
The ‘16 billion password breach’ story is a farce
Experts told CyberScoop the research ‘doesn’t pass a sniff test’ and detracts from needed conversations around credential abuse and information stealers.
Experts told CyberScoop the research ‘doesn’t pass a sniff test’ and detracts from needed conversations around credential abuse and information stealers.
They weren’t in any hurry, according to Citizen Lab, and used an interesting attack vector. Google Threat Intelligence Group also provided details on the attacks.
Leatherman, a 22-year FBI veteran, has been heavily involved in cyber investigations as section chief and deputy assistant director over the past three years.
A Vietnam-based group has spread thousands of advertisements, fake websites and social media posts promising access to popular prompt-to-video AI generation tools, delivering infostealers and backdoors instead.
An apparent bureaucratic contract snafu has sparked a fire under experts trying to save the CVE program from the precarity of a single government funder. One rival to the existing program says it is ready to launch in December.
The Take It Down Act received rare levels of bipartisan support in the House and Senate, but critics fear enforcement could threaten First Amendment protections and unduly burden smaller companies and encrypted applications.
In a statement to CyberScoop, acting Director Bridget Bean said that encouraging the private sector to build more secure products will continue to be a priority at the agency.
UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.
The Chinese state-backed espionage group started targeting third-party IT services in late 2024, Microsoft researchers said.
The experienced cyber and IT government hand takes on a role leading the cybersecurity half of the agency.