After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it looks like it’s up to the private sector to find the cash to keep it going.
Автор: Becky Bracken, Senior Editor, Dark Reading
Chinese APTs Exploit EDR ‘Visibility Gap’ for Cyber Espionage
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here’s how experts say you can get eyes on i…
Gmail Is Not a Secure Way to Send Sensitive Comms: A Friendly Reminder
New end-to-end Gmail encryption alone isn’t secure enough for an enterprise’s most sensitive and prized data, experts say.
CoffeeLoader Malware Is Stacked With Vicious Evasion Tricks
Next-level malware represents a new era of malicious code developed specifically to get around modern security software like digital forensics tools and EDR, new research warns.
Chinese Hacker Group Tracked Back to iSoon APT Operation
The group, called FishMonger or Aquatic Panda, is working under contract for the Chinese government to steal data from governmental organizations, Catholic charities, NGOs, think tanks, and more.
Meet the Low-Key Access Broker Supercharging Russian State Cybercrime
Raspberry Robin breaks into organizations and sells access to Russian threat actors, including the military cyber unit behind attempted coups, assassinations, and influence operations throughout Europe.
What CISA’s Red Team Disarray Means for US Cyber Defenses
DOGE is making wild moves at CISA, including bringing back fired probationary employees only to put them on paid leave, and reportedly gutting the agency’s red teams.
TikTok’s Teen Data Use Probed by UK Regulators
Investigators at the ICO are looking into how (or if) TikTok, as well as Reddit and Imgur, are enforcing UK privacy protections for 13- to 17-year-old users.
Microsoft Busts Hackers Selling Illegal Azure AI Access
LLMjacking operation leveraged illicit access GenAI services to produce explicit celebrity images and other harmful content, Microsoft’s digital crimes unit says.
Hackers Can Crack Into Car Cameras in Minutes Flat
It’s shockingly simple to turn a car dashcam into a powerful reconnaissance tool for gathering everyday routine and location data, researchers warn.