cyberattack – WindowsTechs.com

China Sort of Admits to Being Behind Volt Typhoon

Posted on April 14, 2025 by Bruce Schneier

The Wall Street Journal has the story:

Chinese officials acknowledged in a secret December meeting that Beijing was behind a widespread series of alarming cyberattacks on U.S. infrastructure, according to people familiar with the matter, underscoring how hostilities between the two superpowers are continuing to escalate.

The Chinese delegation linked years of intrusions into computer networks at U.S. ports, water utilities, airports and other targets, to increasing U.S. policy support for Taiwan, the people, who declined to be named, said.

The admission wasn’t explicit:…

Continue reading China Sort of Admits to Being Behind Volt Typhoon→

A Guide to Security Investments: The Anatomy of a Cyberattack

Posted on March 12, 2025 by Torsten George

Organizations must recognize that security is not about the number of tools deployed, it is about ensuring those tools effectively disrupt the attack chain at every stage.
The post A Guide to Security Investments: The Anatomy of a Cyberattack appeared … Continue reading A Guide to Security Investments: The Anatomy of a Cyberattack→

Silk Typhoon Hackers Indicted

Posted on March 11, 2025 by Bruce Schneier

Lots of interesting details in the story:

The US Department of Justice on Wednesday announced the indictment of 12 Chinese individuals accused of more than a decade of hacker intrusions around the world, including eight staffers for the contractor i-Soon, two officials at China’s Ministry of Public Security who allegedly worked with them, and two other alleged hackers who are said to be part of the Chinese hacker group APT27, or Silk Typhoon, which prosecutors say was involved in the US Treasury breach late last year.

[…]

According to prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that have criticized the Chinese government, and most recently the US Treasury, which was breached between September and December of last year. An internal Treasury report …

Continue reading Silk Typhoon Hackers Indicted→

Hackers Take Credit for X Cyberattack

Posted on March 11, 2025 by Eduard Kovacs

Information is coming to light on the cyberattack that caused X outages, but it should be taken with a pinch of salt.
The post Hackers Take Credit for X Cyberattack appeared first on SecurityWeek.
Continue reading Hackers Take Credit for X Cyberattack→

Cyberattack Disrupts National Presto Industries Operations

Posted on March 7, 2025 by Ionut Arghire

National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions.
The post Cyberattack Disrupts National Presto Industries Operations appeared first on SecurityWeek.
Continue reading Cyberattack Disrupts National Presto Industries Operations→

Polish Space Agency Hit by Cyberattack

Posted on March 4, 2025 by Ionut Arghire

The Polish space agency POLSA says it has disconnected its network from the internet to contain a cyberattack.
The post Polish Space Agency Hit by Cyberattack appeared first on SecurityWeek.
Continue reading Polish Space Agency Hit by Cyberattack→

Cyberattack on Lee Enterprises Causes Disruptions at Dozens of Newspapers

Posted on February 11, 2025 by Eduard Kovacs

Dozens of local newspapers owned by media company Lee Enterprises experienced disruptions as a result of a cyberattack.
The post Cyberattack on Lee Enterprises Causes Disruptions at Dozens of Newspapers appeared first on SecurityWeek.
Continue reading Cyberattack on Lee Enterprises Causes Disruptions at Dozens of Newspapers→

UK Engineering Giant IMI Hit by Cyberattack

Posted on February 7, 2025 by Ionut Arghire

UK engineering firm IMI says it suffered a cyberattack that resulted in unauthorized access to some of its systems.
The post UK Engineering Giant IMI Hit by Cyberattack appeared first on SecurityWeek.
Continue reading UK Engineering Giant IMI Hit by Cyberattack→

On Generative AI Security

Posted on February 5, 2025 by Bruce Schneier

Microsoft’s AI Red Team just published “Lessons from
Red Teaming 100 Generative AI Products.” Their blog post lists “three takeaways,” but the eight lessons in the report itself are more useful:

Understand what the system can do and where it is applied.

You don’t have to compute gradients to break an AI system.

AI red teaming is not safety benchmarking.

Automation can help cover more of the risk landscape.

The human element of AI red teaming is crucial.

Responsible AI harms are pervasive but difficult to measure.

LLMs amplify existing security risks and introduce new ones…

Continue reading On Generative AI Security→