Security Affairs

JANUARY 5, 2025

TIM.exe then loads a malicious launcher DLL libcurl.dll whichwilldecrypt and load the PLAYFULGHOST payload from an encrypted file named Debug.log.” . “Then, the LNK file launches QQLaunch.exe , a legitimate binary from Tencent QQ, which launches another legitimate binary TIM.exe which is a renamed version of the program CURL.

Malware 134

Malware Encryption Phishing Hacking 134

The Hacker News

MAY 30, 2025

A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages.

Social Engineering 127

Social Engineering Malware Encryption Engineering 127

SecureWorld News

DECEMBER 8, 2024

Recent progress has sparked discussions, but current capabilities are still far from threatening encryption standards like 2048-bit RSA. It is essential to understand the risks posed by quantum computing, as future advancements could compromise today's encrypted data, opening new opportunities for threat actors.

Encryption 120

Encryption Firewall Education Firmware 120

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. Unlike modern ransomware it doesn’t rely on sophisticated encryption algorithms and modifies BitLocker configurations to encrypt a system’s drives.

Ransomware 127

Ransomware Encryption Passwords Backups 127

Troy Hunt

NOVEMBER 13, 2024

I am interested in finding how my information ended up in your database. That last one seems perfectly reasonable, and fortunately, DemandScience does have a link on their website to Do Not Sell My Information : Dammit! So, he asked them: I seem to have found my email in your data breach. If, like me, you're part of the 99.5%

Data breaches 329

Data breaches Passwords B2B Technology 329

Schneier on Security

FEBRUARY 13, 2025

For example, the Treasury Department systems contain the technical blueprints for how the federal government moves money, while the Office of Personnel Management (OPM) network contains information on who and what organizations the government employs and contracts with.

Government 363

Government Artificial Intelligence Banking Software 363

Security Affairs

NOVEMBER 18, 2024

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. .

Ransomware 129

Ransomware Insurance Encryption Healthcare 129

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.”

Ransomware 123

Ransomware Encryption Technology Cybersecurity 123

Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults.

Password Management 364

Password Management Passwords Encryption Backups 364

Schneier on Security

NOVEMBER 22, 2023

Instead of relying on Apple to verify the other person’s identity using information stored securely on Apple’s servers, you and the other party read a short verification code to each other, either in person or on a phone call.

Authentication 330

Authentication Encryption Accountability 330

Joseph Steinberg

APRIL 7, 2025

And, of course, all versions of Cybersecurity For Dummies also help guide people to recovering in the event that their computers, phones, or information has already been compromised.

Cybersecurity 187

Cybersecurity Artificial Intelligence Backups Encryption 187

The Last Watchdog

MARCH 24, 2025

Quantum computings ability to break todays encryption may still be years awaybut security leaders cant afford to wait. Related: Quantum standards come of age The real threat isnt just the eventual arrival of quantum decryptionits that nation-state actors are already stockpiling encrypted data in harvest now, decrypt later attacks.

Encryption 130

Encryption Financial Services Technology Risk 130

Krebs on Security

APRIL 11, 2024

On April 10, Sisense Chief Information Security Officer Sangram Dash told customers the company had been made aware of reports that “certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet.)”

CISO 328

CISO Encryption Telecommunications Financial Services 328

Malwarebytes

DECEMBER 6, 2024

The law enforcement investigation started in 2022 when investigators were able to track very specific information used by scammers to the specialized marketplace. A network of fake online shops set up to phish for payment information provided one of the sources of stolen data. Criminals are neither anonymous nor safe!

Marketing 128

Marketing Banking Encryption Phishing 128

Malwarebytes

NOVEMBER 27, 2024

The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation. million people was stolen.

Ransomware 135

Ransomware Healthcare Risk Encryption 135

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. FROM ACCOUNT THEFT TO A FULL-FLEDGED SERVICE: THE EVOLUTION OF THE MODEL The phenomenon has rapidly upgraded complexity, as detailed in the Meridian Group report.

Cybercrime 141

Cybercrime Social Engineering Accountability Government 141

Security Affairs

APRIL 13, 2025

Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details. The company engaged top cybersecurity and forensic experts, informed authorities, and is actively supporting affected stakeholders. The gang claimed the theft of 2 TB of data.

Data breaches 132

Data breaches Unstructured Data Identity Theft Healthcare 132

Security Affairs

APRIL 6, 2025

Oracle confirms a cloud data breach, quietly informing customers while downplaying the impact of the security breach. Oracle confirms a data breach and started informing customers while downplaying the impact of the incident. Oracle has since taken the server offline. “Oracle Corp.

Data breaches 130

Data breaches Encryption Hacking Passwords 130

SecureList

FEBRUARY 5, 2025

It encrypts data with AES-256 in CBC mode before sending and decrypts server responses with AES-128 in CBC mode. The process of sending data to “rust” consists of three stages: Data is encrypted with AES-256 in CBC mode using the same key as in the case of the “http” server.

Malware 143

Malware Encryption Mobile Cryptocurrency 143

Security Affairs

MARCH 8, 2025

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. The ransomware group used an unsecured webcam to encrypt systems within atarget’s network, bypassing Endpoint Detection and Response (EDR). Akira successfully encrypted files across the network.

Ransomware 133

Ransomware IoT Encryption Passwords 133

Malwarebytes

JANUARY 6, 2025

This ransomware is known for employing double extortion tactics, which means they encrypt victims’ data while also threatening to release sensitive information unless a ransom is paid. And since the backups that were made by a third party turned out to be incomplete, they were also unable to inform affected patients.

Data breaches 145

Data breaches Ransomware Passwords Insurance 145

Security Affairs

JUNE 6, 2025

The report also provides information on a Play ransomware ESXi variant that shuts down all virtual machines and encrypts their files using randomly generated keys for each file. By stealing credentials with Mimikatz and escalating privileges with WinPEAS, they spread malware via Group Policy Objects. ” concludes the report.

Ransomware 97

Ransomware Encryption Antivirus Malware 97

Security Affairs

MARCH 10, 2025

Unlike other extortion group, the gang doesnt encrypt data, but focuses on data theft to speed up its activity. Loretto identified the impacted individuals and notified them by mail on March 15, 2023, offering guidance on protecting their information. Victims include AMD and Keralty. They shame non-payers by leaking data.

Hacking 120

Hacking Healthcare Backups Ransomware 120

SecureWorld News

MARCH 31, 2025

A critical business function, not just a checkbox "World Backup Day acts as a crucial reminder that data loss is inevitable, encouraging us to take proactive steps to protect our information," says Emilio Sepulveda , Manager of Information Security at Deepwatch.

Backups 96

Backups Mobile Encryption CISO 96

Schneier on Security

NOVEMBER 1, 2022

The tools can slow their data connections to a crawl, break the encryption of phone calls, track the movements of individuals or large groups, and produce detailed metadata summaries of who spoke to whom, when, and where. Neither the CRA nor Iran’s mission to the United Nations responded to a requests for comment.).

Surveillance 362

Surveillance Telecommunications Mobile Encryption 362

Security Affairs

APRIL 25, 2025

. “On April 12, 2025, DaVita became aware of a ransomware incident affecting and encrypting certain on-premises systems. The group claimed the theft of 1510 GB of sensitive data, including patient records, insurance, and financial information. The DaVita network was encrypted by InterLock Ransomware.

Ransomware 101

Ransomware Encryption Insurance Marketing 101

eSecurity Planet

NOVEMBER 6, 2024

In a stunning blow to the city’s cybersecurity defenses, Columbus, Ohio, recently became the target of a massive cyberattack that exposed over half a million residents’ sensitive information. terabytes of sensitive information compromised, the breach affected approximately 500,000 residents, nearly 55% of the city’s population.

Ransomware 113

Ransomware Authentication Identity Theft Penetration Testing 113

Security Affairs

NOVEMBER 4, 2024

The city added that the attack was successfully thwarted, and no systems were encrypted. TB of sensitive data, including employee credentials, a full dump of servers with emergency services applications of the city, access from city video cameras, and other sensitive information. Rhysida demanded 30 Bitcoin (about $1.9

Ransomware 118

Ransomware Identity Theft Data breaches Cyber threats 118

Malwarebytes

FEBRUARY 18, 2025

This is the type of method we would like to see when it comes to sensitive data like medical information. In the Dutch case its remarkable and painful that such a company would have this type of information stored on their drives. First of all, the software provider had no right to store this information.

Marketing 127

Marketing Software Firmware Manufacturing 127

SecureList

OCTOBER 21, 2024

Introduction Information stealers, which are used to collect credentials to then sell them on the dark web or use in subsequent cyberattacks, are actively distributed by cybercriminals. According to Kaspersky Digital Footprint Intelligence, almost 10 million devices, both personal and corporate, were attacked by information stealers in 2023.

Passwords 128

Passwords Malware Encryption Cryptocurrency 128

Security Affairs

NOVEMBER 12, 2024

The ransomware uses the stream cipher ChaCha20 algorithm to encrypt files, then appends the extension “ 6C5oy2dVr6” to the filenames of the encrypted files. The group behind this threat has not presented a dedicated leak site or any additional information yet, but we will continue monitoring their activity.”

Ransomware 124

Ransomware Malware Encryption Hacking 124

Webroot

NOVEMBER 21, 2024

The five core components of a VPN are: Encryption : The conversion of information into a coded format that can only be read by someone who has the decryption key. Split tunneling: Allows you to choose which internet traffic goes through the VPN (with encryption) and which goes directly to the internet. How do VPNs work?

VPN 111

VPN Antivirus Internet Internet 111

Security Affairs

NOVEMBER 17, 2024

New Campaign Uses Remcos RAT to Exploit Victims Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign Ymir: new stealthy ransomware in the wild ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes Glove Stealer: Leveraging IElevator (..)

Malware 118

Malware Antivirus Encryption Education 118

Malwarebytes

FEBRUARY 3, 2025

WhatsApp, the Meta-owned, end-to-end encrypted messaging platform, said it has reliable information that nearly 100 journalists and other members of civil society were targets of a spyware campaign conducted by the Israeli spyware company.

Spyware 127

Spyware Accountability Encryption Government 127

Security Affairs

APRIL 30, 2025

The RAT supports advanced evasion techniques, including living-off-the-land ( LOTL ) tactics and encrypted command and control (C2) communications. opendnsapi.net), and uses IPFS to retrieve encrypted modules. Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft.

Encryption 102

Encryption Ransomware Malware Phishing 102

Security Affairs

MARCH 18, 2025

dll module revealed that the malware supports sophisticated functionalities to steal credentials from browsers, digital wallet data, clipboard content, and system information. “StilachiRAT gathers extensive system information, including OS details, device identifiers, BIOS serial numbers, and camera presence.”

Malware 116

Malware Cryptocurrency Encryption Passwords 116

Schneier on Security

NOVEMBER 8, 2023

The first is organizational decoupling: dividing private information among organizations such that none knows the totality of what is going on. The second is functional decoupling: splitting information among layers of software.

Encryption 321

Encryption Authentication Government Software 321