Security Affairs

APRIL 13, 2025

Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack. Unlike other extortion group, the gang doesnt encrypt data, but focuses on data theft to speed up its activity. Backups are insufficient; IPS is recommended for protection. Victims include AMD and Keralty.

Data breaches 130

Data breaches Unstructured Data Identity Theft Healthcare 130

Security Affairs

MARCH 10, 2025

Unlike other extortion group, the gang doesnt encrypt data, but focuses on data theft to speed up its activity. Backups are insufficient; IPS is recommended for protection. healthcare providers surged in 2024, with 98 attacks compromising 117 million records. Victims include AMD and Keralty. Ransomware attacks on U.S.

Hacking 118

Hacking Healthcare Backups Ransomware 118

Security Affairs

OCTOBER 20, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 119

Data breaches Cybercrime Cyber Insurance Marketing 119

Malwarebytes

JANUARY 6, 2025

This ransomware is known for employing double extortion tactics, which means they encrypt victims’ data while also threatening to release sensitive information unless a ransom is paid. And since the backups that were made by a third party turned out to be incomplete, they were also unable to inform affected patients.

Data breaches 145

Data breaches Ransomware Passwords Insurance 145

Krebs on Security

DECEMBER 18, 2024

On the evening of May 15, 2024, Tony was putting his three- and one-year-old boys to bed when he received a message from Google about an account security issue, followed by a phone call from a “Daniel Alexander” at Google who said his account was compromised by hackers. Nevertheless, Soundcloud removed the audio file.

Cryptocurrency 363

Cryptocurrency Accountability Authentication Phishing 363

SecureWorld News

JANUARY 16, 2025

Develop backup and recovery plans: Data recovery plans are essential to mitigate the impact of cyber incidents. Hackers used compromised credentials to gain access to Colonial Pipeline's network, deploying ransomware that encrypted critical systems. Companies must monitor these changes and ensure compliance to avoid legal penalties.

Energy and Utilities 109

Energy and Utilities IoT Artificial Intelligence Backups 109

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. Source Nation Thailand The gang compromised at least 17 Swiss companies using the Phobos ransomware between April 2023 and October 2024.

Ransomware 73

Ransomware Encryption Backups Malware 73

eSecurity Planet

MAY 25, 2022

Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms.

Encryption 138

Encryption Computers and Electronics Password Management Passwords 138

SecureWorld News

NOVEMBER 14, 2024

Ransomware attacks on healthcare organizations have sharply increased in 2024, as shown by recent research from Safety Detectives. Escalating Frequency and Impact: Healthcare services have become one of the most targeted industries, moving from the fifth most attacked sector in 2023 to third in 2024.

Healthcare 119

Healthcare Ransomware Identity Theft Data breaches 119

Security Affairs

OCTOBER 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 118

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 118

SecureList

MAY 8, 2024

It utilizes customizable attack vectors, including deceptive tactics like a fake Windows Update screen displayed to mask the file encryption process, and employs security measures for testing purposes, such as checking for “Vaccine.txt” before executing.

Ransomware 129

Ransomware Encryption Small Business Cybersecurity 129

Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. In our Q3 2024 ransomware report , we predicted activity would reach its peak in the last quarter of the year.

Ransomware 126

Ransomware Social Engineering Phishing Manufacturing 126

SecureList

DECEMBER 23, 2024

We’re shedding light on a previously undocumented toolset, which the group used heavily in 2024. Below, we use a sample seen in September 2024 as a case study to examine each stage of a Cloud Atlas attack that employs the new toolkit. dat Encrypted VBShower backdoor AppCache028732611605321388.log:AppCache0287326116053213889292.vbs

Encryption 135

Encryption Penetration Testing Malware Phishing 135

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. Top Techniques: A Closer Look Phishing Techniques: The Evergreen Threat in Cybersecurity Initial access methods were the most common MITRE ATT&CK techniques between May and July 2024.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Security Affairs

MARCH 13, 2025

Notably, they target CVE-2024-1709 (ScreenConnect authentication bypass) and CVE-2023-48788 (Fortinet EMS SQL injection) to infiltrate systems. Medusa operators leverage legitimate remote access tools like AnyDesk, Atera, and Splashtop, alongside RDP and PsExec, to move laterally and locate files for exfiltration and encryption.

Ransomware 71

Ransomware Encryption Cryptocurrency Insurance 71

Malwarebytes

MAY 1, 2025

In 2024, Malwarebytes found more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report.Disguised as apps such as TikTok, Spotify, and WhatsApp, these Android apps can trick victims into handing over their associated usernames and passwords when asking them to login. Create offsite, offline backups.

Small Business 110

Small Business Cybersecurity Scams Passwords 110

Security Affairs

AUGUST 14, 2024

According to the data breach notification letter shared with Maine’s Attornet General Office , on March 2, 2024, the company observed the disruption of access to certain IT systems. The investigation revealed that threat actors breached the organization’s network on or about February 22, 2024.

Data breaches 131

Data breaches Identity Theft Encryption Ransomware 131

SecureList

JANUARY 17, 2025

Besides metadata in plaintext, they also contain encrypted data, which the diagnostic tool uses its shared libraries to decrypt. CVE-2024-37600 (MoCCA) The “servicebroker” service is a part of a DSI framework, which is used in MoCCA. The backup contains XML files and binary files. In general, *.bin bin files. *.CFF

Backups 123

Backups Architecture Firmware Software 123

Digital Shadows

OCTOBER 14, 2024

in Q3 2024 compared to the previous quarter but remains 1.5% Meow” took fourth place in Q3 2024, shifting its tactics from data encryption to selling stolen data on cybercriminal forums and its own data-leak site. In the short term, we expect a gradual increase in ransomware incidents, peaking by Q4 2024.

Ransomware 94

Ransomware Social Engineering Insurance Cyber Insurance 94

Webroot

APRIL 11, 2025

According to the IRS, almost 300,000 cases of identity theft were reported in 2024, leading to $5.5 Back up your tax records: Make digital and physical backups of your tax documents. Store electronic copies in an encrypted cloud storage service and keep printed copies in a secure location. billion in tax fraud.

Scams 65

Scams Identity Theft Backups Phishing 65

Security Boulevard

OCTOBER 24, 2024

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 madhav Fri, 10/25/2024 - 06:09 The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.

Financial Services 72

Financial Services Cybersecurity CISO Backups 72

Security Affairs

JUNE 22, 2024

RansomHub ransomware operation relies on a new Linux version of the encrypted to target VMware ESXi environments. Although RansomHub only emerged in February 2024, it has rapidly grown and has become the fourth most prolific ransomware operator over the past three months based on the number of publicly claimed attacks.

Ransomware 141

Ransomware Encryption Backups Malware 141

Troy Hunt

FEBRUARY 4, 2024

And the 2FA backup code? Thinking that would also be exactly what it looked like, I'd screen grabbed it when enabling 2FA: Now, using the same bcrypt hash checker as I did for the password, here's what I found: What I just don't get is if you're going to return the 2FA secret anyway, why bother bcrypting the backup code?

Passwords 364

Passwords Accountability Backups Data breaches 364

SecureList

JUNE 3, 2024

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. The common methods for analyzing an iOS mobile infection are either to examine an encrypted full iOS backup or to analyze the network traffic of the affected device.

Banking 117

Banking Malware Computers and Electronics Mobile 117

eSecurity Planet

SEPTEMBER 3, 2024

It consolidates your passwords into a single, encrypted vault. Your information is encrypted with 256-bit AES encryption and stored on Dashlane’s servers, making it nearly impossible for outsiders to decrypt. For a deeper dive into Dashlane’s features and performance, check out this detailed Dashlane review for 2024.

Password Management 104

Password Management Passwords Encryption VPN 104

SecureWorld News

MAY 2, 2025

billion in 2024 and is projected to reach $82.90 billion by 2033 signals a nearly fourfold increase from 2024. Attackers are not only encrypting data but also engaging in "double extortion," stealing sensitive patient information to demand higher ransoms. billion by 2033, at a robust 18.55% CAGR.

Healthcare 101

Healthcare Marketing Cybersecurity CISO 101

Security Affairs

FEBRUARY 13, 2024

The attack took place on February 11 and encrypted data in the production servers. “During the night of February 11 to 12, 2024, a massive cyber ransomware attack took place on the production servers on which the HIS IT system runs. As a result of the attack, the system is down, files and databases are encrypted.”

Ransomware 141

Ransomware Backups Encryption Healthcare 141

Security Affairs

APRIL 28, 2024

Another severe issue is related to the presence of Hardcoded Docker Keys tracked as CVE-2024-29963 (CVSS score of 8.6). The patches were released in April 2024, 19 months after Brocade firstly rejected the vulnerabilities and 11 months after Brocade acknowledged the vulnerabilities. Brocade SANnav OVA before v2.3.1,

Firewall 126

Firewall Authentication Backups Architecture 126

Thales Cloud Protection & Licensing

JANUARY 13, 2025

Robust Encryption Strategies and Pseudonymization Robust encryption strategies and pseudonymization are crucial for protecting sensitive data and meeting data sovereignty requirements. Encryption ensures data is securely stored and transmitted, safeguarding it from unauthorized access or breaches.

Cloud Migration 62

Cloud Migration Encryption Backups Government 62

Malwarebytes

APRIL 22, 2024

Turning back the clock on encryption: How to perform ransomware backups in one-click ThreatDown earns highest ratings across EDR and MDR categories in G2 Spring 2024 results K-12 district hit with $500k Medusa ransomware attack FakeBat campaign continues, now also targeting VMware users Stay safe! Giant Tiger breach sees 2.8

Backups 108

Backups Scams Ransomware Encryption 108

eSecurity Planet

JULY 8, 2022

The NIST contest began in 2016, with the goal of improving general encryption and digital signatures. The four new security standards selected by NIST will become part of a quantum-safe cryptography standard released as soon as 2024. Also read: Encryption: How It Works, Types, and the Quantum Future.

Encryption 138

Encryption Technology Artificial Intelligence Backups 138

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Ransomware & Data Theft Organizations worldwide continue to feel the pain of ransomware attacks, although many ransomware gangs may be shifting to extortion over data theft instead of encrypted data.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Ransomware 121

eSecurity Planet

AUGUST 7, 2024

It covers encryption, identity and access management, network segmentation, and intrusion detection systems. Presentation layer: Utilizes encryption and data formatting standards to ensure data confidentiality and integrity throughout processing and storage. Ensure that data is encrypted both in transit and at rest.

Architecture 104

Architecture DDOS Encryption Data breaches 104

Responsible Cyber

NOVEMBER 17, 2024

The first quarter of 2024 has already witnessed several devastating cyber attacks through third-party vendors, affecting industry giants like Microsoft, UnitedHealth Group, and American Express. billion by Q3 2024. These data breaches highlight significant vulnerabilities in vendor relationships and supply chain security.

Data breaches 98

Data breaches Healthcare Social Engineering Financial Services 98

Security Boulevard

JANUARY 14, 2025

Robust Encryption Strategies and Pseudonymization Robust encryption strategies and pseudonymization are crucial for protecting sensitive data and meeting data sovereignty requirements. Encryption ensures data is securely stored and transmitted, safeguarding it from unauthorized access or breaches.

Cloud Migration 59

Cloud Migration Encryption Backups Government 59

SecureList

JANUARY 31, 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. 1 scourge of industrial enterprises in 2024. However, they can learn to mitigate the impact more effectively (for example, through better securing the most confidential data, and with proper backup and incident response plans).

Ransomware 112

Ransomware Energy and Utilities Marketing Backups 112

Security Affairs

AUGUST 6, 2024

Ransomware attacks are the most significant risk for modern organizations, with the Verizon Data Breach Report 2024 reporting that ransomware is a top threat across 92% of industries. Ransomware is a type of malicious software or malware that cybercriminals use to encrypt a victim’s data or lock them out of their system.

Ransomware 133

Ransomware Healthcare Backups Risk 133