• Macron’s Secure Mobile Phone Compromised by Pegasus Spyware

    The secure smartphone of French president Emmanuel Macron was compromised by the Pegasus surveillance malware. It was surreptitiously installed by Moroccan intelligence operatives, who introduced the virus into the phones of former Prime Minister Edouard Philippe and fourteen other current and former French cabinet ministers.

  • Journalists, Activists among 50,000 Targets of Israeli Spyware: Reports

    Israeli cyber firm NSO Group claims that its Pegasus surveillance malware is sold to governments so they can better track terrorists and criminals, but many of the 45 governments deploying the surveillance software use it to track journalists, opposition politicians, and civil society activists. Some of these governments are authoritarian (for example, Azerbaijan, Bahrain, Kazakhstan, UAE, Saudi Arabia). Other are democracies (for example, India, Mexico, South Africa). The only EU member country to deploy the surveillance malware is Hungary, which places it in violation of the EU’s strict privacy and surveillance regulations.

  • China Spy Agency Using Contract Hackers to Extort, Destabilize Western Companies

    The United States and its allies in Europe and Asia have charged that China’s Ministry of State Security is employing criminal contract hackers to conduct cyber operations globally, from which the hackers personally profit. The activities include ransomware operations against private companies which are forced to pay millions in ransom demands to regain access to their data.

  • Germany Fights Cyberattacks and Fraud Claims to Ensure Fair Election

    Germany is in the middle of an election year that will see unprecedented use of mail-in ballots as well as hacker attacks against politicians. Election authorities reject claims of potential voter fraud.

  • Empty Threats and Warnings on Cyber

    It is not easy or simple to fashion a retaliation for cyberattacks, and the United States has been offering proof of that. For at least five years, the United States has been subject to a series of intensifying Russian cyberattacks, and public warnings by the Obama, Trump, and Biden administrations about the “consequences” for Russia have so far done little, if anything, to deter Russia. “Even if Biden responds to the latest ransomware operations, and he surely will, it is hard to see how he can impose pain enough to slow the operations while at the same time avoiding a serious risk of on-balance harmful escalation,” Jack Goldsmith writes.

  • Closing the Skills Gap in the Cyber Workforce

    There are currently more than three million unfilled cybersecurity jobs globally, and, as high-profile incidents like the Solar Winds attack demonstrate, it is vital to address that shortage. But it is difficult for organizations to find and recruit the cyber talent they need.

  • An Urgent NATO Priority: Preparing to Protect Civilians

    Russia’s hybrid warfare approach calls for attacking the populations of Russia’s adversaries not through WWII-like carpet bombing, but rather with a combination of disinformation campaigns, cyberattacks on critical infrastructure, supporting proxy forces, and backing terrorist attacks. “Should NATO prepare for this scenario? Absolutely,” Victoria Holt and Marl Keenan write.

  • Automatically Finding Buffer Overflow Vulnerabilities

    A typical buffer overflow occurs when a computer program receives a request to process more data than its physical memory is capable of handling all at once and places the excess into a “buffer.” The buffer itself has a finite capacity, so if the buffer can’t handle the excess, it “overflows,” or crashes.

  • The Kaseya Ransomware Attack Is a Really Big Deal

    If you’re not already paying attention to the Kaseya ransomware incident, you should be. Matt Tait writes that it is likely the most important cybersecurity event of the year. “Bigger than the Exchange hacks by China in January. Bigger than the Colonial Pipeline ransomware incident. And, yes, more important than the SolarWinds intrusions last year.”

  • Holding the World to Ransom: The Top 5 Most Dangerous Criminal Organizations Online Right Now

    Ransomware attacks are growing exponentially in size and ransom demand — changing the way we operate online. Understanding who these groups are and what they want is critical to taking them down. Here, we list the top five most dangerous criminal organizations currently online. As far as we know, these rogue groups aren’t backed or sponsored by any state.

  • Full Impact of Russian Ransomware Attack Hard to Estimate

    Hackers associated with the REvil gang, a major Russian ransomware syndicate have demanded $70 million in Bitcoin in exchange for a decryption tool to free the data of companies targeted, but also indicated they were willing to negotiate.

  • Ransomware Cyberattack Hits Hundreds of U.S. Businesses

    U.S. IT company Kaseya urged its customers to shut down their servers after hackers smuggled ransomware onto its network. Such attacks infiltrate widely used software and demand ransom to regain access. The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack.

  • With Cyberattacks Growing More Frequent and Disruptive, a Unified Approach Is Essential

    Coordinated cyberattacks can create massive disruptions to infrastructure and supply chains. New treaties are needed to prevent cyberwarfare, but it’s challenging to predict technological advances.

  • The Ideal Responses to Ransomware Attacks

    A ransomware attack is like a cyber hijacking, with criminals infiltrating and seizing an organization’s data or computer systems and demanding a payment or ransom to restore access.What is the best strategy to decrease the risk of digital extortion?

  • Building a Better “Canary Trap”

    A new artificial intelligence system generates fake documents to fool adversaries. The system automatically creates false documents to protect intellectual property such as drug design and military technology.