Encryption, Information and Information Security

GUEST ESSAY: The key differences between ‘information privacy’ vs. ‘information security’

The Last Watchdog

JUNE 12, 2023

Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers.

Information Security

Information Security Data breaches CISO Encryption

Don’t Let Encryption Become A Double-Edged Sword That Undermines Zero Trust CyberSecurity

Joseph Steinberg

APRIL 21, 2022

It is no secret that cybersecurity professionals universally recommend that people, businesses, and governments employ strong encryption as one of several methods of protecting sensitive information.

Encryption

Encryption Cybersecurity Artificial Intelligence Backups

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. Gen Digital observed phishing campaigns distributing the Glove Stealer.

Encryption

Encryption Password Management Cryptocurrency Social Engineering

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

JANUARY 15, 2025

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. The ransomware group Codefinger utilizes an AES-256 encryption key they generate and store locally.

Encryption

Encryption Ransomware Authentication Accountability

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

TIM.exe then loads a malicious launcher DLL libcurl.dll whichwilldecrypt and load the PLAYFULGHOST payload from an encrypted file named Debug.log.” . “Then, the LNK file launches QQLaunch.exe , a legitimate binary from Tencent QQ, which launches another legitimate binary TIM.exe which is a renamed version of the program CURL.

Malware

Malware Encryption Phishing Hacking

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. Unlike modern ransomware it doesn’t rely on sophisticated encryption algorithms and modifies BitLocker configurations to encrypt a system’s drives.

Ransomware

Ransomware Encryption Passwords Backups

Ransomware attack on ENGlobal compromised personal information

Security Affairs

JANUARY 28, 2025

ENGlobal reported to the SEC that personal information was compromised in a ransomware attack that took place in November 2024. ENGlobal disclosed a ransomware attack that occurredin November, in a SEC filingthe company confirmed that threat actors gained access to personal information. ” reads the FORM 8-K filed with SEC.

Ransomware

Ransomware Encryption Hacking Technology

My Philosophy and Recommendations Around the LastPass Breaches

Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults.

Password Management

Password Management Passwords Encryption Backups

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Security Affairs

NOVEMBER 18, 2024

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. .

Ransomware

Ransomware Insurance Encryption Healthcare

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

Securities and Exchange Commission (SEC), the company discovered the attack on November 25. The threat actors had access to the company’s information technology systems and encrypted some of its data files. According to the FORM 8-K report filed with the U.S. ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Technology Cybersecurity

Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Security Affairs

JANUARY 3, 2025

Over 3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. ShadowServer researchers reported that around 3.3 We see around 3.3M It's time to retire those!

Encryption

Encryption Passwords Internet Internet

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

On April 10, Sisense Chief Information Security Officer Sangram Dash told customers the company had been made aware of reports that “certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet.)”

CISO

CISO Encryption Telecommunications Financial Services

World Backup Day: A Clarion Call for Cyber Resilience

SecureWorld News

MARCH 31, 2025

A critical business function, not just a checkbox "World Backup Day acts as a crucial reminder that data loss is inevitable, encouraging us to take proactive steps to protect our information," says Emilio Sepulveda , Manager of Information Security at Deepwatch.

Backups

Backups Mobile Encryption CISO

Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita

Security Affairs

APRIL 25, 2025

. “On April 12, 2025, DaVita became aware of a ransomware incident affecting and encrypting certain on-premises systems. The group claimed the theft of 1510 GB of sensitive data, including patient records, insurance, and financial information. The DaVita network was encrypted by InterLock Ransomware.

Ransomware

Ransomware Encryption Insurance Marketing

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. FROM ACCOUNT THEFT TO A FULL-FLEDGED SERVICE: THE EVOLUTION OF THE MODEL The phenomenon has rapidly upgraded complexity, as detailed in the Meridian Group report.

Cybercrime

Cybercrime Social Engineering Accountability Government

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details. The company engaged top cybersecurity and forensic experts, informed authorities, and is actively supporting affected stakeholders. The gang claimed the theft of 2 TB of data.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

NIST’s Post-Quantum Cryptography Standards

Schneier on Security

AUGUST 8, 2022

The idea is to standardize on both a public-key encryption and digital signature algorithm that is resistant to quantum computing, well before anyone builds a useful quantum computer. Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force.

Encryption

Encryption Architecture Engineering Information Security

Oracle privately notifies Cloud data breach to customers

Security Affairs

APRIL 6, 2025

Oracle confirms a cloud data breach, quietly informing customers while downplaying the impact of the security breach. Oracle confirms a data breach and started informing customers while downplaying the impact of the incident. Oracle has since taken the server offline. “Oracle Corp.

Data breaches

Data breaches Encryption Hacking Passwords

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. The ransomware group used an unsecured webcam to encrypt systems within atarget’s network, bypassing Endpoint Detection and Response (EDR). Akira successfully encrypted files across the network.

Ransomware

Ransomware IoT Encryption Passwords

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

Security Affairs

APRIL 30, 2025

The RAT supports advanced evasion techniques, including living-off-the-land ( LOTL ) tactics and encrypted command and control (C2) communications. opendnsapi.net), and uses IPFS to retrieve encrypted modules. Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft.

Encryption

Encryption Ransomware Malware Phishing

Zero Trust Network Architecture vs Zero Trust: What Is the Difference?

Joseph Steinberg

JANUARY 4, 2023

The term Zero Trust refers to a concept, an approach to information security that dramatically deviates from the common approach of yesteryear; Zero Trust states that no request for service is trusted, even if it is issued by a device owned by the resource’s owner, and is made from an internal, private network belonging to the same party.

Architecture

Architecture Artificial Intelligence Encryption Cybersecurity

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Unlike other extortion group, the gang doesnt encrypt data, but focuses on data theft to speed up its activity. Loretto identified the impacted individuals and notified them by mail on March 15, 2023, offering guidance on protecting their information. Victims include AMD and Keralty. They shame non-payers by leaking data.

Hacking

Hacking Healthcare Backups Ransomware

US authorities have indicted Black Kingdom ransomware admin

Security Affairs

MAY 4, 2025

“The ransomware either encrypted data from victims computer networks or claimed to take that data from the networks. Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents.

Ransomware

Ransomware Encryption VPN Malware

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

Security Affairs

NOVEMBER 4, 2024

The city added that the attack was successfully thwarted, and no systems were encrypted. TB of sensitive data, including employee credentials, a full dump of servers with emergency services applications of the city, access from city video cameras, and other sensitive information. Rhysida demanded 30 Bitcoin (about $1.9

Ransomware

Ransomware Identity Theft Data breaches Cyber threats

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. Sherrets Dane Sherrets , Innovation Architect, HackerOne Well see greater industry adoption of AI security and safety standards.

Cybersecurity

Cybersecurity CISO Risk Government

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

Introduction to TLS and Certificate Transparency Log Securing Internet communications is crucial for maintaining the confidentiality and integrity of information in transit. 509 [2] certificates) and encrypted, authenticated connections (TLS [3] and its precursor, SSL [4] ).

DNS

DNS Manufacturing Firewall Internet

New MassJacker clipper targets pirated software seekers

Security Affairs

MARCH 15, 2025

The malware, dubbed PackerE, downloads an encrypted DLL (PackerD1) that employs multiple anti-analysis techniques. It uses a configuration file with regex patterns to detect cryptocurrency wallet addresses and C2 addresses for downloading encrypted wallet lists (recovery.dat and recoverysol.dat).

Software

Software Cryptocurrency Malware Encryption

The source code of Banshee Stealer leaked online

Security Affairs

NOVEMBER 26, 2024

The ZIP file is then XOR encrypted, base64 encoded, and sent via a POST request to a specified URL using the built-in cURL command. Despite its potentially dangerous capabilities, the malware’s lack of sophisticated obfuscation and the presence of debug information make it easier for analysts to dissect and understand.

Malware

Malware Cryptocurrency Encryption Passwords

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. The Port started notifying impacted individuals after their personal information was compromised. Please visit our cyberattack webpage for additional information.”

Data breaches

Data breaches Ransomware Cyber Attacks Manufacturing

New StilachiRAT uses sophisticated techniques to avoid detection

Security Affairs

MARCH 18, 2025

dll module revealed that the malware supports sophisticated functionalities to steal credentials from browsers, digital wallet data, clipboard content, and system information. “StilachiRAT gathers extensive system information, including OS details, device identifiers, BIOS serial numbers, and camera presence.”

Malware

Malware Cryptocurrency Encryption Passwords

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

No OCI service has been interrupted or compromised in any way,” Last week, Oracle confirmed a data breach and started informing customers while downplaying the impact of the incident. Cyber security firm CybelAngel first reported that Oracle communicated to stakeholders about a security breach. states the company.

Hacking

Hacking Data breaches Encryption Passwords

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

Exploiting this vulnerability can result in accessing sensitive information on the Security Gateway.” ” reads the advisory Check Point Security Gateways. ” Threat actors could exploit the flaw to extract information on gateways, including password hashes for all local accounts.

Healthcare

Healthcare Ransomware VPN Malware

Guide: What is KMI (Key Management Infrastructure)?

Security Boulevard

APRIL 25, 2025

One of the most critical elements of modern information security is encryption. Encryption is a complex field based solely on the arms race between people seeking secure ways to encode and encrypt data at rest and in transit and those seeking to break that encryption.

Encryption

Encryption Information Security Network Security

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. A version discovered by Check Point in September relied on Apple’s XProtect encryption algorithm for obfuscation, allowing it to evade antivirus detection until its source code leak in November.

Malware

Malware Advertising Antivirus Cybercrime

AMD fixed a flaw that allowed to load malicious microcode

Security Affairs

FEBRUARY 4, 2025

AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode. Researchers from Google disclosed an improper signature verification vulnerability, tracked asCVE-2024-56161 (CVSS score of 7.2), in AMD’s Secure Encrypted Virtualization (SEV).

Encryption

Encryption Firmware Hacking Information Security

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Attackers are not only encrypting systems but also targeting sensitive data, including Protected Health Information (PHI) and Personally Identifiable Information (PII), such as diagnoses, therapy records, genetic data, and Social Security numbers. Louis, Missouri.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. Generation of target list of extensions and folders to encrypt. ” reported the website Nation Thailand.

Ransomware

Ransomware Encryption Backups Malware

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Security Affairs

APRIL 2, 2025

.” FIN7is a Russian criminalgroup (aka Carbanak ) that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces.

Antivirus

Antivirus Cybercrime Malware Encryption

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants. Gaining access without cooperation from Telegram itself could be highly valuable.

Government

Government Surveillance Mobile Hacking

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Ransomware attackers often spend weeks or months inside of a target’s network before attempting to deploy malware across the network that encrypts servers and desktop systems unless and until a ransom demand is met. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking

Hacking Ransomware Banking Accountability

Indian Court ordered to block email service Proton Mail

Security Affairs

APRIL 30, 2025

Proton Mail is a Swiss-based email service offering end-to-end encryption to ensure that only the sender and recipient can read the messages. The company employs client-side encryption, meaning emails are encrypted on the user’s device before being sent to Proton’s servers, enhancing user privacy and security.

Encryption

Encryption Government Media Hacking

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. ” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network.

Ransomware

Ransomware Hacking Social Engineering VPN

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies. Strong segmentation with firewalls and DMZs, securing VPN gateways, and ensuring encrypted traffic with TLS v1.3 The cyber spies stole information belonging to targeted individuals that was subject to U.S.

Telecommunications

Telecommunications Government Mobile Cyber threats

GUEST ESSAY: The key differences between ‘information privacy’ vs. ‘information security’

Don’t Let Encryption Become A Double-Edged Sword That Undermines Zero Trust CyberSecurity

Trending Sources

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

PLAYFULGHOST backdoor supports multiple information stealing features

Bitdefender released a decryptor for the ShrinkLocker ransomware

Ransomware attack on ENGlobal compromised personal information

My Philosophy and Recommendations Around the LastPass Breaches

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Why CISA is Warning CISOs About a Breach at Sisense

World Backup Day: A Clarion Call for Cyber Resilience

Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita

EDR-as-a-Service makes the headlines in the cybercrime landscape

South African telecom provider Cell C disclosed a data breach following a cyberattack

NIST’s Post-Quantum Cryptography Standards

Oracle privately notifies Cloud data breach to customers

Akira ransomware gang used an unsecured webcam to bypass EDR

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

Zero Trust Network Architecture vs Zero Trust: What Is the Difference?

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

US authorities have indicted Black Kingdom ransomware admin

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

New MassJacker clipper targets pirated software seekers

The source code of Banshee Stealer leaked online

Port of Seattle ‘s August data breach impacted 90,000 people

New StilachiRAT uses sophisticated techniques to avoid detection

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

NailaoLocker ransomware targets EU healthcare-related entities

Guide: What is KMI (Key Management Infrastructure)?

Banshee macOS stealer supports new evasion mechanisms

AMD fixed a flaw that allowed to load malicious microcode

Healthcare Now Third-Most Targeted Industry for Ransomware

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Indian Court ordered to block email service Proton Mail

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Cloak ransomware group hacked the Virginia Attorney General’s Office

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Stay Connected