2014, Encryption and Information Security

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

million settlement in a multi-state investigation of the data breach that the company suffered in 2014. million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. Retail giant Home Depot has agreed to a $17.5 ” . .

Retail

Retail Data breaches Penetration Testing Password Management

Zoom now supports end-to-end encrypted (E2EE) calls

Security Affairs

OCTOBER 15, 2020

The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. ” reads the post published by the company. Pierluigi Paganini.

Encryption

Encryption Advertising Accountability Hacking

German encrypted email service Tutanota suffers DDoS attacks

Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. Pierluigi Paganini.

DDOS

DDOS Encryption DNS Advertising

IBM releases open-source toolkits implementing FHE to process data while encrypted

Security Affairs

JUNE 8, 2020

IBM has released open-source toolkits implementing fully homomorphic encryption (FHE) that allow researchers to process data while it’s still encrypted. IBM has released open-source toolkits implementing fully homomorphic encryption (FHE), which allows researchers to process encrypted data without having access to the actual data.

Encryption

Encryption Advertising Data privacy Healthcare

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

FEBRUARY 19, 2020

With this technique, the system runs with as much efficiency as possible without sacrificing security, especially since there are measures in place at all times. Encryption. When information is moving from one source to another, it’s particularly susceptible to attacks and theft. Password Protection & Authentication.

Artificial Intelligence

Artificial Intelligence Information Security Passwords Encryption

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Researchers at SEC Consult Vulnerability Lab discovered multiple issues in several security products from Fortinet, including hardcoded key and encryption for communications. “The messages are encrypted using XOR “encryption” with a static key.” ” reads the analysis published by the experts.

Encryption

Encryption Antivirus DNS Advertising

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Security Affairs

MARCH 4, 2020

Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. A bug in Let’s Encrypt’s certificate authority (CA) software, dubbed Boulder, caused the correct validation for some certificates. Pierluigi Paganini.

Encryption

Encryption Advertising DNS Software

UK ICO proposes a $123 million fine for Marriott 2014 data breach

Security Affairs

JULY 9, 2019

The UK’s data privacy regulator plans to fine giant hotel chain Marriott International with a £99 million ($123 million) under GDPR over 2014 data breach. The UK’s data privacy regulator announced that the giant hotel chain Marriott International faces a £99 million ($123 million) fines under GDPR over 2014 data breach.

Data breaches

Data breaches Data privacy Advertising Encryption

Five Eyes nations plus India and Japan call for encryption backdoor once again

Security Affairs

OCTOBER 13, 2020

Members of the Five Eyes intelligence alliance once again call for tech firms to engineer backdoors into end-to-end and device encryption. The statements reinforce the importance of the encryption in protecting data, privacy, and IP, but highlights the risks of abusing it for criminal and terrorist purposes. Pierluigi Paganini.

Encryption

Encryption Data privacy Advertising Technology

Ragnar Ransomware encrypts files from virtual machines to evade detection

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Ransomware Energy and Utilities Advertising

Ryuk Ransomware evolution avoid encrypting Linux folders

Security Affairs

DECEMBER 26, 2019

Experts spotted a new strain of the Ryuk Ransomware that was developed to avoid encrypting folders commonly seen in *NIX operating systems. Kremez noticed that the ransomware doesn’t encrypt folders that are associated with *NIX operating systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Ransomware Malware Advertising

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Security Affairs

FEBRUARY 17, 2020

Tutanota , the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption VPN Government Internet

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication.” ” Experts pointed out that the vulnerability does not reside in the Wi-Fi encryption protocol, instead, the issue is related to the way some chips implemented the encryption.

Encryption

Encryption Wireless Manufacturing Advertising

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. Most of the attacks targeted non-standard ports and experts observed a spike in the number of encrypted malware. million encrypted malware attacks, +27% over the previous year. .”

IoT

IoT Encryption Malware Advertising

DeathRansom ransomware evolves encrypting files, but experts identified its author

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Pierluigi Paganini.

Encryption

Encryption Ransomware Malware Scams

Apple Mail stores parts of encrypted emails in plaintext DB

Security Affairs

NOVEMBER 10, 2019

The Apple Mail app available on macOS stores leave s a portion of users encrypted emails in plaintext in a database called snippets. The Apple expert Bob Gendler discovered that the Apple Mail app available on macOS stores leaves a portion of users encrypted emails in plaintext in a database called snippets. ” continues the post.

Encryption

Encryption Advertising Data collection Hacking

OpenSSL to fix the second critical flaw ever

Security Affairs

OCTOBER 26, 2022

This is the second critical vulnerability ever addressed by the OpenSSL Project after the critical Heartbleed vulnerability (CVE-2014-0160) in 2014. version is respected to be released next week, on November 1, with the maintainers that defined it as a ‘security-fix release.’. SecurityAffairs – hacking, encryption ).

Encryption

Encryption Hacking Information Security

Encryption – A Feasible Savior against Prevalent Privacy Issues in Business Communication

Security Affairs

OCTOBER 26, 2019

Even though encryption should be taken seriously by businesses of all sizes, only a small fraction of the corporate sector puts their back on it. Why is Encryption a Feasible Option against Digital Threats? Encryption plays an integral role in securing the online data as well as its integrity. Final Thoughts.

Encryption

Encryption Cyber threats Ransomware Cybercrime

Tyler Technologies finally paid the ransom to receive the decryption key

Security Affairs

OCTOBER 11, 2020

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. According to BleepingComputer, which cited a source informed on the event, Tyler Technologies paid a ransom of an unspecified amount to receive the decryption key and recover encrypted files.

Technology

Technology Ransomware Encryption Advertising

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 and was employed in highly targeted attacks. Subsequently, it executes actions to deploy a DLL file endowed with information gathering and data exfiltration capabilities. ” concludes the report.

Encryption

Encryption Malware Phishing Hacking

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Insurance Insurance Advertising

Mount Locker ransomware operators demand multi-million dollar ransoms

Security Affairs

SEPTEMBER 28, 2020

A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. According to the popular malware researchers Michael Gillespie , the Mount Locker uses ChaCha20 to encrypt the files and an embedded RSA-2048 public key to encrypt the encryption key.

Ransomware

Ransomware Encryption Advertising Engineering

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Crooks hit Puerto Rico Firefighting Department Servers

Security Affairs

OCTOBER 15, 2020

The department received an email from the threat actors that notifies it that they had encrypted its servers and demanded the payment of a ransom to release them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Encryption Hacking Information Security

Maze ransomware uses Ragnar Locker virtual machine technique

Security Affairs

SEPTEMBER 17, 2020

The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. ” reads the analysis published by Sophos. .

Ransomware

Ransomware Encryption Advertising Malware

Emsisoft releases a second decryptor in a few days, this time for ZeroFucks ransomware

Security Affairs

JULY 21, 2019

ZeroFucks ransomware encrypts files with AES-256 and replaces the extension in the filename with “. When the ransomware encrypts files the following GUI is displayed to the victims, crooks demand a €400 ransom worth of Bitcoins. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. zerofucks ” (i.e.

Ransomware

Ransomware Encryption Advertising Malware

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. “Absolutely all servers and working computers of the company are hacked and encrypted. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Ransomware Advertising Encryption

eCh0raix ransomware is back and targets QNAP NAS devices again

Security Affairs

JUNE 6, 2020

The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. encrypt extension to filenames of encrypted files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Manufacturing

SentinelOne released free decryptor for ThiefQuest ransomware

Security Affairs

JULY 8, 2020

Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. macOS ransomware #decryptor ( #EvilQuest )! |

Ransomware

Ransomware Encryption Malware InfoSec

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The botnet uses the WSS (WebSocket over TLS) protocol for C2 communication to circumvent the typical Mirai traffic detection and provide secure encrypted communication for command and control. “Two zero days, 12 remote access functions for the router, encrypted traffic protocol, and infrastructure IP that that moves around. .

IoT

IoT Firmware DNS Advertising

Garmin allegedly paid for a decryptor for WastedLocker ransomware

Security Affairs

AUGUST 2, 2020

BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. BleepingComputer first revealed that Garmin has received the decryption key to recover the files encrypted with the WastedLocker Ransomware in the recent attack. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Software

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Security Affairs

JUNE 29, 2020

million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible,” reads a statement published by the UCSF.

Ransomware

Ransomware Encryption Advertising Malware

Clop Ransomware attempts to disable Windows Defender and Malwarebytes

Security Affairs

DECEMBER 2, 2019

The malicious code executes a small program, just before starting the encryption process, to disable security tools running on the infected systems that could detect its operations. These are encrypted under the suffix. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Cybercrime

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Thus, it can be difficult for even small enterprises to keep up with information security and data privacy compliance. Sometimes, however, information security, data privacy, and IT compliance overall are people problems more than they are pure data problems. Security, Privacy and Compliance Can Conflict.

Data privacy

Data privacy Encryption Data breaches Insurance

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Security Affairs

APRIL 9, 2020

million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. “As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data.

Ransomware

Ransomware Encryption Advertising Backups

Technology giant Konica Minolta hit by a ransomware attack

Security Affairs

AUGUST 17, 2020

The ransomware encrypted the files and appended the ‘ K0N1M1N0’ extension appended to their filenames. The good news is that the RansomEXX ransom, unlike other families of ransomwawe, does not appear to exfiltrate data before encrypting target systems. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Technology

Technology Ransomware Advertising Encryption

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

To avoid detection of malicious functionalities, the authors encrypted all suspicious-looking strings with the Corrected Block TEA (XXTEA) cipher and then running Base64 encoding. “Interestingly, the password from the configuration file is stored encrypted. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Encryption Advertising Passwords

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

The name AgeLocker comes from the use of the Actually Good Encryption ( AGE ) algorithm to encrypt files, experts warn that encrypted files can’t be recovered without paying the ransom to the ransomware operators. Security experts are observing the new strain of ransomware that is targeting QNAP devices since June.

Firmware

Firmware Encryption Ransomware Advertising

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. Security experts are observing the new strain of ransomware that is targeting QNAP devices since June. Pierluigi Paganini.

Encryption

Encryption Firmware Advertising Ransomware

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Security Affairs

MAY 1, 2020

The hackers claim to have compromised the Banco BCR’s network in August 2019, and had the opportunity to exfiltrate its information before encrypting the files. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. ” reads a post published by Cyble. Pierluigi Paganini.

Ransomware

Ransomware Banking Cyber Insurance Advertising

Emsisoft released a free decryptor for the Ims00rry ransomware

Security Affairs

JULY 14, 2019

The Ims00rry ransomware used AES-128 algorithm for the encryption process. Unlike most of the ransomware, Ims00rry and doesn’t append an extension to the filenames of the encrypted files. All your files photos, databases, documents and other important are encrypted with strongest encryption and algorithms RSA 4096, AES-256.

Ransomware

Ransomware Encryption Advertising Malware

Fuckunicorn ransomware targets Italy in COVID-19 lures

Security Affairs

MAY 27, 2020

The malicious code adds the “ fuckunicornhtrhrtjrjy” extensions to names of encrypted files. The good news for the victims is that CERT-AgID discovered that the password for encrypting the files is sent in clear text to the attacker, this means that it can be retrieved from the network traffic. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Malware

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

The skimmer loads dynamically to avoid static malware scanners and uses unique encryption parameters for each victim to obfuscate the malicious code.” The JavaScript URL is hardcoded in the loader script in encrypted format, experts observed that the attackers can change the URL for each victim. Pierluigi Paganini.

eCommerce

eCommerce Malware Encryption Advertising

French court indicted Nexa Technologies for complicity in acts of torture

Security Affairs

NOVEMBER 28, 2021

The complaint refers to the revelation made by the magazine Télérama that reported the sale in March 2014 of “a listening system at 10 million euros to fight – officially – against the Muslim Brotherhood” , the Islamist opposition in Egypt. The contract was signed in March 2014.

Technology

Technology Surveillance Software Government

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Zoom now supports end-to-end encrypted (E2EE) calls

Trending Sources

German encrypted email service Tutanota suffers DDoS attacks

IBM releases open-source toolkits implementing FHE to process data while encrypted

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Some Fortinet products used hardcoded keys and weak encryption for communications

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

UK ICO proposes a $123 million fine for Marriott 2014 data breach

Five Eyes nations plus India and Japan call for encryption backdoor once again

Ragnar Ransomware encrypts files from virtual machines to evade detection

Ryuk Ransomware evolution avoid encrypting Linux folders

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

DeathRansom ransomware evolves encrypting files, but experts identified its author

Apple Mail stores parts of encrypted emails in plaintext DB

OpenSSL to fix the second critical flaw ever

Encryption – A Feasible Savior against Prevalent Privacy Issues in Business Communication

Tyler Technologies finally paid the ransom to receive the decryption key

North Korea-linked Konni APT uses Russian-language weaponized documents

University of Utah pays a $457,000 ransom to ransomware gang

Mount Locker ransomware operators demand multi-million dollar ransoms

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Crooks hit Puerto Rico Firefighting Department Servers

Maze ransomware uses Ragnar Locker virtual machine technique

Emsisoft releases a second decryptor in a few days, this time for ZeroFucks ransomware

REvil ransomware gang hacked gaming firm Gaming Partners International

eCh0raix ransomware is back and targets QNAP NAS devices again

SentinelOne released free decryptor for ThiefQuest ransomware

New Ttint IoT botnet exploits two zero-days in Tenda routers

Garmin allegedly paid for a decryptor for WastedLocker ransomware

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Clop Ransomware attempts to disable Windows Defender and Malwarebytes

Security Compliance & Data Privacy Regulations

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Technology giant Konica Minolta hit by a ransomware attack

CDRThief Linux malware steals VoIP metadata from Linux softswitches

QNAP urges users to update NAS firmware and app to prevent infections

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Emsisoft released a free decryptor for the Ims00rry ransomware

Fuckunicorn ransomware targets Italy in COVID-19 lures

Visa warns of new sophisticated credit card skimmer dubbed Baka

French court indicted Nexa Technologies for complicity in acts of torture

Stay Connected