The Combined Federal Campaign Pledge Period is Closing Soon!

Once there, click DONATE to give via payroll deduction, credit/debit, or an e-check.
Last year, 175 members of the CFC community raised over $34,000 for EFF's initiatives fighting for free expression and privacy online.
In a year with many threats popping up to our digital rights, we need your support now more than ever.
Made great strides in passing protections for the right to repair your tech, with the combined strength of innovation advocates around the country.
Launched our Red Flag Machine, a quiz that illustrates the inaccuracies of student monitoring tools and the surveillance many students face.
Exposed the sketchy malware that comes pre-installed on many low-budget tablets purchased from vendors like Amazon.
Pushed California to limit law enforcement's over-sharing of license plate reader data with out-of-state and federal agencies.
Authored Privacy First, EFF's guide to a comprehensive data privacy law, which would fix many of the underlying issues of today's internet.
Federal employees and retirees have a tremendous impact on the shape of our democracy and the future of civil liberties and human rights online.


This Cyber News was published on www.eff.org. Publication date: Wed, 06 Dec 2023 21:13:05 +0000


Cyber News related to The Combined Federal Campaign Pledge Period is Closing Soon!

CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
7 years ago
The Combined Federal Campaign Pledge Period is Closing Soon! - Once there, click DONATE to give via payroll deduction, credit/debit, or an e-check. Last year, 175 members of the CFC community raised over $34,000 for EFF's initiatives fighting for free expression and privacy online. In a year with many threats ...
11 months ago Eff.org
Bill Would Require Privacy Compliance For Period-Tracking Apps - With a fast-growing number of users, period-tracking apps have opened up a new way for people to track their menstrual cycle and other vital health information. But, are they securely storing and protecting user data? A bill introduced in Congress ...
1 year ago Securityweek.com
Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
9 months ago Darkreading.com
Majority of Gao's Cybersecurity Recommendations Not Implemented by Federal Agencies - The Government Accountability Office has recently reported that federal agencies have been slow to implement a majority of the recommendations it made for improving the cybersecurity of federal agencies. Despite the implementation progress at some ...
1 year ago Securityweek.com
CISA Seeks Public Comment on Newly Developed Secure Configuration Baselines for Google Workspace - As federal civilian agencies continue to modernize IT enterprises, increased reliance on cloud services, platform services, and external providers has introduced new types of risks. Recent threat activity from groups such as Storm-0558 have ...
11 months ago Cisa.gov
Chinese hacking documents offer glimpse into state surveillance - Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government - a trove that catalogs apparent hacking ...
9 months ago Apnews.com
CISA warns of actively exploited Juniper pre-auth RCE exploit chain - CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain. The alert comes one week after Juniper updated its ...
1 year ago Bleepingcomputer.com
Cybercriminals expand targeting of Iranian bank customers with known mobile malware - Researchers have uncovered more than 200 fake mobile apps that mimic major Iranian banks to steal information from their customers. The campaign was first discovered in July of this year, but since then, the cybercriminals have expanded their ...
1 year ago Therecord.media
Global malspam targets hotels, spreading Redline and Vidar stealers - The latest global malspam campaign targets the hotel industry, emphasizing the need to stay alert against such attacks at all times. Cybersecurity researchers at Sophos X-Ops have issued a warning to the hospitality industry about a sophisticated ...
11 months ago Hackread.com
CVE-2024-46848 - In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perfevents: irq loop stuck! WARNING: CPU: 31 PID: 32438 at ...
2 months ago Tenable.com
Best Strategies for Avoiding Security Breaches in the U.S. Federal Agencies - U.S. federal agencies are an appealing target for malicious actors and hackers, so it is important for them to be equipped with the best tactics to prevent security breaches and data losses. In this article, we will cover how hackers use legitimate ...
1 year ago Heimdalsecurity.com
DocuSign scam targeted more than 10,000 inboxes: report - Scammers used a malicious DocuSign document in a campaign that tried to steal credentials belonging to more than 10,000 people across several organizations. Researchers at cybersecurity company Armorblox said the brand impersonation campaign targeted ...
1 year ago Therecord.media
Qbot malware returns in campaign targeting hospitality industry - The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over the summer. In August, a multinational law enforcement operation called Operation Duck Hunt accessed the QakBot admin's ...
11 months ago Bleepingcomputer.com
Investigation of Possible Causes of ESXiArgs Ransomware Attacks Suggests VMware is Not at Fault - Edward Hawkins, the High-Profile Product Incident Response Manager at VMware, has denied allegations that two-year-old security flaws have been used in the current ESXiArgs ransomware attacks. Over the weekend, reports surfaced about cybercriminals ...
1 year ago Hackread.com
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Hack Corporate Email Accounts - Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email. ...
1 year ago Thehackernews.com
Iranian Phishing Campaign Targets Israel-Hamas War Experts - Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to Microsoft Threat Intelligence. The threat actor Mint Sandstorm, which has ties to ...
10 months ago Infosecurity-magazine.com
'PhantomBlu' Cyberattackers Backdoor Microsoft Office Users via OLE - A malicious email campaign is targeting hundreds of Microsoft Office users in US-based organizations to deliver a remote access trojan that evades detection, partially by showing up as legitimate software. Threat actors previously have used the RAT ...
8 months ago Darkreading.com
Three Iranian Cyber Actors Indicted For Election Interference And Hacking Campaign - According to the DOJ, the three hackers targeted officials and individuals associated with one of the US presidential campaigns, referred to in the indictment as “US Presidential Campaign 1.” They successfully gained unauthorized access to ...
2 months ago Informationsecuritybuzz.com
Pirated Software Puts Mac Users at Risk as Proxy Malware Emerges - Malware is being targeted at Mac users who receive pirated versions of popular apps from warez websites after they choose to download them from those websites. Various reports state that cybercriminals are infecting macOS devices with proxy trojans ...
11 months ago Cysecurity.news
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat - WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency publicly issued Emergency Directive 24-02 in response to a recent campaign by Russian state-sponsored cyber actor Midnight Blizzard targeting Microsoft corporate email accounts ...
7 months ago Cisa.gov
Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo - We appreciate the opportunity to comment on the proposed Memo on Agency Use of Artificial Intelligence. Ensuring agencies have access to adequate IT infrastructure,. We base our remarks on our experience helping US Federal agencies transform their ...
11 months ago Securityboulevard.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
6 months ago Cisa.gov
US Federal Agencies Miss Deadline for Incident Response Requirements - Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required by law, according to the US Government Accountability ...
11 months ago Infosecurity-magazine.com
Roundup: Federal action that shaped cybersecurity in 2023 - As 2023 draws to a close, it's time to look back on our top five federal cyber stories of the year: a compilation of pivotal moments and key developments that have significantly shaped the landscape of cybersecurity at the federal level. These ...
11 months ago Securityintelligence.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)