Congress and the public must address the pressures imposed on public servants and defend the guardrails that protect U.S. forces and democracy.

Russia’s cybercrime stance reflects a broader push to assert state control over the internet, restrict dissent, and build global backing.

Ninth Circuit judges have drastically different understandings of the on-the-ground reality in Portland.

Google has identified that the Russian state-sponsored hacking group Cold River is replacing its previously detected malware with new tools, including a variant named Callisto. This development highlights the group's ongoing efforts to evade detection and maintain its cyberespionage capabilities. Cold River, linked to Russian intelligence, has a history of targeting political organizations, NGOs, and think tanks through phishing campaigns. The shift to new malware tools suggests that Cold River's previous tools have been compromised, necessitating the development of new variants to continue their operations. This tactic is common among advanced persistent threat (APT) groups, which continuously evolve their tactics, techniques, and procedures (TTPs) to stay ahead of defenders. For cybersecurity professionals, this development underscores the importance of robust threat detection and response capabilities. Organizations should ensure their endpoint detection and response (EDR) solutions are up-to-date and capable of identifying new malware variants. Additionally, employee training on phishing awareness is crucial, as phishing remains a primary attack vector for groups like Cold River. The broader impact on the cybersecurity landscape is significant. State-sponsored groups like Cold River are well-resourced and highly motivated, posing persistent threats to targeted organizations. The continuous evolution of their tools and techniques highlights the need for proactive defense strategies, including regular security assessments, threat intelligence sharing, and investment in advanced detection technologies. Expert insights suggest that a multi-layered defense approach is essential for mitigating the risks posed by APT groups. This includes technical controls, user education, and participation in threat intelligence sharing communities. Organizations should also implement robust incident response plans to quickly detect, contain, and remediate potential breaches. In conclusion, the discovery of Cold River's new malware tools serves as a reminder of the evolving nature of cyber threats. Cybersecurity professionals must remain vigilant, continuously update their defenses, and stay informed about emerging threats to protect their organizations effectively.

Images of the demolition of parts of the East Wing went viral on Monday, and Treasury’s headquarters next door to the White House has a front-row seat.

In what has been described as a 'catastrophic' security breach, cybercriminals accessed the cache of files by hacking a maintenance contractor used by the MoD.

The Trump administration's 29th emergency application—to let it deploy federalized National Guard troops in Chicago on a profoundly dubious factual predicate—is a make-or-break moment for the Court.

I paid attention to the Information Security and Data Privacy news from over the weekend so you wouldn’t have to! Curated for you by Sherpa Intelligence - Your Guide Up a Mountain of Information!