Education, Government, Manufacturing and Security

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. Pierluigi Paganini.

Education

Education Government Libraries Mining

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. appeared first on Security Affairs. OwlProxy is a unique and custom tool used by the group.

Government

Government Manufacturing Education Access

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. It has since been confirmed by Anukul Peedkaew, the permanent secretary of social development and human security.

Data Privacy

Data Privacy Manufacturing Privacy Security

To Make the Internet of Things Safe, Start with Manufacturing

Thales Cloud Protection & Licensing

SEPTEMBER 11, 2018

Achieving the IoT’s bold objective requires not only bringing many small things together and carefully orchestrating their interconnections, but also the assurance that their integrity and the data they collect remains secure and trustworthy. Therefore, manufacturing is the first critical link in the chain to establish trust across the IoT.

Manufacturing

Manufacturing IoT Authentication Paper

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally.

Ransomware

Ransomware Security Manufacturing Cybersecurity

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. KG Source 1 ; source 2 (New) Manufacturing Germany Yes 1.1 They accessed 41.5 Data breached: 41,500,000 records.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. PuTTY.exe Rhysida actors have been observed creating Secure Shell (SSH) PuTTy connections for lateral movement. ” reads the joint advisory.

Ransomware

Ransomware Manufacturing Education Passwords

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. While it’s a progressive step for the network security of the U.S. government, standards will not apply to the IoT market at-large.

IoT

IoT Cybersecurity Manufacturing Government

Security Affairs newsletter Round 282

Security Affairs

SEPTEMBER 20, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 282 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Ransomware Data breaches Manufacturing

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

It emerged this week, according to the New York City Department of Education, that data from a further 381,000 students was also compromised in this incident. This week, it turns out at least 191 further Australian organisations, including government entities, were affected by this breach, highlighting the risks of supply chain attacks.

Data breaches

Data breaches Education Manufacturing Retail

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement). was the prevalent variant in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. In fact, the U.S. ” continues the alert. ” U.S. ” U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

The Last Watchdog

FEBRUARY 20, 2023

One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries. The Costa Rican government declared a national emergency , after attackers crippled govenrment systems and demanded $20 million to restore them go normal. Loss of money from downtime exceeds the ransom. •To

Ransomware

Ransomware Cleanup Education Manufacturing

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

Breached organisation: BHI Energy, providing staffing solutions to the nuclear, fossil, wind, hydro and government energy markets. Incident details: Network security incident, where allegedly AlphV gained unauthorised access and made demands to the hospital’s leadership, suggesting a ransomware attack. Records breached: Unknown.

Data Privacy

Data Privacy Privacy Security Data breaches

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

” said Bryan Vorndran, the Assistant Director at the FBI Cyber Division, during the 2024 Boston Conference on Cyber Security. The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

IoT

IoT Mining Manufacturing Education

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security.

Government

Government Energy and Utilities Healthcare Access

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” In November 2019, the U.S.

Government

Government Communications Risk Cybersecurity

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs

JUNE 1, 2021

Just recently, the group has published a stolen data allegedly belonging to the Mexican Government which still remains available for sale today, and possibly becoming the first cybercriminal group that has touched a major state in Latin America on such a level. Mexican Government data is published for sale. Pierluigi Paganini.

Sales

Sales Ransomware Government GDPR

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. In fact, the U.S. continues the alert.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Security Affairs

OCTOBER 30, 2021

MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. CIOs and security managers could also use the list to assess the efficiency of their program to secure hardware within in their organizations.

Manufacturing

Manufacturing Education Access Security

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the Department has once again demonstrated the long arm of the law. 16% of the State, Local, Tribal, and Tribunal (SLTT) government ransomware incidents reported to the MS-ISAC is 2022 were LockBit attacks. law enforcement).

Ransomware

Ransomware Agriculture Education Government

China-linked Flax Typhoon APT targets Taiwan

Security Affairs

AUGUST 25, 2023

Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan. The group relies on tools built into the operating system, along with some legitimate software.

Manufacturing

Manufacturing Education Access Government

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., Since February, the attacks targeted organizations in critical manufacturing, IT, and Israel’s defense industry. Middle East, and India.

Phishing

Phishing Manufacturing Education Cybersecurity

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

IT Governance

NOVEMBER 28, 2023

The post The Week in Cyber Security and Data Privacy: 20 – 26 November 2023 appeared first on IT Governance UK Blog. In the meantime, if you missed it, check out last week’s round-up. Please do also let us know what you think about our new table format.

Data Privacy

Data Privacy Privacy Energy and Utilities Data breaches

FTC Recommends Steps to Improve Mobile Device Security Update Practices

Hunton Privacy

MARCH 6, 2018

On February 28, 2018, the Federal Trade Commission issued a report, titled Mobile Security Updates: Understanding the Issues (the “Report”), that analyzes the process by which mobile devices sold in the U.S. receive security updates and provides recommendations for improvement.

Manufacturing

Manufacturing Security Education Communications

Government By Numbers: Some Interesting Insights

John Battelle's Searchblog

OCTOBER 28, 2011

Not to mention retirement (from Social Security to 401ks, etc.). Of course, were such a hypothesis true, one might imagine that the over percentage of GDP represented by government workers would have gone *down* over the past few decades. Let’s take a look at some detail: Ahh… Education. Very interesting.

Government

Government Education Military Financial Services

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” The researchers pointed out that the use of the KV-Botnet is limited to China-linked actors.

Communications

Communications Manufacturing Education Government

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing

Phishing Financial Services Manufacturing Personal data

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. To prevent the threat from spreading within the network, the City has shut down the impacted IT systems. reads the alert.

Ransomware

Ransomware IT Encryption Education

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” continues the report. We are in the final!

Communications

Communications Manufacturing Access Archiving

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. It is the largest office furniture manufacturer in the world. Steelcase has 13,000 employees and $3.7 billion in 2020. Pierluigi Paganini.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. New #ransomware #BlackSuit targets Windows, #Linux. Extension: blacksuit. ReadMe file name: README.BlackSuit.txt.

Ransomware

Ransomware Encryption File names Cybersecurity

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education.

Ransomware

Ransomware Encryption Cybersecurity Communications

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Third-party governance.

Compliance

Compliance Risk Government Retail

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

But with a proactive approach to data security, organizations can fight back against the seemingly endless waves of threats. IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Where do data breaches originate?

Security

Security Data breaches Data Privacy Compliance

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. You need to rely on external storage to securely transport your data. Park: Any industry that requires security.

Encryption

Encryption Military Passwords Authentication

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. million to mitigate the May Royal ransomware attack appeared first on Security Affairs. million to mitigate the May Royal ransomware attack appeared first on Security Affairs.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Trending Sources

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

To Make the Internet of Things Safe, Start with Manufacturing

MSI confirms security breach after Money Message ransomware attack

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

FBI and CISA warn of attacks by Rhysida ransomware gang

The IoT Cybersecurity Act of 2020: Implications for Devices

Security Affairs newsletter Round 282

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

Cybersecurity agencies published a joint LockBit ransomware advisory

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

The Week in Cyber Security and Data Privacy: 16–22 October 2023

Operation Cronos: law enforcement disrupted the LockBit operation

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Updated Kmsdx botnet targets IoT devices

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

FBI chief says China is preparing to attack US critical infrastructure

MITRE and CISA publish the 2021 list of most common hardware weaknesses

A Russian national charged for committing LockBit Ransomware attacks

China-linked Flax Typhoon APT targets Taiwan

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Microsoft seized 41 domains used by Iran-linked Bohrium APT

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

FTC Recommends Steps to Improve Mobile Device Security Update Practices

Government By Numbers: Some Interesting Insights

China-linked APT Volt Typhoon linked to KV-Botnet

Catches of the Month: Phishing Scams for October 2023

City of Dallas shut down IT services after ransomware attack

China-linked APT Volt Typhoon targets critical infrastructure organizations

Steelcase office furniture giant hit by Ryuk ransomware attack

New Linux Ransomware BlackSuit is similar to Royal ransomware

The U.S. CISA and FBI warn of Royal ransomware operation

Top 10 Governance, Risk and Compliance (GRC) Vendors

Data security: Why a proactive stance is best

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Stay Connected