New Phishing Kit Hijacks WordPress Sites for PayPal Scam
Attackers use scam security checks to steal victims' government documents, photos, banking information, and email passwords, researchers warn.
Stay informed on government cyber security initiatives, policy changes, and threats. Your source for the latest in government infosec news and updates.
Search across headline titles and summaries.
Background for this topic.
Government encompasses public institutions and the systems used to administer services, enforce laws, manage public funds, and protect classified or otherwise sensitive information. Its distinctive assets include identity and benefits records, tax and health data, diplomatic material, election infrastructure, and operational technology supporting utilities or emergency services. Availability and integrity can be as important as confidentiality: outages or altered records may disrupt essential services, public safety, or legal processes.
Security therefore spans citizen-facing portals, internal networks, remote access, contractors, and shared infrastructure, including systems that depend on legacy technology or tightly connected suppliers. Espionage, credential compromise, exploitation of unpatched vulnerabilities, and disruptive attacks are material risks, though exposure varies by agency and system. Useful controls include strong identity management, network segmentation, encryption, privacy safeguards, prioritized vulnerability management, tested backups, and rehearsed incident response. Procurement rules, records obligations, and sector-specific compliance also shape how agencies collect, retain, share, and investigate data.
Attackers use scam security checks to steal victims' government documents, photos, banking information, and email passwords, researchers warn.
A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos. [...]
Nation-state hacking groups aligned with China, Iran, North Korea, and Turkey have been targeting journalists to conduct espionage and spread malware as part of a series of campaigns since early 2021
The ICO found that the use of WhatsApp and other messaging services in government carries significant risks
QuSecure’s QuProtect leverages unique post-quantum cryptographic algorithm on government legacy systems to achieve world’s first and only post-quantum resilient channel within a government facility.
This was the first case in which a former employee attempted to bring action on a government’s behalf for alleged cybersecurity fraud
The poll is published as the UK government moves forward with its Online Safety Bill
Sure, stuff got done fast – but personal information was put at risk The UK Information Commissioner's Office (ICO) on Monday issued a reprimand and called for a review of how and whether messaging services should be used for government business practices, after finding widespread and potentially dangerous use of private email, WhatsApp and other messaging tools by officials at the Department of Health and Social Care (DHSC).…
Former Aerojet Rocketdyne employee cites failure to meet minimums for NASA, Pentagon Aerojet Rocketdyne, which makes propulsion and power systems for launch vehicles, missiles and satellites for NASA and the US military, has agreed to pay $9 million to settle charges it misrepresented its products' compliance with cybersecurity requirements in federal government contracts.…