Encryption, Government, Hacking and Malware

Iranian Government Hacking Android

Schneier on Security

SEPTEMBER 24, 2020

The hackers also have created malware disguised as Android applications, the reports said. Both are popular messaging tools in Iran. It looks like the standard technique of getting the victim to open a document or application.

Government

Government Hacking Mobile Encryption

Security Risks of Government Hacking

Schneier on Security

SEPTEMBER 13, 2018

Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. This is the canonical lawful hacking paper.

Government

Government Hacking Risk Surveillance

Details on VirusTotal Hacking

CyberSecurity Insiders

JANUARY 19, 2022

VirusTotal, an anti-malware solution provider, is now offering a service that can collect credentials stolen by malicious software aka malware. The post Details on VirusTotal Hacking appeared first on Cybersecurity Insiders.

Hacking

Hacking Passwords Malware Cryptocurrency

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it. It was this first time that the operators adopted this tactic.

Ransomware

Ransomware Encryption Antivirus VPN

Russia-linked Turla APT hacked European government organization

Security Affairs

OCTOBER 29, 2020

Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization.

Government

Government Hacking Advertising Encryption

China-Linked BRONZE PRESIDENT APT targets Government officials worldwide

Security Affairs

SEPTEMBER 10, 2022

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. PlugX is modular malware has backdoor capabilities that could be extended by downloading additional plugins. In the recent campaign, the malware is included in RAR archive files.

Government

Government Malware Encryption Hacking

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Hacking Malware Encryption

Malware related news headlines trending on Google

CyberSecurity Insiders

SEPTEMBER 21, 2022

Coming to the third news related to malware, Vmware and Microsoft have jointly issued a warning against Chromeloader Malware that has evolved into a major threat in recent times. Hackers are seen using this malware to exploit browsers leading to advertising and affiliate frauds. Last is the news about the Russian-Ukraine war.

Malware

Malware Telecommunications Insurance Ransomware

Mobile Malware Uses Deepfakes, Social Engineering to Bypass Biometric Authentication

SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand.

Social Engineering

Social Engineering Mobile Authentication Engineering

ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD

Security Affairs

OCTOBER 29, 2021

The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers discovered a new Hive ransomware variant that was specifically developed to encrypt Linux and FreeBSD. The Hive ransomware adds the.hive extension to the filename of encrypted files. .

Encryption

Encryption Ransomware Spyware Malware

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The campaign has been active since at least 2021, threat actors employed downloaders and loaders to deploy next-stage malware. report – CurKeep collects information about the infected machine.

Government

Government Encryption Phishing Malware

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. Researchers from Trend Micro, while monitoring the activity of the China-linked threat actor Earth Lusca , discovered an encrypted file hosted on a server under the control of the group.

Malware

Malware Encryption Telecommunications Authentication

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing

Phishing Malware Computers and Electronics Internet

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches

Data breaches VPN Hacking Banking

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity.

Government

Government Malware Computers and Electronics Advertising

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of customers globally, including banks, government agencies, airports, casinos, jewelry stores, tax agencies and even nuclear power plants. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job.

Hacking

Hacking Ransomware Banking Accountability

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Report: Brazil must do more to encrypt, back up data

Malwarebytes

JULY 8, 2022

Federal government organisations in Brazil may need to reassess their approach to cyberthreats, according to a new report by the country’s Federal Audit Court. Specifically: The lack of backups when dealing with hacking incidents. Specifically: The lack of backups when dealing with hacking incidents.

Encryption

Encryption Backups Cybercrime Ransomware

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

NOVEMBER 15, 2019

A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. SecurityAffairs – TA2101, hacking). The post New TA2101 threat actor poses as government agencies to distribute malware appeared first on Security Affairs.

Government

Government Malware Social Engineering Banking

Microsoft spotted a destructive malware campaign targeting Ukraine

Security Affairs

JANUARY 16, 2022

Microsoft spotted a new destructive malware operation targeting government, non-profit, and IT entities in Ukraine. Microsoft spotted a destructive attack that targeted government, non-profit, and IT entities in Ukraine with a wiper disguised as ransomware. ” reported Reuters. ” reported Reuters.

Malware

Malware Government Ransomware Encryption

US govt offers $10 million bounty for info linking Clop ransomware gang to a foreign government.

Security Affairs

JUNE 18, 2023

government announced up to a $10 million bounty for information linking the Clop ransomware gang to a foreign government. critical infrastructure to a foreign government. critical infrastructure to a foreign government? The bounty is covered by the U.S. Send us a tip. You could be eligible for a reward.

Government

Government Ransomware Penetration Testing Media

ERMAC, a new banking Trojan that borrows the code from Cerberus malware

Security Affairs

SEPTEMBER 27, 2021

The source code of Cerberus was released in September 2020 on underground hacking forums after its operators failed an auction. According to the experts, ERMAC is operated by threat actors behind the BlackRock mobile malware. On August 17, two forum members named “ermac” and “DukeEugene” started advertising the malware.

Banking

Banking Malware Mobile Encryption

Conti Ransomware gang threatens to overthrow the government of Costa Rica

Security Affairs

MAY 18, 2022

The Conti ransomware gang is threatening to ‘overthrow’ the new government of Costa Rica after last month’s attack. Last month, the Conti ransomware gang claimed responsibility for the attack on Costa Rica government infrastructure after that the government refused to pay a ransom. To nominate, please visit:?

Government

Government Ransomware Cyber Attacks Encryption

Donot Team cyberespionage group updates its Windows malware framework

Security Affairs

AUGUST 21, 2022

The Donot Team threat actor, aka APT-C-35 , has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries.

Malware

Malware Spyware Phishing Government

DinodasRAT Linux variant targets users worldwide

Security Affairs

MARCH 31, 2024

ESET researchers reported that a Windows version of DinodasRAT was used in attacks against government entities in Guyana. The campaign seems active since at least early 2022 and focuses primarily on government organizations. The malware establishes persistence on the host by using SystemV or SystemD startup scripts.

Encryption

Encryption Malware Government Hacking

BlackCat ransomware gang claims to have hacked US defense contractor NJVC

Security Affairs

OCTOBER 2, 2022

Another US defense contractor suffered a data breach, the BlackCat ransomware gang claims to have hacked NJVC. The ALPHV/BlackCat ransomware gang claims to have breached the IT firm NJVC , which supports the federal government and the United States Department of Defense. SecurityAffairs – hacking, NJVC). Pierluigi Paganini.

Hacking

Hacking Ransomware Data breaches Government

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. locked to the filename of the encrypted files.

Government

Government Ransomware Encryption Penetration Testing

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. In a first stage it allocates the memory space where to copy the encrypted data and whose content is executed by the packer.

Ransomware

Ransomware Malware Cybercrime Banking

US arrested Latvian woman who developed part of Trickbot malware

Security Affairs

JUNE 5, 2021

The US Department of Justice (DOJ) announced the arrest of a Latvian woman for her alleged role in the development of the Trickbot malware. The US Department of Justice (DOJ) announced the arrest of Alla Witte (aka Max), a Latvian woman that was charged for her alleged role in the development of the Trickbot malware.

Malware

Malware Banking Ransomware Encryption

RansomExx Ransomware upgrades to Rust programming language

Security Affairs

NOVEMBER 24, 2022

The operators of the RansomExx ransomware (aka Defray777 and Ransom X) have developed a new variant of their malware, tracked as RansomExx2, that was ported into the Rust programming language. The main reason to rewrite malware in Rust is to have lower AV detection rates, compared to malware written in more common languages.

Ransomware

Ransomware Encryption Malware Manufacturing

Russian government claims to have dismantled REvil ransomware gang

Security Affairs

JANUARY 14, 2022

. “The basis for the search activities was the appeal of the competent US authorities, who reported on the leader of the criminal community and his involvement in encroachments on the information resources of foreign high-tech companies by introducing malicious software, encrypting information and extorting money for its decryption.

Government

Government Ransomware Cryptocurrency Banking

AvosLocker ransomware gang releases a free decryptor after an affiliate hit US gov agency

Security Affairs

DECEMBER 30, 2021

The AvosLocker ransomware operators released a free decryptor after they accidentally encrypted the system of US Government entity. The AvosLocker ransomware operation provided a free decryptor after they encrypted the systems of a US government agency. SecurityAffairs – hacking, AvosLocker ransomware).

Ransomware

Ransomware Government Encryption Malware

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs

JULY 7, 2022

The attacks against Healthcare and Public Health (HPH) Sector organizations started in May 2021 and government experts observed multiple cases that involved the use of the Maui ransomware. According to the analysis, the malware appears to be human-operated ransomware. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Healthcare

Healthcare Ransomware Encryption Government

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. .” SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media

Media Hacking Passwords Data breaches

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Security Affairs

FEBRUARY 23, 2022

The name “ Bvp47 ” comes form numerous references to the string “Bvp” and the numerical value “0x47” used in the encryption algorithm. The Bvp47 backdoor was first discovered in 2013 while conducting a forensic investigation into a security breach suffered by a Chinese government organization.

Encryption

Encryption Hacking Government Engineering

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware

Malware Scams Social Engineering Phishing

Ransomware news trending on Google

CyberSecurity Insiders

MAY 23, 2023

A Russian government affiliated ransomware spreading group has targeted the Indian Insurance Information Bureau (IIB) and encrypted the entire database and their demand is that they victim needs to pay $250,000 in bitcoins in exchange of a decryption key.

Ransomware

Ransomware Encryption Malware Insurance

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. The ransomware was involved in targeted attacks against corporate and government networks.

Ransomware

Ransomware Encryption Backups Malware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report. .

Energy and Utilities

Energy and Utilities Government Firewall Malware

AvosLocker ransomware now targets Linux systems, including ESXi servers

Security Affairs

JANUARY 11, 2022

AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers, Bleeping computed reported. SecurityAffairs – hacking, AvosLocker).

Ransomware

Ransomware Encryption Advertising Malware

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 18, 2024

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders U.S.

Cybercrime

Cybercrime Ransomware Malware Data breaches

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches

Data breaches Cybercrime Firewall Artificial Intelligence

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs

JUNE 23, 2022

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. The encryption routine used to wrap the Yahoyah Trojan in this campaign is a custom implementation of AES, named by Check Point AEES. SecurityAffairs – hacking, Tropic Trooper). Pierluigi Paganini.

Hacking

Hacking Wireless Encryption Passwords

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs

DECEMBER 25, 2022

Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom and Governments TikTok parent company ByteDance revealed the use of TikTok data to track journalists BetMGM discloses security breach impacting 1.5 SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Ransomware

Ransomware Hacking Malware Encryption

Iranian Government Hacking Android

Security Risks of Government Hacking

Webinars

Trending Sources

Details on VirusTotal Hacking

Webinars

Akira ransomware received $42M in ransom payments from over 250 victims

Russia-linked Turla APT hacked European government organization

China-Linked BRONZE PRESIDENT APT targets Government officials worldwide

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Malware related news headlines trending on Google

Mobile Malware Uses Deepfakes, Social Engineering to Bypass Biometric Authentication

ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Croatia government agencies targeted with news SilentTrinity malware

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Report: Brazil must do more to encrypt, back up data

New TA2101 threat actor poses as government agencies to distribute malware

Microsoft spotted a destructive malware campaign targeting Ukraine

US govt offers $10 million bounty for info linking Clop ransomware gang to a foreign government.

ERMAC, a new banking Trojan that borrows the code from Cerberus malware

Conti Ransomware gang threatens to overthrow the government of Costa Rica

Donot Team cyberespionage group updates its Windows malware framework

DinodasRAT Linux variant targets users worldwide

BlackCat ransomware gang claims to have hacked US defense contractor NJVC

CERT France – Pysa ransomware is targeting local governments

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

US arrested Latvian woman who developed part of Trickbot malware

RansomExx Ransomware upgrades to Rust programming language

Russian government claims to have dismantled REvil ransomware gang

AvosLocker ransomware gang releases a free decryptor after an affiliate hit US gov agency

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Asian media firm E27 hacked, attackers asked for a “donation”

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

New Coronavirus-themed malspam campaign delivers FormBook Malware

Ransomware news trending on Google

Experts warn of attacks using a new Linux variant of SFile ransomware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

AvosLocker ransomware now targets Linux systems, including ESXi servers

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs newsletter Round 399 by Pierluigi Paganini

Stay Connected