Blog
-
Amidst Executive Order Spree, Trump Rescinds 2023 Directive on AI Risks
The now-repealed Executive Order 14110 was issued on Oct. 30, 2023 and applied to the country’s leading AI developers, requiring them to share the results of internal safety tests with the federal government and keep them apprised of any AI risks applicable to national security.
-
Breach of US Treasury Exposed Contents of Secretary Janet Yellen’s Computer to Chinese Hackers
The December breach of the US Treasury by Chinese hackers apparently included theft of information from Secretary Janet Yellen’s computer, according to anonymous official sources speaking with Bloomberg News.
-
Biden’s Final Cybersecurity Executive Order Stresses Software Design Security, Federal Agency Preparedness
After nearly four years of heavy activity on US cyber defense, the Biden administration has wrapped up its term with one more sprawling cybersecurity executive order that beefs up federal agencies.
-
UK Proposals Under Consideration Could Ban Ransomware Payments for Public Sector, Strengthen Reporting Requirements
The longtime debate about whether or not ransomware payments should be made illegal has been revived in the UK. If the UK passes the strictest of the new Home Office proposals for the public sector, it would be the first major economy to extend bans on payments this far.
-
Chinese Hacking Group Exploits Zero-Day in Ivanti Connect Secure VPN Appliances
Cybersecurity firm Mandiant has issued a warning advising that a suspected Chinese threat actor is behind exploits of Ivanti Connect Secure VPN appliances that make use of zero-day CVE-2025-0282.
-
List of US Telecom Companies Breached by Salt Typhoon Grows
Add Charter Communications, Consolidated Communications and Windstream to the list of US telecom companies compromised by the Salt Typhoon hacking campaign.
-
Stolen API Key Provided Chinese State-Sponsored Hackers With Opening Into US Treasury Department Workstations
Officials from the US Treasury Department have said that the Chinese state-sponsored hackers used a stolen API key, taken from a third-party security and technical support contractor.
-
Stolen Crypto Haul for North Korean Hackers Totals $1.34 Billion in 2024
North Korean hackers have set another record for themselves in 2024, topping all previous campaigns with $1.34 billion of stolen crypto.
-
Pegasus Spyware Found to Have Violated Hacking Laws in WhatsApp Lawsuit
Meta has prevailed in a long-running lawsuit centered on the NSO group’s use of WhatsApp to deliver its Pegasus spyware, and the judge is not only awarding damages but has found that both state and federal hacking laws were violated.
-
600 Stolen Passwords From UK Ministry of Defence Appear on Dark Web, Attributed to Russian Hackers
Russian hackers have been taking passwords from the UK’s Ministry of Defence (MoD) for at least the past four years, though the campaign has been rather slow; only about 600 stolen passwords of the roughly 250,000 users of the Defence Gateway portal.