CyberScoop.com,

"Microsoft Windows zero-day used by several nation-states."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 21 March 2025, 1623 UTC.

Content and Source:  https://cyberscoop.com.

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Please adjust slider at bottom of post to center the article.

 READ IN BROWSER

FRIDAY, MARCH 21, 2025 A Windows zero-day is used by several nation-state hacking arsenals. What do to on the non-technical side of a ransomware attack. And the Pentagon CIO wants more offensive cyber capabilities. This is CyberScoop for Friday, March 21. (Jeenah Moon/Getty Images) Windows zero-day used by multiple nation-states Cybercriminals from at least six nation-states are exploiting a longstanding zero-day vulnerability in Microsoft Windows, which allows hidden commands via manipulated .lnk files to conduct espionage and data theft. This vulnerability has been used since 2017, largely by state-backed actors from countries including North Korea, Iran, Russia, China, India, and Pakistan, targeting governments and critical sectors, with a significant portion attributed to North Korean financial motives. Despite active exploitation, Microsoft has yet to commit to a patch, citing the limited practical use of the vulnerability, while researchers emphasize the need for urgent remediation. Matt Kapko has more. AITalks | Apr 24, 2025 Gain invaluable insights and connect with industry peers at AITalks. Explore the latest AI trends, best practices, and real-world use cases. Learn how to overcome challenges and maximize the benefits of AI for your organization. Register today! How to handle the non-technical part of a ransomware attack In this episode, Greg Otto talks with FTI Consulting’s Allie Bohan exploring the challenges organizations face in maintaining effective communication during cyberattacks. Allie and Greg uncover essential strategies for incidents, ensuring companies remain connected with stakeholders even when digital channels are compromised. We also talk on how to keep morale boosted within an organization during a time that many would consider one of the worst chapters in a business’s history. Listen here. Pentagon CIO calls for more offensive cyber capability The Trump administration, led by acting DOD CIO Katie Arrington, is urging aggressive reform in cybersecurity policies to combat digital adversaries effectively, describing the situation as a non-kinetic state of war. Arrington calls for dismantling regulations that hinder defensive and offensive cyber capabilities, emphasizing the need for proactive measures against threats, particularly those from countries like China targeting U.S. infrastructure. This initiative aims to empower defense personnel to act decisively and adaptively, moving beyond the status quo to protect national security. Mark Pomerleau reports for DefenseScoop. AIWeek | Apr 21-25, 2025 AI Week is the nation's only week-long tech festival dedicated to artificial intelligence and its potential to transform the world we live in. During AI Week 2025, thousands of C-suite leaders from the government, tech and education communities across the U.S. will gather online and in person to participate in hundreds of community events, interactive sessions, lightning talks, networking opportunities and more for an exclusive look at the latest in the AI space. Register today! Copyright © CyberScoop 2025.  All rights reserved. Scoop News Group 2001 K Street NW Washington DC  Update your email preferences Unsubscribe