The secret meeting took place in Geneva in December 2024. The source says that the remarks were "indirect" and "somewhat ambiguous," but were enough to implicate Volt Typhoon and the Chinese government in the cyber attacks that have plagued US critical infrastructure.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Sensata Technologies, a manufacturer of mission-critical sensors and electrical protection components, has suffered a ransomware attack that disrupted various operations.
Planned Parenthood lab services provider Laboratory Services Cooperative (LSC) has disclosed a data breach that exposed the health data of 1.6 million people after hackers breached its systems.
MITRE, which has its headquarters in the US, has relied on federal funding for decades. Its contract for the development of the CVE program ended on April 16. The contract extension, put in place just before the deadline, grants it at least 11 more months of life.
WK Kellogg Confirms Data Breach from Cleo Managed File Transfer System Attributed to Clop Ransomware
U.S. food giant WK Kellogg Co. has disclosed a data breach that affected Cleo, a third-party managed file transfer system that allowed a threat actor to access sensitive information.
A June 2023 security breach at the Treasury's Office of the Comptroller of the Currency led to the theft of over 150,000 emails from about 100 accounts, but the damage is possibly more extensive as the hackers likely lurked in the bank regulator's systems into early 2025.
About half a million dollars was taken from retirement accounts in an early April cyber attack on Australia's largest superannuation funds, information first shared by an anonymous inside source that provided details to the media.
Oracle Health data breach stemming from a legacy server affected multiple hospitals and healthcare organizations, potentially leaking sensitive patient information.
Users of the Windows version of WhatsApp are being warned by Meta to update to the latest version to patch a flaw that attackers could exploit. The WhatsApp vulnerability involves use of a malicious attachment to execute arbitrary code.
CISA warns about the fast flux DNS evasion technique used by ransomware gangs and state-sponsored threat actors to shield cybercrime infrastructure, threatening national security.