Accountability, Document, Encryption and Information Security

Former NSA employee pleads guilty to attempted selling classified documents to Russia

Security Affairs

OCTOBER 24, 2023

The ex-NSA employee had Top Secret clearance that give him access to top secret documents. All three documents from which the excerpts were taken contain NDI, are classified as Top Secret//Sensitive Compartmented Information (SCI) and were obtained by Dalke during his employment with the NSA.”

Encryption

Encryption Hacking Accountability Information Security

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

Security Affairs

MAY 29, 2023

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and.rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials.

Encryption

Encryption Phishing Accountability Authentication

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

The malware landing page is disguised as a software download URL that was sent via email or a PDF on Google Drive, or via Google documents containing the phishing links. The researchers identified around 15,000 actor accounts, most of which were created for this campaign. ” reads the analysis published by Google TAG.

Accountability

Accountability Malware Phishing Social Engineering

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

Coldriver threat group targets high-ranking officials to obtain credentials

Malwarebytes

JANUARY 22, 2024

The group uses social engineering techniques to persuade their targets to open documents or download malware. In December 2023, the US charged two Russians believed to be members of this group, for their role in a campaign that hacked government accounts. YARA rule YARA is a tool that can identify files that meet certain conditions.

Social Engineering

Social Engineering Government Media DNS

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. It’s a surreal experience, paging through hundreds of top-secret NSA documents. I didn’t know either of them, but I have been writing about cryptography, security, and privacy for decades.

Surveillance

Surveillance Computers and Electronics Encryption Government

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Security Affairs

FEBRUARY 12, 2024

Public Wi-Fi users are prime targets for MITM attacks because the information they send is often not encrypted, meaning it’s easy for hackers to access your data. They might even lock you out of your own accounts by resetting your passwords. Once they’re in, they can grab your emails, usernames, passwords, and more.

DNS

DNS VPN Encryption Passwords

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware

Ransomware Encryption Backups Manufacturing

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Mandiant concluded that the 3CX attack was orchestrated by the North Korean state-sponsored hacking group known as Lazarus , a determination that was independently reached earlier by researchers at Kaspersky Lab and Elastic Security. The malware was found inside of a document that offered an employment contract at the multinational bank HSBC.

Malware

Malware Software Technology Accountability

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. What’s more, Syrén seemed to downplay the severity of the exposure.

Hacking

Hacking Ransomware Banking Accountability

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Security Affairs

JUNE 17, 2022

Experts discovered a feature in Microsoft 365 suite that could be abused to encrypt files stored on SharePoint and OneDrive and target cloud infrastructure. Researchers from Proofpoint reported that a feature in the in Microsoft 365 suite could be abused to encrypt files stored on SharePoint and OneDrive.

Encryption

Encryption Backups Ransomware Accountability

Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update

Security Affairs

OCTOBER 20, 2022

The backdoor spreads via weaponized Word documents (“ Apply Form.docm.”) The malicious document was uploaded from Jordan on August 25, 2022. . Upon opening the document and enabling the embedded macro, a PowerShell script is dropped on the victim’s machine. . The command is encrypted using AES-256 CBC.

Encryption

Encryption Phishing Hacking Cybersecurity

Saudi Ministry exposed sensitive data for 15 months

Security Affairs

JANUARY 8, 2024

file exposed information that attackers could employ for lateral movement within the ministry’s systems, potentially escalating to anything from account takeover to a ransomware attack. file leaked several types of database credentials, mail credentials, and data encryption keys. Meanwhile, the now-closed MIM’s env.

Government

Government Identity Theft Social Engineering Encryption

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

“On September 30, 2023, OVT became aware of a security incident that resulted in the encryption of certain OVT systems by an unauthorized third party. As proof of the data breach, the extortion group published data samples, including passport images, NDAs, contracts, and other documents.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

The gang also published several pictures of passports and company documents as proof of the hack. The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool. Cactus Ransomware has just posted Schneider Electric.

Ransomware

Ransomware Digital transformation Retail Antivirus

The Clock is Ticking for PCI DSS 4.0 Compliance

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

The new version includes many updates, which you can read in the Summary of Changes document. In this blog I will focus on two requirements and show how Thales CipherTrust Data Security Platform solutions can help businesses streamline compliance. Secure data storage is closely related to encryption and key management.

Financial Services

Financial Services Data breaches Accountability Encryption

Dubai’s largest taxi app exposes 220K+ users

Security Affairs

DECEMBER 12, 2023

Businesses employ MongoDB to organize and store large swaths of document-oriented information. Tokens usually serve as digital keys to user accounts. In theory, exposing tokens could lead to unauthorized account access. DTC app has over 100,000 downloads on the Google Play store.

VPN

VPN Accountability Banking Marketing

Trusted relationship attacks: trust, but verify

SecureList

MAY 28, 2024

But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. in their infrastructure, while the rest discovered they had been infiltrated via a third party only after data leakage or encryption. Rounding out the top three is targeted phishing.

VPN

VPN Accountability Passwords Antivirus

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

Security Affairs

NOVEMBER 8, 2023

The attacks frequently targeted small and tribal casinos, encrypting servers and the personally identifying information (PII) of employees and patrons.” The threat actors sent victims a phone number in a phishing attempt, often related to pending charges on their accounts. ” reported the PIN.

Ransomware

Ransomware Backups Encryption Phishing

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

The phishing emails attempt to trick recipients into clicking on an embedded link to view a document. Once the file is opened, a PowerShell command downloads a decoy document from a remote server, along with the Python programming language interpreter and the Client.py file classified as MASEPIE. file classified as MASEPIE.

Phishing

Phishing Malware Computers and Electronics Internet

Data of over a million users of the crypto exchange GokuMarket exposed

Security Affairs

DECEMBER 15, 2023

The leak comes after the team discovered an unprotected MongoDB instance, which stored information on GokuMarket crypto exchange users. Businesses employ MongoDB to organize and store large swaths of document-oriented information, and in GokuMarket’s case, the details of over a million customers and admin users.

Passwords

Passwords Cryptocurrency Scams Mobile

Morgan Stanley discloses data breach after the hack of a third-party vendor

Security Affairs

JULY 8, 2021

Guidehouse provides account maintenance services to Morgan Stanley’s StockPlan Connect business, hackers breached its Accellion FTA server and stole information belonging to Morgan Stanley stock plan participants. . “There was no data security breach of any Morgan Stanley applications,” continues the letter.

Data breaches

Data breaches Hacking Banking Financial Services

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Security Affairs

FEBRUARY 26, 2024

The hackers managed to access sensitive HR information and documents about the company’s current and former employees. The confidential information accessed by the attackers included the SSN and bank account information of employees. On December 28, 2020, ThyssenKrupp Materials group of companies based in U.S.

Cyber Attacks

Cyber Attacks Ransomware Engineering Banking

How Secure Are Your Business’s Communication Methods?

CyberSecurity Insiders

NOVEMBER 19, 2022

To prevent unauthorized users from getting into a vital call, ensure the video conferencing tool has end-to-end encryption. This feature will protect video conferences and guarantee those conversations are secure. The key is ensuring workers use a solution that provides enhanced security. The key is end-to-end encryption.

Encryption

Encryption Risk Data breaches Technology

What to do if your company was mentioned on Darknet?

SecureList

DECEMBER 12, 2023

” In the course of this research, we found out that the prevalent posts revolved around the sale of compromised accounts, internal databases, and documents, along with access to corporate infrastructures. Data breaches A data breach exposes confidential, sensitive information and can cause major problems.

Data breaches

Data breaches Accountability Telecommunications Malware

Mental Health Apps are Likely Collecting and Sharing Your Data

Security Boulevard

MAY 15, 2024

TABLE OF CONTENTS Understanding HIPAA Mental health apps collect a wealth of personal information Information collection extends past user disclosure Mental health apps may share your information with third parties Can users protect their privacy while using mental health apps? What does this mean?

Advertising

Advertising Insurance Accountability Data Analyst

Evolution of the LockBit Ransomware operation relies on new techniques

Security Affairs

JULY 8, 2022

Experts documented the evolution of the LockBit ransomware that leverages multiple techniques to infect targets and evade detection. The Cybereason Global Security Operations Center (GSOC) Team published the Cybereason Threat Analysis Reports that investigates the threat landscape and provides recommendations to mitigate their attacks.

Ransomware

Ransomware Accountability Malware Firewall

How to keep cloud storage secure and safe

CyberSecurity Insiders

SEPTEMBER 7, 2022

As the adoption of cloud storage is growing, it is becoming easy to carry documents, passwords, movies, images, music, etc. Though it is convenient for us, data upload to a third-party platform might fetch some security risks that are as follows. Better to use mobile data as 4G and 5G are considered as most secure networks.

Passwords

Passwords Accountability Mobile Encryption

Law enforcement operation dismantled 911 S5 botnet

Security Affairs

MAY 30, 2024

” According to court documents, the gang bundled the malware with other program files, including pirated versions of licensed software or copyrighted materials. The FBI has published information at fbi.gov/911S5 to help identify and remove 911 S5’s VPN applications from your devices or machines. export laws.

VPN

VPN Cryptocurrency Malware Software

FBI issued a flash alert on Lockbit ransomware operation

Security Affairs

FEBRUARY 5, 2022

enumerates system information to include hostname, host configuration, domain information, local drive configuration, remote shares, and mounted external storage devices. attempts to encrypt any data saved to any local or remote device but skips files associated with core system functions.” ” reads the flash alert.

Ransomware

Ransomware Backups Encryption Accountability

New Ryuk ransomware implements self-spreading capabilities

Security Affairs

FEBRUARY 26, 2021

It lists the IP addresses of the local ARP cache and sends them a packet, then it lists all the sharing resources opened on the found IPs, mounts each of them, and attempts to encrypt their content. “The Ryuk variant analyzed in this document does have self-replication capabilities. ” continues the report.

Ransomware

Ransomware Passwords Accountability Encryption

CISA, FBI, NSA warn of the increased globalized threat of ransomware

Security Affairs

FEBRUARY 12, 2022

service account, admin accounts, and domain admin accounts) to have strong, unique passwords. If using Linux, use a Linux security module (such as SELinux, AppArmor, or SecComp) for defense in depth. Protect cloud storage by backing up to multiple locations, requiring MFA for access, and encrypting data in the cloud.

Ransomware

Ransomware Backups Encryption Accountability

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

The Java-based STRRAT RAT was distributed in a massive spam campaign, the malware shows ransomware-like behavior of appending the file name extension.crimson to files without actually encrypting them. This RAT is infamous for its ransomware-like behavior of appending the file name extension.crimson to files without actually encrypting them.

Ransomware

Ransomware Malware Encryption Security Intelligence

Navigating the complex world of Cybersecurity compliance

CyberSecurity Insiders

MAY 17, 2023

Health Insurance Portability and Accountability Act (HIPAA) HIPAA is a U.S. law that regulates the handling of protected health information (PHI). ISO/IEC 27001 ISO/IEC 27001 is an international standard that provides a framework for information security management systems (ISMS).

Cybersecurity

Cybersecurity Risk Insurance Firewall

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Security Affairs

SEPTEMBER 19, 2023

Researchers from Trend Micro, while monitoring the activity of the China-linked threat actor Earth Lusca , discovered an encrypted file hosted on a server under the control of the group. It consists of two components, the loader and the encrypted main payload. The backdoor uses AES-ECB encryption for C2 communications.

Malware

Malware Encryption Telecommunications Authentication

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Security Affairs

FEBRUARY 2, 2024

CIA has been sentenced to 40 years in prison for leaking classified documents. Former CIA employee Joshua Adam Schulte has been sentenced to 40 years in prison for passing classified documents to WikiLeaks and for possessing child pornographic material. A former software engineer with the U.S.

Computers and Electronics

Computers and Electronics Engineering Hacking Data breaches

Woody RAT: A new feature-rich malware spotted in the wild

Malwarebytes

AUGUST 3, 2022

This advanced custom Rat is mainly the work of a threat actor that targets Russian entities by using lures in archive file format and more recently Office documents leveraging the Follina vulnerability. The earliest versions of this Rat was typically archived into a zip file pretending to be a document specific to a Russian group.

Malware

Malware Encryption Antivirus Architecture

German industrial giant ThyssenKrupp targeted in a new cyberattack

Security Affairs

DECEMBER 21, 2022

The hackers managed to access sensitive HR information and documents about the company’s current and former employees. The confidential information accessed by the attackers included the SSN and bank account information of employees. On December 28, 2020, ThyssenKrupp Materials group of companies based in U.S.

Engineering

Engineering Ransomware Data breaches Banking

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

Security Affairs

APRIL 22, 2020

On Sunday, the computer systems in the city of Torrance suffered a cyber attack that interrupted access to email accounts and server functions. “Based on the names of the archives, this data includes city budget financials, various accounting documents, document scans, and an archive of documents belonging to the City Manager.”

Ransomware

Ransomware Advertising Backups Data breaches

BlackCat (aka ALPHV) Ransomware is Increasing Stakes up to $2,5M in Demands

Security Affairs

JULY 11, 2022

BlackCat (aka ALPHV) Ransomware gang introduced an advanced search by stolen victim’s passwords, and confidential documents. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked in the TOR network. The notorious cybercriminal syndicate BlackCat competes with Conti and Lockbit 3.0.

Ransomware

Ransomware Passwords Data breaches Technology

ToxicEye RAT exploits Telegram communications to steal data from victims

Security Affairs

APRIL 24, 2021

Upon opening the attachment, ToxicEye installs itself on the victim’s device and performs some operations in background such as: stealing data deleting or transferring files killing processes on the PC hijacking the PC’s microphone and camera to record audio and video encrypting files for ransom purposes. ” concludes the report.

Malware

Malware Mobile Encryption Accountability

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

are subject to laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), as well as regulations such as the Clinical Laboratory Improvements Amendments (CLIA). Security, Privacy and Compliance Can Conflict.

Data privacy

Data privacy Encryption Data breaches Insurance

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

. “The purpose of this document is to describe the operating mode used during these attacks and the associated compromise indicators, then to provide recommendations to limit the impact of this type of incident.” locked to the filename of the encrypted files. The malicious code appended the extension.

Government

Government Ransomware Encryption Penetration Testing

Clop ransomware gang paralyzed flavor and fragrance producer Symrise

Security Affairs

DECEMBER 21, 2020

BleepingComputer reported that the company was hit by the Clop ransomware that encrypted 1,000 devices. “The Clop ransomware gang has claimed responsibility for the attack on Symrise and have told BleepingComputer that they allegedly encrypted 1,000 devices.” ” reported Bleeping Computer.

Ransomware

Ransomware Encryption Malware Cyber Attacks

Former NSA employee pleads guilty to attempted selling classified documents to Russia

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

Webinars

Trending Sources

YouTube creators’ accounts hijacked with cookie-stealing malware

Webinars

Coldriver threat group targets high-ranking officials to obtain credentials

Snowden Ten Years Later

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

8Base ransomware operators use a new variant of the Phobos ransomware

3CX Breach Was a Double Supply Chain Compromise

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update

Saudi Ministry exposed sensitive data for 15 months

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

The Clock is Ticking for PCI DSS 4.0 Compliance

Dubai’s largest taxi app exposes 220K+ users

Trusted relationship attacks: trust, but verify

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

Russia-linked APT28 used new malware in a recent phishing campaign

Data of over a million users of the crypto exchange GokuMarket exposed

Morgan Stanley discloses data breach after the hack of a third-party vendor

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

How Secure Are Your Business’s Communication Methods?

What to do if your company was mentioned on Darknet?

Mental Health Apps are Likely Collecting and Sharing Your Data

Evolution of the LockBit Ransomware operation relies on new techniques

How to keep cloud storage secure and safe

Law enforcement operation dismantled 911 S5 botnet

FBI issued a flash alert on Lockbit ransomware operation

New Ryuk ransomware implements self-spreading capabilities

CISA, FBI, NSA warn of the increased globalized threat of ransomware

STRRAT RAT spreads masquerading as ransomware

Navigating the complex world of Cybersecurity compliance

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Woody RAT: A new feature-rich malware spotted in the wild

German industrial giant ThyssenKrupp targeted in a new cyberattack

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

BlackCat (aka ALPHV) Ransomware is Increasing Stakes up to $2,5M in Demands

ToxicEye RAT exploits Telegram communications to steal data from victims

Top 5 Problems Solved by Data Lineage

Security Compliance & Data Privacy Regulations

CERT France – Pysa ransomware is targeting local governments

Clop ransomware gang paralyzed flavor and fragrance producer Symrise

Stay Connected