2000, Information Security and Technology

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased by over 2000 p ercent in 2019 compared to 2018, and most of them involved the Echobot malware. Pierluigi Paganini.

Advertising

Advertising Malware IoT Technology

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). The group also created the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Telecommunications

Telecommunications DNS Passwords Hacking

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Cisco Security

JULY 12, 2021

Chief Information Security Officers (CISOs) across the Global 2000 and Fortune 1000 are obsessed with protecting the workforce endpoints as critical vulnerabilities in the cybersecurity and risk management posture of their enterprises.

Security Awareness

Security Awareness Risk CISO Cybersecurity

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In December, Kyivstar , the largest Ukraine service provider went down after a major cyber attack.

Mobile

Mobile Telecommunications Cyber Attacks Internet

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

The Last Watchdog

OCTOBER 15, 2018

You’ll recall that in the OPM breach , the cyber intruders stole a a staggering amount of highly sensitive information – deep personnel records for 21.5 In that caper, criminals got away with Social Security numbers, passwords, and in some cases, fingerprints. The OPM breach put most federal workers since the year 2000 are at risk.

Risk

Risk Government Cyber Attacks Passwords

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

Cisco Security

AUGUST 12, 2021

The 47-page report provided significant detail to support the conclusion that “According to agency inspectors general, the average grade of the agencies’ overall information security maturity is C-.”. The two roles don’t overlap cleanly and must be separate in order to govern cybersecurity effectively.

CISO

CISO Information Security Risk Government

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). This backdoor is version 3.1.4.

VPN

VPN Software Internet Internet

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm.

Ransomware

Ransomware Encryption Telecommunications Malware

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). We attribute this attack to #Sandworm.

Telecommunications

Telecommunications Malware Hacking Ransomware

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). .” reads the advisory published by the CERT-UA.

Telecommunications

Telecommunications Authentication Data collection Passwords

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

Mandiant researchers reported that Russia-linked APT group Sandworm employed new operational technology (OT) attacks that caused power outages while the Russian army was conducting mass missile strikes on critical infrastructure in Ukraine in October.

Telecommunications

Telecommunications Hacking Technology Internet

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

Malware

Malware Firmware Architecture Firewall

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). WithSecure believes that Kapeka is likely part of the Sandworm’s arsenal.

Malware

Malware Ransomware Hacking Technology

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft

Identity Theft VPN Malware Ransomware

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The CERT-UA attributes the attack to the Russia-linked APT group UAC-0082 (aka Sandworm , BlackEnergy , and TeleBots ).

Telecommunications

Telecommunications Malware Hacking Ransomware

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

VPN

VPN Education Accountability Cyber Attacks

Forescout Platform: NAC Product Review

eSecurity Planet

APRIL 7, 2023

In 2000, Forescout entered the security market as an NAC provider and then expanded capabilities to encompass more security and asset control features. This wide compatibility enables rapid deployment with minimal issues to sprawling networks with a variety of networking equipment. Who is Forescout?

IoT

IoT Technology Energy and Utilities Wireless

Russia-linked Sandworm continues to conduct attacks against Ukraine

Security Affairs

MAY 21, 2022

Security experts from ESET reported that the Russia-linked cyberespionage group Sandworm continues to launch cyber attacks against entities in Ukraine. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Malware

Malware Government Cyber Attacks Hacking

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). ” reads the report published by Mandiant.

Energy and Utilities

Energy and Utilities Media Hacking Technology

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In an update provided by Microsoft this week, MSTIC attributed the campaign to the IRIDIUM (aka Sandworm ) cyberespionage group.

Ransomware

Ransomware Telecommunications DNS Hacking

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Multiple security firms have reported that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet like Cyclops Blink. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Malware

Malware Telecommunications DNS Hacking

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs

APRIL 12, 2022

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The vulnerability is actively exploited by the Cyclops Blink botnet operated by the Russia-linked Sandworm APT group.

Malware

Malware Firmware Cybersecurity Hacking

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

In February, US and UK cybersecurity and law enforcement agencies published a joint security advisory about the Cyclops Blink bot that has been linked to the Russian-backed Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

IoT

IoT Firewall Malware Internet

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

.” In February, US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group.

Malware

Malware Government Firmware Firewall

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

FROZENLAKE, aka Sandworm , has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). ” reads the report published by the Google TAG. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Phishing

Phishing Education Accountability Malware

Risky Business: Enterprises Can’t Shake Log4j flaw

Security Affairs

AUGUST 10, 2022

In December 2021 security teams scrambled to find Log4j-vulnerable assets and patch them. Eight months later many Global 2000 firms are still fighting to mitigate the digital assets and business risks associated with Log4j. INTRODUCTION. each month (PDF). About the author: TOM SPRING, MEDIA MANAGER. Pierluigi Paganini.

Risk

Risk Media Cybersecurity Software

The Defender’s Guide to the Windows Registry

Security Boulevard

OCTOBER 31, 2022

This is a series of blog posts designed to give you a ground-up start to defending a specific technology from potential attackers. While a lot of this information may be redundant to a more seasoned information security personnel, even the best of us rely on Google and blog posts to get information.

Technology

Technology Information Security Backups Malware

Tufin Named Policy Management Solution of the Year by CyberSecurity Breakthrough Awards

CyberSecurity Insiders

OCTOBER 23, 2021

The awards are conducted by CyberSecurity Breakthrough , a leading independent market intelligence organization that recognizes the top companies, technologies, and products in the global information security market today.

Cybersecurity

Cybersecurity Threat Detection Firewall Marketing

Retired Malware Samples: Everything Old is New Again

Lenny Zeltser

JULY 27, 2018

Dated April 18, 2000, Slackbot came with a builder that allowed its user to customize the name of the IRC server and channel that the person wanted to use for Command and Control (C2). When Flash reigned supreme among banner ad technologies, the FOR610 course covered several examples of these forms of malware. –slim”.

Malware

Malware Engineering Education Advertising

Best SIEM Tools & Software for 2022

eSecurity Planet

AUGUST 15, 2022

Security Information and Event Management (SIEM) is a crucial enterprise technology that ties the stack of cybersecurity systems together to assess threats and manage risks. Features like NetWitness Detect AI offer an adaptive machine learning algorithm to detect and inform security analysts about threats.

Software

Software Small Business Marketing Firewall

Weaving strategies with policies

Notice Bored

NOVEMBER 26, 2021

Globalization' is not just about establishing a widespread physical presence and brands: it's also about harnessing a widely distributed and culturally diverse workforce, harnessing technology to link, leverage and exploit the very best of the best. so, how things going with your security strategy development, dear CISO?

Risk

Risk Technology InfoSec Artificial Intelligence

CYBERSEC Global 2020 Goes Digital – Register Now

Responsible Cyber

SEPTEMBER 10, 2020

In cybersecurity conference circuit, CYBERSEC distinguishes itself from other conferences by not focusing only on the technology but instead taking a holistic, multi-domain, and strategic approach to cybersecurity as the backbone of further digital development of nations and economies.

Digital transformation

Digital transformation Technology Artificial Intelligence Cybersecurity

A Cybersecurity Conversation with Vince Moore – Senior Network Engineer at OPSWAT

CyberSecurity Insiders

JANUARY 16, 2022

My interest led me to pursue my Master’s in Information Security and Assurance, and the rest is history. Some of the most rewarding moments in my career were working for ITT Systems Division as a civilian contractor in Afghanistan and Iraq in the mid-2000’s.

Engineering

Engineering Cybersecurity Energy and Utilities Software

CISSPs from Around The Globe: An Interview with Theresa Grafenstine

CyberSecurity Insiders

JULY 7, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

Financial Services

Financial Services Cybersecurity Technology Government

The Hacker Mind: Shattering InfoSec's Glass Ceiling

ForAllSecure

MARCH 8, 2023

I went to Black Hat in 2000. I wrote two books, one on IoT Security and another with Kevin Mitnick, then jumped around a couple of different jobs. What if you are a woman in information security? My first day at ZDNet there was a virus blowing up and my editor asked if I could do a story on that. So I learned.

InfoSec

InfoSec Engineering CSO Technology

The Hacker Mind Podcast: Shall We Play A Game?

ForAllSecure

JANUARY 27, 2021

Hammond: So I kind of got a little bit more inquisitive and a lot more curious and wanting to learn and understand more about the technology in front of the computers, the programs that I would use on a day to day basis. What’s a good entry point for starting CTFs or information security for that matter?

Computers and Electronics

Computers and Electronics InfoSec Hacking Education

The Hacker Mind Podcast: Shall We Play A Game?

ForAllSecure

JANUARY 27, 2021

Hammond: So I kind of got a little bit more inquisitive and a lot more curious and wanting to learn and understand more about the technology in front of the computers, the programs that I would use on a day to day basis. What’s a good entry point for starting CTFs or information security for that matter?

Computers and Electronics

Computers and Electronics InfoSec Hacking Education

On Detection: Tactical to Functional

Security Boulevard

SEPTEMBER 30, 2022

Out-Minidump is a PowerShell script written by Matt Graeber that leverages a technology called “reflection” to allow direct, in-memory, Win32 function calls from PowerShell. To help make this idea concrete, we can analyze two tools which are literally different, but functionally the same. Yale University Press. [2]: 2]: Atkinson, Jared C.

Engineering

Engineering InfoSec Information Security Threat Reports

Norway suspends its COVID-19 contact tracing app due to privacy concerns

Security Affairs

JUNE 16, 2020

Contact tracing technologies played an essential role in the containment of the pandemic in several countries, including South Korea, Singapore, Israel, and other nations. Datatilsynet is a Norwegian Government agency responsible for managing the Personal Data Act of 2000, concerning privacy concerns.

Data collection

Data collection Advertising Government Technology

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

In 2000, cyberspies from AIVD hacked the email system of a key Iranian defense organization to obtain more information about Iran’s nuclear program. Khan stole the designs to build Pakistan’s nuclear program, then proceeded to market them to other countries, including Iran and Libya.” The AIVD , along with U.S.

Malware

Malware Engineering Advertising Hacking

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges.

Computers and Electronics

Computers and Electronics Authentication Software Risk

KnowBe4 CEO Stu Sjouwerman talks IPO, and ‘strengthening that human firewall’

SC Magazine

APRIL 22, 2021

And they were only focused on the global 2000 at a very high price point. We’re currently at about $60 billion per year in information security spending [globally] but it’s just not working. We have a shortlist [of potential acquisitions] but we save those announcements for the quarterly earnings calls.

Firewall

Firewall Social Engineering Phishing Marketing

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

Anyone who has anyone in the information security community is usually melting under the hot Nevada sun. Vamosi: I first attended DEF CON in 2000 when it was still at the Alexis Park Hotel, just off the Strip. We do international events now and expose people to control systems to the technology to security.

Hacking

Hacking Computers and Electronics InfoSec Software

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

And I remember probably 2000 to 2003 ish, complaining when we when I think it was last year that we were at Alexa, Alexis Park for DEF CON. Mine was 2000. And we give them different goals and tasks, you know, so some of the things that I do ask for to begin with, like what are you doing in your free time at home with technology?

Hacking

Hacking Media InfoSec Internet

OT attacks increased by over 2000 percent in 2019, IBM reports

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Trending Sources

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Russian Sandworm disrupts power in Ukraine with a new OT attack

US and UK link new Cyclops Blink malware to Russian state hackers?

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Sandworm APT group hit Ukrainian news agency with five data wipers

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Forescout Platform: NAC Product Review

Russia-linked Sandworm continues to conduct attacks against Ukraine

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Russia-linked Cyclops Blink botnet targeting ASUS routers

US dismantled the Russia-linked Cyclops Blink botnet

Google TAG warns of Russia-linked APT groups targeting Ukraine

Risky Business: Enterprises Can’t Shake Log4j flaw

The Defender’s Guide to the Windows Registry

Tufin Named Policy Management Solution of the Year by CyberSecurity Breakthrough Awards

Retired Malware Samples: Everything Old is New Again

Best SIEM Tools & Software for 2022

Weaving strategies with policies

CYBERSEC Global 2020 Goes Digital – Register Now

A Cybersecurity Conversation with Vince Moore – Senior Network Engineer at OPSWAT

CISSPs from Around The Globe: An Interview with Theresa Grafenstine

The Hacker Mind: Shattering InfoSec's Glass Ceiling

The Hacker Mind Podcast: Shall We Play A Game?

The Hacker Mind Podcast: Shall We Play A Game?

On Detection: Tactical to Functional

Norway suspends its COVID-19 contact tracing app due to privacy concerns

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

KnowBe4 CEO Stu Sjouwerman talks IPO, and ‘strengthening that human firewall’

The Hacker Mind Podcast: DEF CON Villages

The Hacker Mind Podcast: Hacking Real World Criminals Online

Stay Connected