Security Affairs

APRIL 17, 2025

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Encryption 119

Encryption Government Malware Hacking 119

Centraleyes

DECEMBER 16, 2024

By 2027, 75% of employees are expected to acquire or modify technology outside of ITs control, up from 41% in 2022. Expect to see more investments in privacy-enhancing technologies (PETs) such as encryption, anonymization, and data masking. In 2025, more attention will be given to developing quantum-resistant encryption techniques.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Risk 98

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. and Swiss governments sought the suspects, and Switzerland has requested their extradition. Both the U.S.

Ransomware 75

Ransomware Encryption Backups Malware 75

Malwarebytes

MAY 8, 2025

The purpose was to gain access to the messages on those devices, which were typically used by attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials. However, the jury awarded Meta $444,719 in compensatory damages and $167,254,000 in punitive damages.

Spyware 122

Spyware Hacking Surveillance Government 122

SecureList

NOVEMBER 29, 2024

Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations. Two months later, in July 2024, CloudSorcerer launched further attacks against Russian government organizations and IT companies.

Energy and Utilities 98

Energy and Utilities Ransomware Malware Government 98

SecureList

NOVEMBER 28, 2024

The most remarkable findings In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. The secure USB drive was developed by a government entity in Southeast Asia to securely store and transfer files between machines in sensitive environments.

Malware 113

Malware Government Software Spyware 113

SecureList

DECEMBER 12, 2024

Their targets are usually high-profile organizations, such as governments, diplomatic entities and research institutions. Specifically, we observed one of these attacks targeting an organization in Latin America in 2022. However, unlike in 2022, the adversary did not use scheduled tasks to do that.

Malware 105

Malware Media Encryption Authentication 105

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

To address these challenges, the European Union introduced the Digital Operational Resilience Act (DORA) in 2022, designed to ensure that financial entities can withstand and recover from cyber threats while maintaining operational continuity. Then combine with deployment of classic encryption and tokenization.

Encryption 62

Encryption Risk Data privacy Technology 62

SecureList

MAY 28, 2025

Introduction Zanubis is a banking Trojan for Android that emerged in mid-2022. The threat actors behind Zanubis continue to refine its code adding features, switching between encryption algorithms, shifting targets, and tweaking social engineering techniques to accelerate infection rates.

Banking 98

Banking Malware Encryption Energy and Utilities 98

Security Affairs

MARCH 13, 2025

Cyber attacks conducted by the APT37 group mainly targeted government, defense, military,and media organizations in South Korea. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence.

Spyware 83

Spyware Surveillance Encryption Malware 83

SecureList

APRIL 23, 2025

In the South Korean internet environment, the online banking and government websites require the installation of particular security software to support functions such as anti-keylogging and certificate-based digital signatures. The malware receives an RSA public key from the C2 and encrypts a randomly generated AES key using the public key.

Malware 139

Malware Software Encryption Internet 139

Security Boulevard

FEBRUARY 14, 2025

government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks. American Scientist) Quantum and the Threat to Encryption (SecurityWeek) Quantum Computing Advances in 2024 Put Security In Spotlight (Dark Reading) Quantum computing could threaten cybersecurity measures.

Banking 63

Banking Cybercrime Cybersecurity Ransomware 63

Security Boulevard

JUNE 4, 2025

This worry is felt across various sectors, as 87% of organizations acknowledge their unease about data governance and/or data exposure issues resulting specifically from insecure APIs. PayPal: In late 2022, cybercriminals exploited weaknesses in PayPal's systems, potentially involving API vulnerabilities.

Data breaches 59

Data breaches Government Telecommunications Wireless 59

Malwarebytes

MAY 1, 2025

The attack was largely reminiscent of a 2022 YouTube account hack that repurposed a 2018 interview with Apple CEO Tim Cook to fool viewers into following a separate cryptocurrency scam. Prevent intrusions and stop malicious encryption. Both incidents reveal the real threat to small businesses everywhere.

Small Business 88

Small Business Cybersecurity Scams Passwords 88

SecureList

DECEMBER 18, 2024

Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. 35:4444 Impact To cause damage to victims, the group encrypts their infrastructure. activity we see it in usernames, ransom notes, encrypted file extensions and group-related merchandise. In the majority of C.A.S

Encryption 83

Encryption Passwords Accountability Ransomware 83

Centraleyes

MARCH 13, 2025

Encryption Sensitive data must be encrypted, whether in transit or at rest. Saying it Like it Is: Encryption sounds intimidating, but with modern tools, its more accessible than ever. NYDFS proposed amendments to the cybersecurity regulation in late 2022 to address the evolving threat landscape.

Cybersecurity 52

Cybersecurity Financial Services Risk Encryption 52

SecureWorld News

JULY 21, 2025

Against this backdrop, Microsoft recently launched its European Security Program (ESP) , a comprehensive cybersecurity initiative aimed at supporting European governments against increasingly sophisticated cyber threats, particularly those powered by artificial intelligence. government and many European states. based tech giant.

Cybersecurity 70

Cybersecurity Technology Cybercrime Cyber threats 70

Security Affairs

DECEMBER 11, 2024

The malware stole data and encrypted files to block remediation attempts. “The malware that exploited the vulnerability discovered by Guan was designed to steal information from infected computers and to encrypt files on them if a victim attempted to remediate the infection. ” reads the press release published by DoJ.

Firewall 80

Firewall Hacking Malware Passwords 80

SecureList

OCTOBER 15, 2024

Its primary targets have been military and government entities in Pakistan, Sri Lanka, China and Nepal. APP_DLL_URL URL used to download the encrypted payload. The library acts as a loader that retrieves an encrypted payload dropped by ModuleInstaller, decrypts it and loads it in memory.

Malware 140

Malware Architecture Encryption Phishing 140

SecureWorld News

DECEMBER 27, 2024

Greater Collaboration Between Governments and the Private Sector: Initiatives to share threat intelligence will strengthen, fostering a collective defense strategy against increasingly sophisticated cyber adversaries. AI Governance Across Supply Chains: U.S.-based Major AI-Driven Cyberattack in the U.S.:

Cybersecurity 123

Cybersecurity CISO Risk Government 123

Security Affairs

FEBRUARY 22, 2025

Apple removed iClouds Advanced Data Protection in the UK after the government requested encryption backdoor access. Apple ends iCloud end-to-end encryption in the United Kingdom following the government’s request for encryption backdoor access. Advanced Data Protection is now unavailable for new UK users.

Encryption 116

Encryption Backups Government Surveillance 116

Webroot

OCTOBER 31, 2024

A pivotal moment came when the FBI obtained over 7,000 decryption keys, allowing victims to unlock their encrypted data for free. Despite these setbacks, LockBit attempted to maintain its operations, quickly adapting by changing encryption methods and shifting its leak site strategy.

Malware 117

Malware Ransomware Healthcare Passwords 117

Krebs on Security

APRIL 14, 2025

The extraordinary April 9 memo directs the attorney general to investigate Chris Krebs (no relation), calling him “a significant bad-faith actor who weaponized and abused his government authority.” ” CISA was created in 2018 during Trump’s first term, with Krebs installed as its first director.

Government 281

Government Cybersecurity Risk Telecommunications 281

SecureWorld News

MAY 19, 2025

Governments and private companies alike, from SpaceX's Starlink to Amazon's Project Kuiper, are planning thousands of new satellites , locked in a race to deploy constellations that underpin global communications, navigation, earth observation, and security. Things changed in the 90s, with the rise of things like satellite television.

Cybersecurity 106

Cybersecurity Architecture Cyber Risk Risk 106

Security Affairs

JULY 21, 2025

The group’s victims are mainly in the telecommunications, government (IT services), and oil sectors. In January 2022, US Cyber Command (USCYBERCOM) officially linked the MuddyWater APT group to Iran’s Ministry of Intelligence and Security (MOIS). One fake VPN app posed as Starlink, likely exploiting recent interest.

Spyware 72

Spyware Telecommunications Surveillance VPN 72

Schneier on Security

JANUARY 21, 2022

Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.

Surveillance 361

Surveillance Encryption Wireless Government 361

eSecurity Planet

AUGUST 4, 2022

It’s been a couple of decades since data tapes delivered by trucks made encryption a standard enterprise cybersecurity practice. Yet even as technology has changed, sending and receiving data remains a major vulnerability, ensuring encryption’s place as a foundational security practice. What is Encryption?

Encryption 130

Encryption Software Computers and Electronics Technology 130

Joseph Steinberg

JULY 20, 2022

There is little doubt that quantum computing will ultimately undermine the security of most of today’s encryption systems , and, thereby, render vulnerable to exposure nearly every piece of data that is presently protected through the use of encryption. Such an attitude is not alarmist – it is reality, whether we like it or not.

Risk 338

Risk Encryption Government Backups 338

Anton on Security

MARCH 3, 2022

2020 Anton’s Security Blog Quarterly Q1 2022 was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

Cloud Migration 189

Cloud Migration Threat Detection Encryption Engineering 189

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. A graphic depicting how 0ktapus leveraged one victim to attack another.

Social Engineering 363

Social Engineering Cybercrime Mobile Phishing 363

Security Affairs

JANUARY 2, 2023

In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. Below are the attacks reported by Emsisoft: 105 local governments. ” The ransomware attack against local governments resulted in data theft in at least 27 of the 105 incidents (26 percent).

Government 98

Government Ransomware Healthcare Data breaches 98

SecureList

MAY 16, 2023

Download the full version of the report (PDF) Kaspersky Incident Response in various regions and industries In 2022, 45.9% From an industry perspective, we offered help to government (19.39%), financial (18.37%), and industrial (17.35%) organizations most frequently. cases the reported incidents were related to ransomware attacks.

Ransomware 137

Ransomware Encryption Security Awareness Authentication 137

Krebs on Security

DECEMBER 29, 2022

Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Review review below.

Cryptocurrency 334

Cryptocurrency Cybercrime Computers and Electronics Scams 334

SecureList

OCTOBER 31, 2022

In March 2022, we observed a Microsoft Word file that was used as the infection vector in some attacks. In June of the same year, a SFX file was discovered targeting the Japanese government or related organizations using a decoy file with Japanese content, as well as utilizing the name of a famous Japanese politician in the filename.

Malware 145

Malware Encryption Media Phishing 145

Security Affairs

SEPTEMBER 10, 2022

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks researchers reported that China-linked APT group BRONZE PRESIDENT conducted a new campaign aimed at government officials in Europe, the Middle East, and South America with the PlugX malware.

Government 133

Government Malware Encryption Hacking 133

SecureList

NOVEMBER 23, 2021

Global connectivity underpins the most basic functions of our society, such as logistics, government services and banking. Governments in many countries push for easier identification of Internet users to fight cybercrime, as well as “traditional” crime coordinated online. What will be the consequences of these processes?

Government 122

Government Internet Internet Technology 122

Hacker Combat

MAY 10, 2022

Individuals, corporations, governments, and critical infrastructure are potential cyber-attack targets. A researcher has demonstrated how a vulnerability common to several ransomware families can help take control of the malware and stop it from encrypting files on infected devices. Phishing emails are one way to do it.

Encryption 132

Encryption Ransomware Malware Cyber Attacks 132