X-Industry

On 7 January 2025, the US government announced the launch of the US Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the US Federal Communications Commission (FCC) said. "Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear a label including a new 'US Cyber Trust Mark.'"

As part of the effort, the logo will be accompanied

Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most attributed to Chinese state-backed hackers. This represents double the daily average from 2023, which saw 1.2 million daily attacks targeting government networks, Taiwan’s National Security Bureau said in a new report. “Although many of those attacks have been effectively detected and blocked, the growing numbers of attacks pinpoint the increasingly severe nature of China’s hacking activities,” t

China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the US and its allies.  The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, accused the US federal government, intelligence agencies, and Five Eyes countries of conducting cyber espionage activities against China, France, Germany, Japan, and internet users globally.  Remember, t

Advanced Persistent Threat (APT) actors have exploited known vulnerabilities in Zoho ManageEngine and Fortinet VPN products to hack an organization in the aeronautical sector, according to a joint report from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Cyber Command’s Cyber National Mission Force (CNMF).  Impacting more than 20 on-premises Zoho ManageEngine products, the first bug, tracked as CVE-2022-47966 (CVSS score of 9.8), allows remote attackers to execute

The newly discovered Chinese nation-state actor known as Volt Typhoon has been observed to be active in the wild since at least mid-2020, with the hacking crew linked to never-before-seen tradecraft to retain remote access to targets of interest.  The adversary consistently employed ManageEngine Self-service Plus exploits to gain initial access, followed by custom web shells for persistent access and Living-off-the-Land (LotL) techniques for lateral movement.  Another name for this threat is Van

Technology has long been seen as a source of disruption to our lives, communities, and civilizations, provoking disruptive change at all scales, from individuals' routine daily activities to dramatic competition between global superpowers.  This disruption can have positive and negative effects, although often unevenly distributed across different groups.  New technologies, including Artificial Intelligence, Quantum computing, ChatGPT, and social media, have transformed the intelligence communit

The U.S. needs to devise ways to counter Chinese cyber activity including the theft of intellectual property and cyberattacks on government networks and critical infrastructure that poses a direct threat to U.S. national security, according those who testified at a Senate hearing this first week in August 2021.  All organizations need to take immediate steps to stop cyber breaches to protect their data and intellectual Property.  The government cannot curb or stop it, so it is in the hands of al

Wells Fargo, the fourth-largest bank in the US, has directed employees to remove the TikTok social media app from their company-issued devices, citing security concerns. The bank's move to ban the app on corporate devices comes on the heels of Amazon, sending very mixed signals to its employees about whether they should remove TikTok from their company-issued devices. 

Amazon said in a memo asking employees to remove the app was initially sent in error, an Amazon spokesperson told media sources.