Chinese hackers who penetrated U.S. telecoms likely haven't been fully evicted partially due to shifting tactics made in response to public disclosures, federal officials said Tuesday. Industry and government investigators have revealed in dribs and drabs a campaign of Beijing telecom hacking.
The European Commission on Thursday opened infringement procedures against 23 EU member states that missed a mid-October deadline for implementing the NIS2 Directive, as well 24 EU members that missed a Critical Entities Resilience Directive deadline.
T-Mobile disputed claims Wednesday that Chinese state-sponsored hackers breached its systems and stole customer data, warning that some U.S. communications networks may still be compromised and detailing how its layered defenses and third-party cybersecurity partnerships thwarted the attack.
The White House on Friday hosted U.S. telecommunications executives to review the country's cyber resilience posture and share intelligence pertaining to China's "significant cyberespionage campaign targeting the sector," which the FBI continues to probe.
The U.S. cyber defense agency is urging critical infrastructure operators to learn from the experience of a volunteer red teaming test and not rely too heavily on host-based endpoint detection and response solutions at the expense of network layer protections.
The United States Coast Guard is continuing to warn of significant security risks embedded in ship-to-shore cranes developed by companies with ties to Beijing while issuing new sensitive requirements for ports operating Chinese-made cranes across the country.
A panel of cybersecurity experts and top industry officials pushed lawmakers and the federal government to step up their defenses against escalating cyberthreats from China, citing recent high-profile examples of evidence that Beijing is increasingly targeting the U.S. with sophisticated attacks.
The world's largest telecommunications carrier, T-Mobile U.S., said it was targeted as part of a wide-ranging cyberespionage operation the U.S. government attributes to China but has found no sign of data access or theft. Other known victims of the campaign include AT&T, Verizon and Lumen.
The Environmental Protection Agency inspector general said over 100 million Americans depend on drinking water systems exposed to cybersecurity flaws that could allow hackers to "disrupt service or cause irreparable physical damage to drinking water infrastructure."
The Australian government is alerting critical infrastructure providers that state-sponsored actors are positioning malware in their networks that can be weaponized to disrupt operations during major crises or a military conflict. The hackers employ living-off-the-land technique to avoid detection.
The FBI and Cybersecurity and Infrastructure Security Agency released an update on their ongoing investigation into a Chinese-linked "broad and significant cyberespionage campaign" that the agencies said targeted private communications of government and political figures.
French multinational Schneider Electric disclosed critical vulnerabilities in its Modicon M340, Momentum and MC80 programmable automation controllers. The vulnerabilities could allow unauthorized access, data manipulation and system interruptions.
Vulnerabilities in a smart building energy management system including an easily exploitable, two-year-old flaw that hasn't been widely patched could let hackers take over instances misconfigured to allow internet exposure. The flaws affect Cylon Aspect software from electrical engineering firm ABB.
Security teams face a critical challenge: daily alert volumes are overwhelming their capacity to respond. From 2020 to 2023, alerts not investigated jumped from 37% to 54% — a crisis that persists despite increased security spending. The solution isn't throwing more money or tools at the problem.
This whitepaper...
Cybercriminals know that big targets like major financial services and healthcare organizations have robust defenses around their own assets. But access to that data is also possible through the dozens or even hundreds of SaaS applications and other IT providers that businesses rely on.
Check out this whitepaper to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.