Mar 17, 2025Ravie LakshmananVulnerability / Web Security A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions - Apache Tomcat 11.0.0-M1 to 11.0.2 Apache … [Read more...] about Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
Public
Understanding data mesh in public sector: Pillars, architecture, and examples
Think about all the data behind projects like defense intelligence, public health records, urban planning models, and more. Government agencies are generating enormous quantities of data all the time. Things get even more tricky when the data is spread across cloud platforms, on-prem systems, or specialized environments like satellites and emergency response centers. It’s hard … [Read more...] about Understanding data mesh in public sector: Pillars, architecture, and examples
5 insights from public sector leaders: Solving organizational challenges with data and AI
Despite the best intentions of many public sector leaders to build data-driven organizations, the reality is that 65% of public sector leaders still struggle to use data continuously in real time and at scale. The upside? Many leaders are taking advantage of AI and generative AI to tackle this critical need. But to reach that level of advanced data maturity and harness the … [Read more...] about 5 insights from public sector leaders: Solving organizational challenges with data and AI
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions
The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer … [Read more...] about FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions
Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
Aug 16, 2024Ravie LakshmananCloud Security / Application Security A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign, including the … [Read more...] about Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
AI for the public good: The future is bright
To speed up AI adoption and help citizens see the positive effects of AI sooner, there are a few tangible steps agencies can take.While government agencies are understandably daunted at the prospect of reconfiguring their underlying data strategy, there are technology platforms that enable organisations to get more utility and insights out of the data they already have — no … [Read more...] about AI for the public good: The future is bright
Darryl Peek on working for the public sector at Elastic
Darryl Peek has always supported the public sector — his career has taken him to various private and public enterprises within a public sector team. Darryl’s family has a long history of military service — his brother was in the US Navy, his father was an airman, and his grandfathers were in the US Army. He joined Lockheed Martin, his first job out of college, for that reason. … [Read more...] about Darryl Peek on working for the public sector at Elastic
Public Sector Hit in Sudden Surge, Reveals New Report
Aug 15, 2023The Hacker NewsThreat Intelligence / Cyber Attacks The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus the previous quarter. This includes public transit, utilities, schools, and other government services we rely on daily. With limited resources and often … [Read more...] about Public Sector Hit in Sudden Surge, Reveals New Report
New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies
Jun 10, 2023Ravie LakshmananCyber Attack / Malware Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER is a heavily obfuscated, previously undisclosed, x64 backdoor that brings PE loading and injection, file upload and download, file and directory manipulation, and token impersonation … [Read more...] about New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies
What the public sector can learn from CDM’s data strategy
The US government handles massive quantities of data — via separate agencies and disconnected data systems. Having a central dashboard to track this data is absolutely essential for uncovering and sharing cybersecurity vulnerabilities before they can do harm to citizens or critical infrastructure.This dashboard — known as the Continuous Diagnostics and Mitigation (CDM) … [Read more...] about What the public sector can learn from CDM’s data strategy