Cyber Threats
US agencies assessed Chinese telecom hackers likely hit data center and residential internet providers
Data center giant Digital Realty and mass media titan Comcast were documented as likely victims of the Salt Typhoon cyberespionage group, people familiar say, marking a potentially major expansion of the group’s initial telecom hacking campaign discovered last year.
China-linked ‘Silk Typhoon’ hackers accessed Commvault cloud environments, person familiar says
The hacking unit previously infiltrated Treasury Department networks and compromised some of the agency’s most sensitive systems.
US, international and industry partners topple infrastructure of popular info-stealer malware
The collaborative effort worked to seize the takedown of some 2,300 domains that backed the web infrastructure of Lumma Stealer, sold to help hackers steal passwords and deploy ransomware around the world.
US should rethink current views of Russia’s cyber might, new report says
A think tank paper argues that Moscow’s network of hackers is more fragmented than U.S. officials once believed — a dynamic that may have led to exaggerated expectations of Russia’s cyber capabilities during its 2022 Ukraine invasion.
DHS head says she’s alarmed CISA doesn't know more about Salt Typhoon hacks
“The thing that has alarmed me the most about CISA is the lack of information that they have, the lack of solutions that they have, and how they protect our critical infrastructure,” Homeland Security Secretary Kristi Noem told members of the House Homeland Security Committee.
US and Netherlands seize network providers that helped hackers mask activities
The Justice Department and Dutch law enforcement shuttered 5socks and Anyproxy, services with Russian ties that sold proxies to cybercriminals. Lumen provided internet backbone data to the agencies.
Signal clone used by Waltz to archive messages suspends services after reported hack
Smarsh, the Oregon-based owner of TeleMessage, said Monday it was “investigating a potential security incident” and suspended its services out of an abundance of caution.
Top NSC official wants to normalize offensive hacking as tool of US might
At the RSAC Conference, Alexei Bulazel said hacking back against adversaries could be the new norm for America’s cyber strategy. He signaled support for various federal cyber offices, but acknowledged they’d be geared in the direction of Trump-era goals.
Salt Typhoon hacks ‘a wake up call’ to secure telecom services, lawmakers say
The Cyber Safety Review Board was in the middle of investigating the Salt Typhoon hacks when it was disbanded in January. Rep. Doris Matsui, D-Calif., said the board’s termination “leaves in limbo” the government’s probe into the breach.
Mounting cyber defense in the face of unexpected staff reductions
Strategies for dealing with cybersecurity challenges hitting agencies right now.
FBI asks public for tips about Salt Typhoon telecom hacks
Salt Typhoon accessed at least nine U.S. telecom firms and their systems that facilitate legal access requests for law enforcement.
Driving efficiency while improving federal agencies’ cybersecurity postures
COMMENTARY | A lopsided labor-to-technology spending ratio is just one challenge agencies have to take on.
User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says
The blocked login attempts, detailed in an extensive whistleblower complaint filed to the Senate Intelligence Committee and others, may indicate foreign adversaries have begun leveraging DOGE inroads into sensitive federal systems.
Featured eBooks
How cyber vulnerabilities and workforce cuts threaten the crisis lifeline program
A bipartisan, bicameral measure is hoping to prevent cyber incidents from limiting access to the 988 Suicide and Crisis Lifeline after a 2022 attack on a system operator disrupted calls to the hotline.
Treasury regulatory office reports ‘major information security incident’
The disclosed breach into the Office of the Comptroller of the Currency comes just months after another incident involving Chinese hacks into Treasury Department offices.
Tariffs create more volatile environment for cyberattacks, industry executive warns
Tenable Co-CEO Steve Vintz told Nextgov/FCW that the potential trade wars stoked by the Trump administration’s tariffs facilitate conditions that incentivize hacking activity around the globe.
Cyber label program could expand past consumer goods, FCC commissioner predicts
Nathan Simington, the junior Republican on the Federal Communications Commission, said a Biden-era cybersecurity labeling program could expand to cover wireless and industrial products.
Contractors could hack back against adversaries, top cyber Democrat says
Rep. Eric Swalwell, D-Calif., said the federal government can’t protect everyone and the concept of asking private sector security companies to conduct offensive cyber operations is worth exploring.
Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors
Nearly 880 spoofed domains of worldwide IT, defense and aerospace firms were identified between December and March, DomainTools Investigations says.
Exclusive
Lawmakers seek DHS records in probe of US response to Chinese cyber campaigns
The House Homeland Security Committee wants DHS to provide internal documents on China’s Volt and Salt Typhoon hacking units, according to a letter being sent Monday.
Republicans urge Trump admin to launch offensive cyber operations against China
The letter cites high-profile Chinese intrusions into U.S. systems that have made headlines in recent months. Trump’s national security officials have expressed a desire to engage in offensive cyber ops against adversaries.
