce resistance to change and set themselves up for a smoother transition.

Fortinet and Ivanti Exploits Fuel LATAM Infrastructure Attacks
In a shocking revelation, a coordinated campaign dubbed Operation Escaneo has been exposed, targeting critical infrastructure across Mexico, Ecuador, and Portugal, with a staggering 3,708 sessions recorded over just 13 days. The attackers exploited vulnerabilities in Fortinet and Ivanti perimeter appliances to gain entry into government, tax authorities, utilities, transport, telecoms, and banks.

Earth Lusca Expands Arsenal with Windows SprySOCKS Malware
Chinese threat actor Earth Lusca has upgraded its malware arsenal with Windows SprySOCKS, a sneaky tool that lets hackers secretly send commands to compromised devices, allowing them to fly under the radar. This latest move has been linked to a string of high-profile attacks on government organizations worldwide.

French Govt Breach Exposes 73,000 Employees' Data
A major data breach at France's digital affairs directorate, DINUM, has exposed the sensitive information of 73,000 public-sector employees, affecting nearly 9% of the Tchap instant messaging platform's users. The breach compromised public chat rooms, user metadata, and shared files, but thankfully, private conversations remained encrypted and secure.

Mullin Targets 2,800 Staff for Optimal CISA Operations
Department of Homeland Security Secretary Markwayne Mullin aims to boost the Cybersecurity and Infrastructure Security Agency's effectiveness with a targeted workforce of 2,800 personnel, leveraging public partnerships and strategic grant usage to fortify national security.

Webworm APT Expands European Reach with Evolved Tactics
Meet Webworm, a China-aligned APT group that's now setting its sights on European governments and beyond, with a semi-opportunistic approach that's taken its targets to Belgium, Italy, Poland, Serbia, Spain, and even South Africa. This threat actor's evolved tactics signal a concerning expansion of its reach.

AI Models Force Government to Rethink Cybersecurity Risks
The government's approach to cybersecurity is at a critical reflection point, thanks to advanced AI models like Anthropic's Mythos, which present both risks and opportunities for agencies handling sensitive information. Collaboration between the government and vendors is crucial to navigate this new landscape.

ODNI Bolsters Election Security with New Coordination Leaders
The Office of the Director of National Intelligence (ODNI) has appointed two new leaders, Dave Mastro and James Cangialosi, to spearhead efforts to safeguard the 2026 midterm elections from threats. This move bolsters the ODNI's team of experts dedicated to protecting election integrity.

State CISOs Eroding Confidence Amid AI-Driven Threat Surge
State CISOs are losing faith in their ability to protect sensitive data, with confidence plummeting to just 22% - a drastic drop from 48% in 2022 - as AI-driven threats intensify. This sharp decline in confidence extends beyond state governments, with 63% of CISOs also doubting the ability of local governments and public higher education institutions to safeguard public data.

Ramirez Assumes Top House Cybersecurity Post Amid Election Security Push
Rep. Delia Ramirez takes the reins as top Democrat on the House Homeland Security panel's cybersecurity subcommittee, vowing to put election security and Americans' data protection at the forefront. She steps into the role with a clear warning: the current administration's lax approach to cybersecurity won't fly on her watch.

Zero Trust Stalls at Data Movement Bottleneck
The moment data crosses a boundary, it's often assumed to be trustworthy - but that's exactly where attackers strike, exploiting this blind spot with alarming success. A recent Cyber360 survey reveals that 53% of security leaders still rely on manual processes to move sensitive data, leaving a gaping Zero Trust gap that's ripe for exploitation.

Pentagon Bolsters AI Arsenal with Google's Latest Model
The Pentagon has supercharged its AI capabilities with Google's cutting-edge model, Gemini 3.1 Pro, now available on its enterprise generative-AI platform, GenAI.mil, marking a major milestone in American AI innovation. This powerful tool is set to revolutionize defense operations and will also be accessible to federal government users.

Section 702 Surveillance Law Faces Looming Expiration Amid Discord
Congress rewrote Section 702 surveillance law with 56 changes in 2024, but now faces a renewal crisis as the statute nears expiration, with supporters and critics at odds over the very data that should guide its future. With the law set to expire, lawmakers must navigate a bitter debate with no shared factual baseline.

CERT-UA Warns of Data-Theft Malware Campaign Targeting Ukraine's Healthcare and Government
A sinister new malware campaign has set its sights on Ukraine's healthcare and government institutions, putting sensitive information at risk and threatening the very clinics and emergency hospitals people rely on. CERT-UA has sounded the alarm on this data-theft operation, which has already compromised municipal healthcare institutions and government bodies with stealthy malware.

Malware Abuses Signed Software to Disable Antivirus Protections
Thousands of vulnerable endpoints across schools, utilities, governments, and hospitals have fallen prey to a sneaky malware that masquerades as legitimate software, only to disable antivirus protections and wreak havoc with SYSTEM-level privileges. This stealthy attack has left countless organizations defenseless against further threats.

UK to Spend £630K on Digital ID Public Consultation Panel
The UK government is investing £630,000 in a people's panel to gather public feedback on its proposed digital identity scheme, aiming to address concerns and build trust in the new system. But will this hefty price tag buy genuine public engagement or just political cover?