Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. Data belonging to current and former Government of Canada employees, members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel have been also exposed. Both contractors suffered a security breach in October.

Data breaches 112

Data breaches Government Hacking Backups 112

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government 52

Government Malware Telecommunications Cybercrime 52

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. appeared first on Security Affairs. ” concludes Palo Alto Networks.

Government 104

Government Manufacturing Education Malware 104

Security Affairs

SEPTEMBER 10, 2022

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. PlugX is modular malware has backdoor capabilities that could be extended by downloading additional plugins. In the recent campaign, the malware is included in RAR archive files.

Government 102

Government Malware Encryption Hacking 102

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity.

Government 81

Government Malware Computers and Electronics Advertising 81

Security Affairs

FEBRUARY 23, 2020

Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. .

Government 116

Government Malware Advertising Passwords 116

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the first campaign, attackers distributed a custom malware disguised as an interactive map of Ukraine ( interactive_map_UA.exe ). exe for its malware. This campaign primarily targeted RT TV employees.

Government 107

Government Malware Phishing Hacking 107

Schneier on Security

SEPTEMBER 2, 2022

Details are few, but Montenegro has suffered a cyberattack : A combination of ransomware and distributed denial-of-service attacks, the onslaught disrupted government services and prompted the country’s electrical utility to switch to manual control. […].

Retail 250

Retail Government Ransomware Information Security 250

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 98

Malware Internet Internet DDOS 98

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e.

Education 111

Education Government Business Services Software 111

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware 126

Malware DNS Retail Education 126

Security Affairs

FEBRUARY 6, 2024

China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. Dutch Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) published a joint report warning that a China-linked APT group breached the Dutch Ministry of Defence last year.

Malware 107

Malware Firmware VPN Backups 107

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Malware 109

Malware Authentication Threat Detection Government 109

Security Affairs

AUGUST 25, 2022

Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments.

Malware 120

Malware Authentication Telecommunications Government 120

Security Affairs

MARCH 8, 2023

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia.

Government 83

Government Malware Architecture Healthcare 83

Security Affairs

FEBRUARY 4, 2022

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government 83

Government Malware Phishing Software 83

Security Affairs

FEBRUARY 12, 2023

The Russian Government proposed to give a sort of immunity to the hackers that operate in the interests of Moscow. Russian media reported that Alexander Khinshtein, the head of the Duma committee on information policy, announced that the Russian government is evaluating to avoid punishing hackers acting in the interests of Moscow.

Government 83

Government Malware Media Hacking 83

Security Affairs

MAY 31, 2022

Cyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the Costa Rican government that caused a nationwide crisis. The experts warn of ransomware attacks against government organizations. ” continues Cyble. .

Government 139

Government Ransomware Cybercrime Banking 139

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. Barracuda, with the support of Mandiant, discovered the issue was exploited to deploy malware on a subset of appliances allowing for persistent backdoor access. reads the report published by Mandiant.

Government 105

Government Hacking Malware Accountability 105

Security Affairs

SEPTEMBER 29, 2022

The Russia-linked APT28 group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique relying on mouse movement in decoy Microsoft PowerPoint documents to deploy malware, researchers from Cluster25 reported. ” reads the analysis published by Cluster25.

Malware 117

Malware Government Hacking Information Security 117

Security Affairs

JANUARY 26, 2024

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sentenced in the US to 64 months in prison for his role in the development and distribution of the TrickBot malware. in October 2021.

Malware 99

Malware Identity Theft Banking Ransomware 99

Security Affairs

DECEMBER 12, 2023

Cisco Talos researchers tracked the campaign as Operation Blacksmith, the nation-state actors are employing at least three new DLang -based malware families. Two of these malware strains are remote access trojans (RATs), respectively tracked as NineRAT and “DLRAT” The former relies on Telegram bots and channels for C2 communications.

Malware 101

Malware Data collection Manufacturing Healthcare 101

Security Affairs

JUNE 6, 2022

Following the attacks of the Killnet Collective, the group responsible for the attacks against major government resources and law enforcement, a new group has been identified called “Cyber Spetsnaz”. The post Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies appeared first on Security Affairs.

Government 139

Government DDOS Cyber Attacks Hacking 139

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing 117

Phishing Malware Computers and Electronics Internet 117

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” continues the DoJ.

Government 94

Government Energy and Utilities Malware Hacking 94

Security Affairs

NOVEMBER 15, 2019

A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. The post New TA2101 threat actor poses as government agencies to distribute malware appeared first on Security Affairs. Pierluigi Paganini.

Government 77

Government Malware Social Engineering Banking 77

Malwarebytes

JANUARY 16, 2024

The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Together, CWRU and the FBI were able to identify that an IP address with which the malware was communicating had also been used to access the alumni email account of a man called Phillip Durachinsky.

Malware 90

Malware Passwords Identity Theft Data collection 90

Security Affairs

AUGUST 6, 2022

Greek intelligence admitted it had spied on a journalist, while citizens ask the government to reveal the use of surveillance malware. The head of the Greek intelligence told a parliamentary committee that they had spied on a journalist with surveillance malware , Reuters reported citing two sources present. Pierluigi Paganini.

Surveillance 104

Surveillance Malware Spyware Government 104

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The campaign has been active since at least 2021, threat actors employed downloaders and loaders to deploy next-stage malware. appeared first on Security Affairs. Is it linked to ToddyCat APT?

Government 103

Government Encryption Phishing Malware 103

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking 92

Banking Malware Antivirus Phishing 92

Security Affairs

MARCH 9, 2022

government. government. Update on recent batch of Google TAG Government Backed Attack Warnings: In February, we detected an APT31 phishing campaign targeting high profile Gmail users affiliated with the U.S. government. Government appeared first on Security Affairs. Pierluigi Paganini.

Government 91

Government Phishing DDOS Hacking 91

Security Affairs

FEBRUARY 24, 2022

Cybersecurity experts discovered a new data wiper malware that was used in attacks against hundreds of machines in Ukraine. Researchers from cybersecurity firms ESET and Broadcom’s Symantec discovered a new data wiper malware that was employed in a recent wave of attacks that hit hundreds of machines in Ukraine.

Malware 114

Malware DDOS Banking Government 114

Security Affairs

JULY 19, 2021

Pegasus is a surveillance malware developed by the Israeli surveillance NSO Group that could infect both iPhones and Android devices, it is sold exclusively to the governments and law enforcement agencies. The evidence demonstrates that governments used Pegasus to intimidate journalists and critical media. Pierluigi Paganini.

Spyware 114

Spyware Government Surveillance Media 114

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware 103

Malware Encryption Telecommunications Authentication 103

Security Affairs

JANUARY 31, 2024

In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities ( CVE-2023-46805, CVE-2024-21887 ) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. x and Ivanti Policy Secure. The flaw CVE-2023-46805 (CVSS score 8.2)

VPN 91

VPN Malware Authentication Small Business 91

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. Pierluigi Paganini.

Malware 83

Malware Phishing Banking Government 83

Security Affairs

APRIL 26, 2023

In recent years, the researchers observed the group expanding its operations to include financial institutions and government entities. This circumstance suggests that the threat actor is reusing existing source code to create new malware. ” reads the analysis published by Unit 42. org over port 8443 for C2. saspecialforces.co[.]za

Malware 95

Malware Telecommunications Government VPN 95