Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 92

Password Management Cryptocurrency Passwords Data breaches 92

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Later, in November 2022, most of the devices composing the botnet were ProSAFE devices, and a smaller number of DrayTek routers.

VPN 128

VPN Government Malware Manufacturing 128

Security Affairs

OCTOBER 19, 2024

The researchers pointed out that despite IE’s end of support in June 2022, the vulnerability still impacted certain Windows applications. Microsoft ended its support for IE in June 2022. Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea.

Internet 144

Internet Internet Engineering Malware 144

Security Affairs

NOVEMBER 25, 2024

He is expected to warn about the activity conducted by Russia’s GRU Unit 29155 , which the UK government accuses of conducting several attacks across the UK and Europe. McFadden will also warn of cyber attacks carried out by “unofficial hacktivists ” linked to the Russian government. ” reported BBC.

Cyber Attacks 120

Cyber Attacks Government Hacking Cyber threats 120

Security Affairs

JANUARY 28, 2025

The EU sanctioned three members of Russia’s GRU Unit 29155 for cyberattacks on Estonia’s government agencies in 2020. ” Nikolay Korchagin, an officer of Russias GRU Unit 29155, was involved in unauthorized access to multiple institutions’ computer systems to collect sensitive information.

Cyber Attacks 95

Cyber Attacks Government Healthcare Financial Services 95

Security Affairs

DECEMBER 18, 2024

In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware.

Phishing 111

Phishing Government Firewall VPN 111

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. “Microsoft Windows exploitation continued to increase, climbing from 13 zero-days in 2022, to 16 in 2023, to 22 in 2024.” According to the report, most attacks targeted security and network software.

Surveillance 113

Surveillance Mobile Software Hacking 113

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 119

Cyber Attacks Hacking Government Malware 119

Security Affairs

FEBRUARY 27, 2025

. “The timing of the attack was especially unfortunate, as we were in the midst of a major recruitment drive following the previous government’s decision to almost double our workforce,” an anonymous intelligence source told Le Soir. Earliest identified evidence of exploitation of CVE-2023-2868 is currently October 2022.

Malware 76

Malware Hacking Government Phishing 76

Security Affairs

DECEMBER 17, 2024

” The Remote Access Trojan (RAT) has been active since July 2022. One of these virtual private servers was exclusively employed in attacks against entities across Taiwan, including commercial firms and at least one municipal government organization. Another VPS node was used to target a U.S.

Architecture 113

Architecture Malware Internet Internet 113

Security Affairs

FEBRUARY 17, 2025

Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions. In 2022, a Russian cybercriminal purchased IP addresses from Zservers, almost certainly for use as Lockbit chat servers to discuss ransomware operations. ” reads the announcement published by the US Treasury.

Cybercrime 76

Cybercrime Ransomware Hacking Advertising 76

Security Affairs

MARCH 20, 2025

The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. In March 2025, threat actors distributed archived messages through Signal. The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ).

Computers and Electronics 112

Computers and Electronics Telecommunications Malware Surveillance 112

Security Affairs

APRIL 17, 2025

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Encryption 120

Encryption Government Malware Hacking 120

SecureList

FEBRUARY 20, 2025

Kaspersky MDR customers by region Distribution of incidents by industry In 2024, the MDR team observed the highest number of incidents in the industrial (25.7%), financial (14.1%), and government (11.7%) sectors. in government, 17.8% However, if we consider only high-severity incidents, the distribution is somewhat different: 22.8%

Social Engineering 100

Social Engineering Phishing Government Threat Detection 100

Security Affairs

OCTOBER 23, 2024

Here, Data Security Posture Management (DSPM) comes into play– an essential solution for addressing evolving data security and privacy requirements. What is Data Security Posture Management? Consequently, organizations face various security, governance, privacy, and compliance risks.

Data privacy 131

Data privacy Unstructured Data Risk Data breaches 131

Security Affairs

JUNE 6, 2025

The bounty is part of the US DoS’s Rewards for Justice program , which offers payouts for tips on foreign government hackers targeting U.S. After Russia’s invasion of Ukraine in February 2022, Rudometov reportedly fled to Krasnodar, Russia. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).”

Malware 89

Malware Passwords Identity Theft Government 89

Security Affairs

NOVEMBER 18, 2024

government surveillance. Amazon: €746 Million ($781 Million), 2021 In 2021, Amazon received a hefty fine for failing to secure proper consent for advertising cookies. Instagram: €405 Million ($427 Million), 2022 Instagram was fined for violating privacy rules concerning children’s data. After the invalidation of the EU-U.S.

Data privacy 133

Data privacy Risk Surveillance Government 133

Security Affairs

APRIL 30, 2025

PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978 , Tropical Scorpius , UNC2596 ), used RomCom RAT and Hancitor since 2019 to target critical infrastructure, governments, and NATO-linked entities.

Encryption 106

Encryption Ransomware Malware Phishing 106

Security Affairs

MAY 21, 2025

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Technology 81

Technology Malware Phishing Government 81

Security Affairs

MARCH 12, 2025

In 2023, the APT group targeted multiple government organizations using the Fortinet zero-day CVE-2022-41328 to deploy custom backdoors. UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits.

Telecommunications 71

Telecommunications Malware DDOS Technology 71

Security Affairs

JULY 18, 2025

Based on information from open sources, government experts linked multiple Phobos ransomware variants to Phobos intrusions due to observed similarities in Tactics, Techniques, and Procedures (TTPs). Phobos operation uses a ransomware-as-a-service (RaaS) model, it has been active since May 2019.

Ransomware 133

Ransomware Encryption Malware Cybercrime 133

Security Boulevard

FEBRUARY 14, 2025

government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks. Source: 138 webinar attendees polled by Tenable, February 2025) Interested in learning how Tenables security team uses Tenable Cloud Security to safeguard our cloud environments?

Banking 63

Banking Cybercrime Cybersecurity Ransomware 63

Security Affairs

JANUARY 10, 2025

MirrorFacewas first spotted by ESET in 2022, targeting Japanese political entities ahead of elections. Between 2019 and 2024, the MirrorFace group launched three cyber campaigns targeting Japanese think tanks, government, academia, and key industries.

Antivirus 81

Antivirus Malware System Administration Technology 81

Security Affairs

FEBRUARY 11, 2025

and Swiss governments sought the suspects, and Switzerland has requested their extradition. The 8Base ransomware group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. Both the U.S.

Ransomware 76

Ransomware Encryption Backups Malware 76

Security Affairs

MARCH 14, 2025

The ransomware gang and its affiliates targeted hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024.

Ransomware 69

Ransomware Cryptocurrency Small Business Malware 69

BH Consulting

OCTOBER 24, 2024

Companies can get up to €3,000 in funding for the initial review, funded by Enterprise Ireland, followed by up to €60,000 for remediation, funded by the National Cyber Security Centre. billion to the Irish economy over the last year, as the number of active companies increased by 9 per cent since 2022.

Social Engineering 69

Social Engineering Passwords Cybersecurity Ransomware 69

Security Affairs

MAY 8, 2025

The platforms were used to carry out thousands of attacks against multiple organizations, including schools, government services, businesses, and gaming platforms, between 2022 and 2025. “ Stresser/booter services are online platforms that offer Distributed Denial of Service (DDoS) attacks as a paid service.

DDOS 92

DDOS Marketing Government Hacking 92

Security Affairs

DECEMBER 5, 2024

Since November 2022, Secret Blizzard was observed compromising Storm-0156’s infrastructure, deploying backdoors and tools to virtual private servers used for data exfiltration. ” reads the report published by Microsoft. The initial access method remains unclear.

Penetration Testing 121

Penetration Testing Hacking Government Network Security 121

Security Affairs

MAY 28, 2025

The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on its critical infrastructure. The Czech government strongly condemned China after the cyber espionage group APT31 was linked to a cyberattack targeting the nations critical infrastructure.

Government 73

Government Hacking Technology Malware 73

Security Affairs

MARCH 13, 2025

Cyber attacks conducted by the APT37 group mainly targeted government, defense, military,and media organizations in South Korea. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence.

Spyware 84

Spyware Surveillance Encryption Malware 84

Security Affairs

JUNE 30, 2025

Canada bans Hikvision over national security concerns, ordering the company to stop operations and barring its tech from government use. Canada ordered Chinese surveillance firm Hikvision to cease all operations in the country, citing national security concerns. The government has determined that Hikvision Canada Inc.’s

Surveillance 78

Surveillance Government Manufacturing Technology 78

Centraleyes

MARCH 13, 2025

NYDFS proposed amendments to the cybersecurity regulation in late 2022 to address the evolving threat landscape. Enhanced Governance Requirements Entities must appoint a qualified Chief Information Security Officer (CISO) with a direct reporting line to the board of directors. These changes took effect in 2024.

Cybersecurity 52

Cybersecurity Financial Services Risk Encryption 52

Security Affairs

DECEMBER 11, 2024

Sophos, with the help of other cybersecurity firms, government, and law enforcement agencies investigated the cyber attacks and attributed them multiple China-linked APT groups, such as Volt Typhoon , APT31 and APT41 / Winnti. critical infrastructure on behalf of foreign governments. reads the report published by Sophos.

Firewall 81

Firewall Hacking Malware Passwords 81

SecureList

DECEMBER 18, 2024

Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. To implement effective anti-attack measures, it is vital to perform regular testing, updating and integration of security systems. Besides data theft, its goal is to inflict maximum damage, including reputational.

Encryption 83

Encryption Passwords Accountability Ransomware 83

SecureWorld News

MAY 12, 2025

Staff Recommendation: Support SB 44 - Neural data and brain-computer interfaces SB 44 amends the CCPA to govern the collection and use of neural data by brain-computer interface technology. Thus, the dissemination or disclosure of additional information may lead to a different outcome on standing. 'In Prudential Financial Inc.

Retail 95

Retail Advertising Manufacturing Technology 95

SecureWorld News

MARCH 4, 2025

Trey Ford, Bugcrowd's Chief Information Security Officer, pointed out that pausing cyber operations is more than just an administrative decisionit disrupts ongoing intelligence gathering efforts. Before Russia's full-scale invasion in 2022, Cyber Command deployed "hunt forward" teams to Kyiv to help strengthen Ukraine's cyber defenses.

Cyber threats 131

Cyber threats Government Risk Cybersecurity 131

Security Affairs

MARCH 11, 2025

In the 2022 attacks, the threat actors also targeted departments of Foreign Affairs, Scientific and Defence organisations, Aviation, IT industry, and Legal firms. ” Most detected bait documents focused on government and diplomatic matters, though some covered generic topics like car rentals, real estate, and freelance job offers.

Malware 73

Malware Government Phishing Hacking 73