2020, Cybersecurity and Information Security

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

Why Discomfort Might Be the Ultimate Power Move for Cybersecurity Leaders

Jane Frankland

JULY 1, 2025

” For cybersecurity leaders navigating the high-stakes world of defending critical systems, this phrase takes on a whole new meaning. In it, I’ll be examining how pain in cybersecurity leadership isn’t just a nuisance. Security leaders know that breaches aren’t a matter of “if” but “when.”

Cybersecurity

Cybersecurity Risk Cloud Migration CISO

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

The chief information security officer for a large academic healthcare system affected by the breach told KrebsOnSecurity they participated in a call with the FBI and were told a third party partner managed to recover at least four terabytes of data that was exfiltrated from Change by the cybercriminal group. .”

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 6, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog. The vulnerability CVE-2020-15069 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook. is a Remote Code Execution flaw in Microsoft Outlook. .

Firewall

Firewall Hacking Risk Cybersecurity

Can Cybersecurity Make You a Millionaire?

Hacker's King

OCTOBER 22, 2024

The world of cybersecurity is booming, with digital threats increasing and businesses needing to protect their data. But can cybersecurity make you a millionaire ? As the demand for cybersecurity professionals continues to rise, so do the financial opportunities for those who excel in this domain.

Cybersecurity

Cybersecurity CISO Engineering Education

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

. “According to the SEC’s orders, Unisys, Avaya, and Check Point learned in 2020, and Mimecast learned in 2021, that the threat actor likely behind the SolarWinds Orion hack had accessed their systems without authorization, but each negligently minimized its cybersecurity incident in its public disclosures.”

Hacking

Hacking Risk Cybersecurity Government

EU announced sanctions on three members of Russia’s GRU Unit 29155

Security Affairs

JANUARY 28, 2025

The EU sanctioned three members of Russia’s GRU Unit 29155 for cyberattacks on Estonia’s government agencies in 2020. “The Council today adopted additional restrictive measures against three Russian individuals responsible for a series of cyberattacks carried out against the Republic of Estonia in 2020. .

Cyber Attacks

Cyber Attacks Government Healthcare Financial Services

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

Intelligence and cybersecurity experts warn that Chinese nation-state actors have shifted from stealing secrets to infiltrate critical U.S. Below is the list of previous incidents suffered by T-Mobile: In August 2021, a security breach impacted 54 million customers. and around the globe.”

Mobile

Mobile Telecommunications Data breaches Hacking

A ransomware attack disrupted services at Pittsburgh Regional Transit

Security Affairs

DECEMBER 26, 2024

The agency has notified law enforcement and is investigating the security breach with the assistance of cybersecurity experts. These teams are working diligently to determine if any information has been compromised.” The ransomware attack caused significant service disruptions to local transportation in Pittsburgh.

Ransomware

Ransomware Cyber Attacks Hacking Cybersecurity

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

Sophos, with the help of other cybersecurity firms, government, and law enforcement agencies investigated the cyber attacks and attributed them multiple China-linked APT groups, such as Volt Typhoon , APT31 and APT41 / Winnti.

Firmware

Firmware Government Firewall Malware

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

NOVEMBER 12, 2024

In 2018, MyHeritage suffered a security incident which exposed the email addresses and hashed passwords of 92 million users. In 2020, Ancestry was acquired by investment firm Blackstone for $4.7 We don’t just report on threats—we remove them Cybersecurity risks should never spread beyond a headline.

Insurance

Insurance Accountability Risk Data breaches

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The threat actors attempted to exploit multiple vulnerabilities in DVRs, including CVE-2017-7921, CVE-2018-9995 , CVE-2020-25078, CVE-2021-33044 , and CVE-2021-36260. The FBI recommends limiting or isolating vulnerable devices, monitoring networks, and following cybersecurity best practices.

Architecture

Architecture Malware IoT Internet

Empowering Women in Cybersecurity: Insights from ISC2's Latest Study

SecureWorld News

APRIL 9, 2025

The cybersecurity landscape is witnessing a transformative shift, with an increasing number of women entering the field through non-traditional pathways. A recent study by ISC2 highlights this trend, revealing how diverse educational backgrounds and experiences are enriching the cybersecurity workforce.

Cybersecurity

Cybersecurity Education InfoSec Government

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. In March 2024, US CISA, the FBI, and MS-ISAC issued a joint cybersecurity advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Cybercrime

Cybercrime Ransomware Healthcare Hacking

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

As recalled in the French national cybersecurity agencys (ANSSI) Threat landscape for the healthcare sector, while such campaigns can sometimes be conducted opportunistically , they often allow threat groups to gain access to information systems that can be used later to conduct other offensive operations.”

Healthcare

Healthcare Ransomware VPN Malware

Crooks are reviving the Grandoreiro banking trojan

Security Affairs

MARCH 28, 2025

The Trojan has been active since 2016, it initially targeted Brazil but expanded to Mexico, Portugal, and Spain since 2020. The cybersecurity firm uncovered a Grandoreiro campaign targeting users in Mexico, Argentina, and Spain via phishing emails impersonating tax agencies.

Banking

Banking Phishing Malware Passwords

Authorities released free decryptor for Phobos and 8base ransomware

Security Affairs

JULY 18, 2025

In March 2024, US CISA, the FBI, and MS-ISAC issued a joint cybersecurity advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust. Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims.

Ransomware

Ransomware Encryption Malware Cybercrime

U.S. CISA adds JQuery flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

JANUARY 23, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds JQuery vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a JQuery persistent cross-site scripting (XSS) vulnerability, tracked as CVE-2020-11023 (CVSS score: 6.9)

Hacking

Hacking Cybersecurity Risk Information Security

HPE is notifying individuals affected by a December 2023 attack

Security Affairs

FEBRUARY 10, 2025

The attackers were collecting information on the cybersecurity division of the company and other functions. The group is known for the SolarWinds supply chain attack that in 2020 hit more than 18,000 customer organizations, including Microsoft. Securities and Exchange Commission (SEC). reads FORM8-K filing with the U.S.

Accountability

Accountability Passwords Marketing Cybersecurity

Sophos fixed critical vulnerabilities in its Firewall product

Security Affairs

DECEMBER 20, 2024

The cybersecurity firm states that the issue affects ~0.05% of devices. charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., The vulnerabilities impact Sophos Firewall v21.0

Firewall

Firewall Authentication Passwords Accountability

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs

OCTOBER 16, 2024

Despite their involvement in malicious cyber activity, aspects of these individuals’ private lives — such as family members, personal photos, and other personal information — deserve to be protected unless they are relevant to the investigation,” reported CrowdStrike.

Data breaches

Data breaches Media Cybercrime Accountability

U.S. CISA adds JQuery flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

JANUARY 23, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds JQuery vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a JQuery persistent cross-site scripting (XSS) vulnerability, tracked as CVE-2020-11023 (CVSS score: 6.9)

Hacking

Hacking Cybersecurity Risk Information Security

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., based Sophos Ltd.

Firewall

Firewall Hacking Malware Encryption

New York SHIELD Act: Everything You Need to Know for Compliance

Centraleyes

MARCH 3, 2025

Less than a decade ago, it was also a forerunner in privacy and cybersecurity regulation. The New York Department of Financial Services (DFS) Cybersecurity Regulation, introduced in 2017, was groundbreaking, setting a high bar for financial institutions. It emphasizes breach notifications and strong data security safeguards.

Data breaches

Data breaches Risk Financial Services Data privacy

Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 29, 2024

Pro-Russia group NoName targeted the websites of Italian airports North Korea actors use OtterCookie malware in Contagious Interview campaign Experts warn of a surge in activity associated FICORA and Kaiten botnets Palo Alto Networks fixed a high-severity PAN-OS flaw Brazilian citizen charged for threatening to release data stolen from a company in (..)

Spyware

Spyware IoT Malware Cybercrime

Using a Mythic agent to optimize penetration testing

SecureList

MAY 13, 2025

Being experts in systems security assessment and information security in general, we understand that a proactive approach always works better than simply responding to incidents that have already occurred. The feature was introduced and popularized in 2020 by the developers of the Cobalt Strike framework.

Penetration Testing

Penetration Testing Architecture Technology Encryption

U.S. warns of incoming cyber threats following Iran airstrikes

Security Affairs

JUNE 24, 2025

officials linked to a 2020 military commander’s death. “Iran also has a long-standing commitment to target US Government officials it views as responsible for the death of an Iranian military commander killed in January 2020. officials linked to a 2020 military commander. .” In January 2020, the U.S.

Cyber threats

Cyber threats Cyber Attacks Government Mobile

Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 13, 2025

CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog A member of the Scattered Spider cybercrime group pleads guilty The controversial case of the threat actor EncryptHub PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets EDR-as-a-Service (..)

Data breaches

Data breaches Cybercrime Hacking Ransomware

CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure

Security Affairs

JULY 1, 2025

cybersecurity and intelligence agencies warn of rising cyber threats from Iranian state-linked hackers, expected to escalate. Their campaign included hack-and-leak ops tied to Gaza protests, aiming to damage reputations, steal data, and erode trust in cybersecurity. officials linked to a 2020 military commander’s death.

Cyber threats

Cyber threats Cyber Attacks Passwords Internet

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

“Cyber incidents at NASA can affect national security, intellectual property, and individuals whose data could be lost or compromised. In cybersecurity, an attack vector is a path or means by which an attacker gains unauthorized access to a computer or network, for example, through email, websites, or external/removable media.

Information Security

Information Security Cyber Attacks Mobile Architecture

CVE-2020-15782 flaw in Siemens PLCs allows remote hack

Security Affairs

MAY 28, 2021

Industrial cybersecurity firm Claroty discovered a new flaw in Siemens PLCs that can be exploited by a remote and unauthenticated attacker to hack the devices. “An attacker could use this vulnerability, CVE-2020-15782, to remotely obtain read-write memory access that would be difficult to detect and remove.”

Hacking

Hacking Firmware Cybersecurity Engineering

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. This week the U.S.

Ransomware

Ransomware VPN Hacking Education

WhatsApp CVE-2020-1910 bug could have led to user data exposure

Security Affairs

SEPTEMBER 2, 2021

The now-fixed CVE-2020-1910 vulnerability in WhatApp ‘s image filter feature could have exposed user data to remote attackers. The flaw was discovered by Check Point experts on November 10, 2020, they discovered that the issue can allow attackers to crash WhatsApp by switching between various filters on the malicious GIF files.

Hacking

Hacking Engineering Mobile Information Security

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

Cybersecurity researchers 3xp0rt reported that a threat actor that goes online with the moniker ‘kapuchin0’ (and also uses the alias Gookee) has leaked the source code of the HelloKitty ransomware on the XSS forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime

Cybercrime Ransomware DDOS Encryption

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

billion in 2020 and will grow to $16.1 Yet, according to the study by the Ponemon Institute, the number of insider leaks has increased by 47 percent in 2020 compared to 2018. But they have more disadvantages than benefits if we talk about ensuring information security. billion by 2025. Yes, they are cheap to apply.

Marketing

Marketing Software Surveillance Information Security

Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys

Security Affairs

MARCH 3, 2021

Cybersecurity firm Qualys seems to have suffered a data breach, threat actors allegedly exploited zero-day flaw in their Accellion FTA server. Cybersecurity firm Qualys is the latest victim of a cyber attack, the company was likely hacked by threat actors that exploited a zero-day vulnerability in their Accellion FTA server.

Ransomware

Ransomware Cybersecurity Cyber Attacks Data breaches

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

DECEMBER 31, 2019

Related: Good to know about IoT Physical security is often a second thought when it comes to information security. Despite this, physical security must be implemented correctly to prevent attackers from gaining physical access and taking whatever they desire. Physical security is undoubtedly as important as cybersecurity.

Cyber Risk

Cyber Risk Risk Firewall Surveillance

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking

Hacking Ransomware Banking Accountability

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

An updated GAO report from earlier this year found some improvements, but the basic problem remained: “DOD is still learning how to contract for cybersecurity in weapon systems, and selected programs we reviewed have struggled to incorporate systems’ cybersecurity requirements into contracts.”

Software

Software Cybersecurity Backups Manufacturing

Cybersecurity Professionals to Newcomers: Focus on Vendor-Neutral Certifications

CyberSecurity Insiders

JULY 20, 2021

Cybersecurity professionals are far more likely to hold vendor-specific certificates than certifications from a vendor-neutral association or standards-based organization, according to the (ISC)² Cybersecurity Career Pursuers Study. This is a perspective that may be informed by their own lessons learned over the years.

Cybersecurity

Cybersecurity Education Software Engineering

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

The Last Watchdog

AUGUST 22, 2024

22, 2024, CyberNewsWire — INE Security , a global cybersecurity training and certification provider, recently launched initiatives with several higher education institutions in an ongoing campaign to invest in the education of aspiring cybersecurity professionals. Cary, NC, Aug.

Cybersecurity

Cybersecurity Education Cyber threats Data breaches

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

Chief Information Security Officers were already on the hot seat well before the COVID-19 global pandemic hit, and they are even more so today. In its 2020 fiscal year, ending March 31, Infosys reported revenue of $12.8 The same thing needs to be done when it comes to cybersecurity. Related: Why U.S. billion, with $7.8

CISO

CISO Cybersecurity Risk Digital transformation

Marriott's Breach Saga Underscores Need for Cybersecurity Review

SecureWorld News

OCTOBER 22, 2024

I think this settlement really underscores the need for a cybersecurity/forensic review when acquiring a company," said Richard Halm , Sr. The FTC launched an investigation into the breach, focusing on Marriott's cybersecurity practices and response to the incident. Attorney, Clark Hill PLC.

Cybersecurity

Cybersecurity Data breaches Risk Authentication

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

organizations since 2020. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. According to the French ANSSI cybersecurity agency, LockBit 3.0 law enforcement).

Ransomware

Ransomware Cybersecurity Government Education

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Why Discomfort Might Be the Ultimate Power Move for Cybersecurity Leaders

Trending Sources

Change Healthcare Breach Hits 100M Americans

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Can Cybersecurity Make You a Millionaire?

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

EU announced sanctions on three members of Russia’s GRU Unit 29155

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

A ransomware attack disrupted services at Pittsburgh Regional Transit

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

DNA testing company vanishes along with its customers’ genetic data

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Empowering Women in Cybersecurity: Insights from ISC2's Latest Study

Russian Phobos ransomware operator faces cybercrime charges

NailaoLocker ransomware targets EU healthcare-related entities

Crooks are reviving the Grandoreiro banking trojan

Authorities released free decryptor for Phobos and 8base ransomware

U.S. CISA adds JQuery flaw to its Known Exploited Vulnerabilities catalog

HPE is notifying individuals affected by a December 2023 attack

Sophos fixed critical vulnerabilities in its Firewall product

Brazil’s Polícia Federal arrested the notorious hacker USDoD

U.S. CISA adds JQuery flaw to its Known Exploited Vulnerabilities catalog

Chinese national charged for hacking thousands of Sophos firewalls

New York SHIELD Act: Everything You Need to Know for Compliance

Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION

Using a Mythic agent to optimize penetration testing

U.S. warns of incoming cyber threats following Iran airstrikes

Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION

CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure

NASA identified 1,785 cyber incidents in 2020

CVE-2020-15782 flaw in Siemens PLCs allows remote hack

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

WhatsApp CVE-2020-1910 bug could have led to user data exposure

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Vulnerabilities in Weapons Systems

Cybersecurity Professionals to Newcomers: Focus on Vendor-Neutral Certifications

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

Marriott's Breach Saga Underscores Need for Cybersecurity Review

Cybersecurity agencies published a joint LockBit ransomware advisory

Stay Connected