Document and Information Security - Cyber Security Informer

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” reads the alert.

Malware

Malware Scams Identity Theft Antivirus

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

They also enrich documents with metadata and place them in crypto-containers, access to which is only granted by permission. However, all of these solutions are powerless when it comes to photographing a document with a smartphone and compromising printed copies of documents. There are more exotic ways of protecting documents.

Marketing

Marketing Software Surveillance Information Security

Former CIA analyst pleaded guilty to leaking top-secret documents

Security Affairs

JANUARY 21, 2025

Rahman has access to Sensitive Compartmented Information (SCI). On October 17, 2024, Rahman stole and leaked Top-Secret documents on a U.S. The CIA analyst photographed the classified documents and transmitted them to individuals he knew were not authorized to view them. “After Oct.

Media

Media Mobile Internet Internet

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

Security Affairs

APRIL 6, 2025

The document is realistic enough to bypass automated Know Your Customer (KYC) checks, the expert states. Experts are calling for stronger defenses, including broader use of NFC-based verification and electronic identity documents (eIDs), which offer more resilient, hardware-level authentication. ” Musielak wrote on X.

Identity Theft

Identity Theft Insurance Banking Authentication

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

NOVEMBER 12, 2024

Law enforcement warned that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. Three iPhones running iOS 18.0

Media

Media Wireless Mobile Encryption

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Security Affairs

NOVEMBER 8, 2024

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. security feature addition.”

Media

Media Mobile Passwords Hacking

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure. Below is an update published on October 18, 2024: Based on our investigations, we are confident that there has been no breach of our systems.

Cybercrime

Cybercrime Data breaches Technology Banking

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000.

Insurance

Insurance Risk Financial Services CISO

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Allegedly, invoice receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality pic.twitter.com/Tad7LeOcsk — HackManac (@H4ckManac) December 6, 2024 According to the announcement published by the group on its Tor leak site, stolen data includes: Invoice Receipts (..)

Ransomware

Ransomware Hacking Accountability Cyber Attacks

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. But after being presented with a document including the Social Security number of a health professional in D.C.

Banking

Banking Government Information Security Authentication

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., European, and Asian entities. systems. .”

Malware

Malware Government Hacking Cybersecurity

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

The group claimed to have stolen 500GB of data including Finacial data, Organisation data, Users data and personal documents, NDA’s, Confidential data, and more. As proof of the data breach, the group published multiple screenshots, including pictures of passports and other documents.

Ransomware

Ransomware Telecommunications Healthcare Insurance

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

A large cache of more than 500 documents published to GitHub last week indicate the records come from i-SOON , a technology company headquartered in Shanghai that is perhaps best known for providing cybersecurity training courses throughout China. A marketing slide deck promoting i-SOON’s Advanced Persistent Threat (APT) capabilities.

Government

Government Hacking Cyber threats Mobile

U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 25, 2024

Cisco warned customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. The company published a document containing recommendations against password spray attacks aimed at Remote Access VPN (RAVPN) services.

VPN

VPN Firewall Technology Passwords

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Security Affairs

DECEMBER 23, 2024

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software. ” reads the court document. WhatsApp won a legal case against NSO Group in a U.S. ” The U.S.

Spyware

Spyware Surveillance Software Hacking

New SEC Rules around Cybersecurity Incident Disclosures

Schneier on Security

AUGUST 2, 2023

In an email newsletter, Melissa Hathaway wrote: Now that the rule is final, companies have approximately six months to one year to document and operationalize the policies and procedures for the identification and management of cybersecurity (information security/privacy) risks.

Cybersecurity

Cybersecurity Risk Government Information Security

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

“In at least two cases Amnesty International documented, the Cellebrite UFED product and associated exploits were used to covertly bypass phone security features, enabling Serbian authorities to infect the devices with NoviSpy spyware. . ” reported the Associated Press. ” concludes the report.

Spyware

Spyware Surveillance Technology Mobile

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Security Affairs

FEBRUARY 5, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the statement published by the International Civil Aviation Organization.

Data breaches

Data breaches Information Security Hacking Marketing

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. What’s more, Syrén seemed to downplay the severity of the exposure.

Hacking

Hacking Ransomware Banking Accountability

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

OPERATIONAL MANUALS AND DECEPTION STRATEGIES As further evidence of the increasing professionalization of this illicit sector, Meridian Group reports the publication of informational content designed to guide the proper use of EDR services, presented as a detailed guide on how to correctly complete and unlawfully submit the requests.

Cybercrime

Cybercrime Social Engineering Accountability Government

U.S. cannabis dispensary STIIIZY disclosed a data breach

Security Affairs

JANUARY 11, 2025

. “An investigation conducted by the vendor revealed that personal information relating to certain STIIIZY customers processed by the vendor was acquired by the threat actors on or around October 10, 2024 – November 10, 2024. The exposed information varies for each individual case.

Data breaches

Data breaches Retail Cybercrime Government

10 Benefits of Leading a Cybersecurity Management Review

SecureWorld News

NOVEMBER 25, 2024

I just wrapped up a management review for our cybersecurity program (which is called an Information Security Management System (ISMS) in ISO 27001), and it got me thinking about how valuable these reviews are—not just for meeting compliance requirements like ISO 27001, but for driving real improvements in how we approach cybersecurity.

Cybersecurity

Cybersecurity Risk Information Security Accountability

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

. “Subsequently, and using up to three different pseudonyms, he attacked international bodies and government-type organisations by accessing databases with personal information of employees and clients, as well as internal documents that were subsequently sold or freely published on forums.” ” concludes the statement.

Cybercrime

Cybercrime Government Data breaches Information Security

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

“The emails had the subject Documents from 04/29/2025 and were sent from an address disguised as corporate correspondence.” ” The phishing emails employed in the campaign spotted by F6 experts has the subject Documents from 04/29/2025 and were sent from addresses mimicking corporate senders.

Malware

Malware Phishing Telecommunications Retail

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure. DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Ciscos technologies.

Data breaches

Data breaches Cybercrime Authentication Technology

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The RAR archive analyzed by the Ukrainian CERT-UA contains the document Algorithm_LegalAid.xlsm.Upon opening the document and enabling the macro, a PowerShell command will be executed. The script will download and run the.NET bootloader MSCommondll.exe,which in turn will download and run the malware DarkCrystal RAT.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Security Affairs

MAY 13, 2025

Such information will be of interest to foreign intelligence agencies, nation-state actors, and advanced espionage groups, especially during local conflicts and ongoing wars.

Ransomware

Ransomware Cyber Attacks Risk Hacking

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

Security Affairs

FEBRUARY 12, 2025

Sarcoma ransomware operators claim to have stolen 377 GB of SQL files and documents. The company is investigating the security breach and mitigating the attack with the help of an external cyber forensic team. The company is headquartered in Taiwan and has manufacturing facilities in multiple countries.

Computers and Electronics

Computers and Electronics Ransomware Manufacturing Data breaches

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

pic.twitter.com/6fsczNSrwu — Dominic Alvieri (@AlvieriD) May 2, 2025 The group published the images of multiple documents allegedly stolen from the Peruvian government platform. The Government of Peru has been breached by Rhysida Ransomware. The Rhysida ransomware group has been active since May 2023.

Government

Government Hacking Ransomware Manufacturing

DPRK-linked BlueNoroff used macOS malware with novel persistence

Security Affairs

NOVEMBER 7, 2024

The initial attack vector is a phishing email containing a link to a malicious application disguised as a link to a PDF document relating to a cryptocurrency topic such as “Hidden Risk Behind New Surge of Bitcoin Price”, “Altcoin Season 2.0-The The Hidden Gems to Watch” and “New Era for Stablecoins and DeFi, CeFi”.

Malware

Malware Risk Architecture Cryptocurrency

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Security Affairs

MAY 18, 2025

“However, rogue communication devices not listed in product documents have been found in some Chinese solar power inverters by U.S experts who strip down equipment hooked up to grids to check for security issues, the two people said.” ” reported Reuters.

Energy and Utilities

Energy and Utilities Manufacturing Government Hacking

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

The leak includes work logs, DevOps commands, API data, and network configs with hardcoded credentials, posing security risks to TopSec and its customers. Some documents detail the use of web content monitoring services to enforce censorship for public and private sector customers. ” reads the report published by SentinelLabs.

Government

Government Cybersecurity Hacking Internet

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software. reads the court document. In December, WhatsApp won a legal case against NSO Group in a U.S.

Spyware

Spyware Hacking Surveillance Malware

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

APRIL 26, 2025

Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address. One of those computers was for employees only.” ” reported the media outlet KOCO 5 News.

Malware

Malware Cybersecurity Healthcare Media

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

The authorities launched an investigation after the ransomware gang Ransomhub claimed the attack and published samples of personal information from a database of government. Stolen files allegedly include contracts, insurance, and financial documents. ” reported the Associated Press.

Government

Government Hacking Ransomware Insurance

Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

Security Affairs

JANUARY 14, 2025

The experts observed a cyber espionage campaign using weaponized Kazakh Ministry of Foreign Affairs documents to gather intelligence on Central Asia’s diplomatic and economic ties. Upon enabling the macro in the weaponized documents, the malicious code creates a second blank document in the C:Users[USER]AppDataLocalTemp folder.

Malware

Malware Hacking Government Information Security

Fidelity Investments suffered a second data breach this year

Security Affairs

OCTOBER 14, 2024

Fidelity Investments has informed attorney generals in various states that the attacker had created two customer accounts, which they used to obtain images of documents pertaining to Fidelity customers from an internal database. The company confirmed that financial data was not exposed and Fidelity customer accounts were not hacked.

Data breaches

Data breaches Financial Services Accountability Hacking

News Alert: Halo Security reaches SOC 2 milestone, validating its security controls and practices

The Last Watchdog

MAY 22, 2025

“For a company that helps other organizations identify and remediate security vulnerabilities, it’s essential that we maintain the highest standards of security in our own operations,” added Dowling.

Penetration Testing

Penetration Testing Risk Media Marketing

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Security Affairs

APRIL 16, 2025

These CNAs are authorized to assign CVE IDs to vulnerabilities discovered in their respective domains, ensuring timely and accurate documentation of security issues. The CVE program is supported by a network of CVE Numbering Authorities (CNAs), which include major technology companies, research organizations, and government agencies.

Government

Government Risk Cybersecurity Media

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

In many cases, the phony profiles spoofed chief information security officers at major corporations , and some attracted quite a few connections before their accounts were terminated. The malware was found inside of a document that offered an employment contract at the multinational bank HSBC. Microsoft Corp.

Malware

Malware Software Technology Accountability

Coinbase disclosed a data breach after an extortion attempt

Security Affairs

MAY 15, 2025

Exposed data included contact details, partial SSNs and bank info, ID images, account history, and limited internal documents. Compromised data includes: Name, address, phone, and email; Masked Social Security (last 4 digits only); Masked bank-account numbers and some bank account identifiers; GovernmentID images (e.g.,

Data breaches

Data breaches Banking Accountability Retail

Nigerian man Sentenced to 26+ years in real estate phishing scams

Security Affairs

NOVEMBER 4, 2024

According to court documents, Mr. Ojelade sent phishing emails to real estate businesses, then after gaining unauthorized access to victims’ accounts monitored their email traffic to determine when large transactions were about to take place. Ojelade was extradited to the U.S. million in restitution.

Scams

Scams Phishing Identity Theft Accountability

NIST SP 800-171 Rev 2 vs Rev 3: What’s The Difference?

Security Boulevard

MARCH 14, 2025

Government cybersecurity and information security frameworks are a constant work in progress.

Government

Government Information Security Technology Cybersecurity

Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers

Graham Cluley

MARCH 6, 2024

Ukraine claims its hackers have gained possession of "the information security and encryption software" used by Russia's Ministry of Defence , as well as secret documents, reports, and instructions exchanged between over 2,000 units of Russia's security services. Read more in my article on the Hot for Security blog.

Encryption

Encryption Hacking Information Security Software

FBI warns of malicious free online document converters spreading malware

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Trending Sources

Former CIA analyst pleaded guilty to leaking top-secret documents

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

First American Financial Pays Farcical $500K Fine

8Base ransomware group hacked Croatia’s Port of Rijeka

Many Public Salesforce Sites are Leaking Private Data

FBI deleted China-linked PlugX malware from over 4,200 US computers

Black Basta ransomware gang hit BT Group

New Leak Shows Business Side of China’s APT Menace

U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

New SEC Rules around Cybersecurity Incident Disclosures

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

EDR-as-a-Service makes the headlines in the cybercrime landscape

U.S. cannabis dispensary STIIIZY disclosed a data breach

10 Benefits of Leading a Cybersecurity Management Review

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Cisco states that the second data leak is linked to the one from October

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

Rhysida Ransomware gang claims the hack of the Government of Peru

DPRK-linked BlueNoroff used macOS malware with novel persistence

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

CEO of cybersecurity firm charged with installing malware on hospital systems

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

Fidelity Investments suffered a second data breach this year

News Alert: Halo Security reaches SOC 2 milestone, validating its security controls and practices

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

3CX Breach Was a Double Supply Chain Compromise

Coinbase disclosed a data breach after an extortion attempt

Nigerian man Sentenced to 26+ years in real estate phishing scams

NIST SP 800-171 Rev 2 vs Rev 3: What’s The Difference?

Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers

Stay Connected