Information Management Today

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

OCTOBER 18, 2023

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. ” reported Google TAG.

Archiving

Archiving Security IT Data breaches

Zimbra zero-day exploited to steal government emails by four groups

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. Google TAG researcher Clément Lecigne discovered the zero-day in June while investigating targeted attacks against Zimbra’s email server. ” reads the advisory published by Google TAG.

Government

Government Authentication Phishing IT

Email Security Flaw Found in the Wild

Schneier on Security

NOVEMBER 21, 2023

TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. To ensure protection against these types of exploits, TAG urges users and organizations to keep software fully up-to-date and apply security updates as soon as they become available.

Security

Security Authentication Government IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Crickets from Chirp Systems in Smart Lock Key Leak

Krebs on Security

APRIL 15, 2024

government is warning that “smart locks” securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021.

Analytics

Analytics Cybersecurity Passwords Communications

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Burger King forgets to put a password on their systems, again

Security Affairs

AUGUST 2, 2023

The fast food giant Burger King put their systems and data at risk by exposing sensitive credentials to the public for a second time. It’s not the first time Burger King has leaked sensitive data. Among other sensitive data, the file contained credentials for a database.

Passwords

Passwords Analytics Access Risk

Abusing Windows Container Isolation Framework to avoid detection by security products

Security Affairs

AUGUST 31, 2023

Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conference demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions.

Security

Security Ransomware Communications IT

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing

Phishing Military Ransomware Education

News Alert: Dasera unveils new data security and governance platform for ‘Snowflake’ users

The Last Watchdog

JUNE 23, 2023

June 22, 2023 — Dasera , the premier automated data security and governance platform for top-tier finance, healthcare, and technology enterprises, is thrilled to unveil “Ski Lift,” a complimentary platform exclusively designed for Snowflake users.

Government

Government Security Compliance Risk

Zimbra urges customers to manually fix actively exploited zero-day reported by Google TAG

Security Affairs

JULY 13, 2023

“A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced.” ” The vulnerability is reflected Cross-Site Scripting (XSS) that was discovered by Clément Lecigne of Google Threat Analysis Group (TAG).

Authentication

Authentication Cloud Security IT

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 25, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S. A new round of the weekly SecurityAffairs newsletter arrived!

Military

Military Security Ransomware Insurance

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

The Last Watchdog

OCTOBER 24, 2022

Employee security awareness is the most important defense against data breaches. Related: Leveraging security standards to protect your company. It involves regularly changing passwords and inventorying sensitive data. There are several ways you can protect your business from data breaches.

Cybersecurity

Cybersecurity Security awareness Passwords Data breaches

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. TAG researchers tracked more than 30 vendors selling exploits or surveillance capabilities to nation-state actors. ” reads the report published by Google. ” continues the analysis.

Government

Government Security IT Information Security

GUEST ESSAY: JPMorgan’s $200 million in fines stems from all-too-common compliance failures

The Last Watchdog

JANUARY 13, 2022

Last month’s $125 million Security and Exchange Commission (SEC) fine combined with the $75 million U.S. While the price tag of these violations was shocking, the compliance failure was not. Besides going against regulatory requirements, it also means that if an employee leaves the company, customer data goes with them.

Compliance

Compliance Customer Experience Communications Archiving

Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519

Security Affairs

JULY 23, 2023

Cybersecurity and Infrastructure Security Agency (CISA) this week warned of cyber attacks against Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices exploiting recently discovered zero-day CVE-2023-3519. Update on CVE-2023-3519 vulnerable IPs: we now tag 15K Citrix IPs as vulnerable to CVE-2023-3519.

Cybersecurity

Cybersecurity Cloud Encryption Passwords

Work Remotely Without Compromising Your Data

AIIM

JANUARY 7, 2021

A recent study commissioned by Egnyte surveyed 400 IT leaders to understand how COVID-19 has impacted businesses’ ability to maintain data security and governance with a distributed workforce. A well-educated and well-informed workforce is one of the best defenses against security risks.

Unstructured data

Unstructured data Government Artificial Intelligence Risk

Protect, understand and unlock your data with Snowflake and Collibra

Collibra

NOVEMBER 16, 2021

Snowflake’s platform enables organizations to seamlessly analyze and securely share data throughout the business. However, even when your data is all in one place, it still requires visibility, control, understanding and security. Data governance with Snowflake and Collibra.

Government

Government Access Compliance Cloud

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. TAG believes that the ARCHIPELAGO group is a subset of a threat actor tracked by Mandiant as APT43. ” reads the analysis published by Google TAG.

Phishing

Phishing Passwords Military Education

Google TAG shares details about exploit chains used to install commercial spyware

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. Google’s Threat Analysis Group (TAG) shared details about two distinct campaigns which used several zero-day exploits against Android, iOS and Chrome. links sent over SMS to users.

Archiving

Archiving Access Risk Security

Apache Software Foundation fixes code execution flaw in Apache Struts 2

Security Affairs

DECEMBER 8, 2020

The Apache Software Foundation has released a security update to address a “possible remote code execution” flaw in Struts 2 that is related to the OGNL technology. . The remote code execution flaw, tracked as CVE-2020-17530, resides in forced OGNL evaluation when evaluated on raw user input in tag attributes. to Struts 2.5.25

Cybersecurity

Cybersecurity Security IT Information Security

UK ICO Issues Enforcement Notice and Warning to UK Home Office

Hunton Privacy

MARCH 1, 2024

The Home Office is the ministerial department of the UK government responsible for immigration, security, and law and order. While the pilot ended in December 2023, the Home Office will continue to have access to the data collected during the pilot until it is deleted or anonymized.

Privacy

Privacy Data collection Risk Access

Google addressed 3 actively exploited flaws in Android

Security Affairs

JULY 8, 2023

Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. ” reads the security bulletin. .

Libraries

Libraries Security Access IT

News alert: DigiCert extends cert management platform to support Microsoft CA, AWS Private CA

The Last Watchdog

AUGUST 8, 2023

Chauhan “DigiCert customers place high priority on ensuring continuity of security across diverse IT infrastructure, as data and processes cut across clouds and environments,” said DigiCert Chief Product Officer Deepika Chauhan. DigiCert ® ?ONE

Authentication

Authentication Cloud Communications Government

Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict

Security Affairs

APRIL 3, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Apr 02 – Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church. Mar 31 – Google TAG details cyber activity with regard to the invasion of Ukraine. Pierluigi Paganini.

Personal data

Personal data Phishing Security IT

The DDR Advantage: Real-Time Data Defense

Security Affairs

MARCH 27, 2024

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build a real-time data defense. The advantage of Data Detection and Response (DDR) is that you no longer have to wait until the milk is spilled. With DDR, your organization can have real-time data defense. Here’s how it works.

Data Privacy

Data Privacy Risk Cloud Access

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 1, 2023

Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm.

IT

IT Libraries Cybersecurity Passwords

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security

Security Phishing Information Security Communications

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control ( GC2 ) in an attack against an unnamed Taiwanese media organization. The final payload was the Go-written GC2 tool that gets commands from Google Sheets and exfiltrates data to Google Drive.

Phishing

Phishing Cloud Government Education

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues

Security Affairs

JULY 30, 2023

The popular Threat Analysis Group (TAG) Maddie Stone wrote Google’s fourth annual year-in-review of zero-day flaws exploited in-the-wild [ 2021 , 2020 , 2019 ], it is built off of the mid-year 2022 review. ” reads the report published by Google TAG.

IT

IT Security Information Security

How to Implement Microsegmentation

eSecurity Planet

MARCH 15, 2021

In an era where the network edge faces the highest traffic, organizations rush to add more robust security yet hesitate to take on the long-term endeavor known as microsegmentation. Instead, by enhancing visibility into how data flows, network administrators can work with business and security analysts to create application enabled policies.

Communications

Communications Cloud Compliance Security

A new Magecart campaign hides the malicious code in 404 error page

Security Affairs

OCTOBER 12, 2023

Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. ” The attack chain of this campaign consists of three main parts: loader, malicious attack code, and data exfiltration. .”

Retail

Retail IT Security Information Security

Microsoft Patch Tuesday, December 2022 Edition

Krebs on Security

DECEMBER 14, 2022

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The security updates include patches for Azure , Microsoft Edge, Office , SharePoint Server , SysInternals , and the.NET framework.

Ransomware

Ransomware Authentication Security Access

Security AI and automation are key in protecting against costly data breaches for retailers and consumer goods businesses

IBM Big Data Hub

OCTOBER 3, 2023

But this growth in digital sales can come with a hefty price tag for retailers and consumer goods businesses: a much greater risk of data breaches. trillion by 2026 , businesses are accumulating massive amounts of sensitive data, including payment information from their customers.

Retail

Retail Data breaches Security Manufacturing

CHINA: uncertainties helpfully clarified on various key data compliance activities

DLA Piper Privacy Matters

AUGUST 22, 2023

For example: Automated Decision-Making: where a data controller uses personal data to conduct any automated decision making, it must proactively inform data subjects in advance the types of data processed and the potential impact of the automated decision making. This is important to note for any data scraping activities.

Compliance

Compliance Personal data Privacy Government

Google Updates Privacy Terms to Shift Away From Offering Some Services as a “Service Provider” Under the CCPA

Hunton Privacy

JUNE 8, 2023

Since 2019, Google has offered some of its services on a “restricted data processing” basis. These business purposes include delivering advertising, reporting and measurement, security and fraud detection, debugging and improving and developing features for products.

Privacy

Privacy IT Security

How to Prevent Data Breaches: Data Breach Prevention Tips

eSecurity Planet

AUGUST 22, 2023

With the ever-present threat of data breaches, organizations need to adopt best practices to help prevent breaches and to respond to them when they occur to limit any damage. And breaches will occur – because bad guys make a living by figuring out ways to circumvent security best practices. But it requires different levels of security.

Data breaches

Data breaches Big data Cybersecurity Security

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

OCTOBER 14, 2021

The data were provided by Google’s Threat Analysis Group (TAG), which tracks government-backed hacking campaign, which warns of a significant increase in the number of the alert compared to the previous year. ” wrote Ajax Bash, a Google security engineer from the TAG. SecurityAffairs – hacking, cyber security).

Phishing

Phishing Military Government Security

Open Source Security Index Lists Top Projects

eSecurity Planet

JANUARY 30, 2023

Two venture investors have launched an index to track the most popular open source security projects. Chenxi Wang of Rain Capital and Andrew Smyth of Atlantic Bridge unveiled the Open Source Security Index last month. There are also manual additions for projects that lack labels in the GitHub API (tags, topics).

Security

Security Cloud IT Cybersecurity

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

An online retailer always gets users’ explicit consent before sharing customer data with its partners. A navigation app anonymizes activity data before analyzing it for travel trends. One cannot overstate the importance of data privacy for businesses today. The user can accept or reject each use of their data individually.

Data Privacy

Data Privacy Privacy GDPR Personal data

Data management sets the next phase of zero-trust

Collibra

JANUARY 23, 2023

Nowadays zero-trust is being recognized as a principle and a best practice that can be applied to broad aspects of security, accelerated by industry’s innovations. Among the five pillars, what is most notable for the Chief Data Officers (CDOs) is Data Categorization as a central theme of the data pillar.

Government

Government Access Authentication Security

Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

Security Affairs

JULY 15, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Government Analytics

Bumblebee attacks, from initial access to the compromise of Active Directory Services

Security Affairs

AUGUST 19, 2022

The Cybereason Global Security Operations Center (GSOC) Team analyzed a cyberattack that involved the Bumblebee Loader and detailed how the attackers were able to compromise the entire network. The threat actors use the obtained credentials to access Active Directory and make a copy of ntds.dit containing data for the entire Active Directory.

Access

Access Archiving Phishing Passwords

New skimmer attack uses WebSockets to evade detection

Security Affairs

NOVEMBER 15, 2020

Researchers from Akamai discovered a new skimmer attack that is targeting several e-stores with a new technique to exfiltrate data. “Online stores are increasingly outsourcing their payment processes to third-party vendors, which means that they don’t handle credit card data inside their store. com/gtags/script2 ).

Marketing

Marketing Risk IT Security

Security Affairs newsletter Round 371 by Pierluigi Paganini

Security Affairs

JUNE 26, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. The post Security Affairs newsletter Round 371 by Pierluigi Paganini appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Data breaches Phishing Ransomware

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Zimbra zero-day exploited to steal government emails by four groups

Webinars

Trending Sources

Email Security Flaw Found in the Wild

Webinars

Crickets from Chirp Systems in Smart Lock Key Leak

How to Package and Price Embedded Analytics

Burger King forgets to put a password on their systems, again

Abusing Windows Container Isolation Framework to avoid detection by security products

Google TAG warns of Russia-linked APT groups targeting Ukraine

News Alert: Dasera unveils new data security and governance platform for ‘Snowflake’ users

Zimbra urges customers to manually fix actively exploited zero-day reported by Google TAG

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

GUEST ESSAY: JPMorgan’s $200 million in fines stems from all-too-common compliance failures

Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519

Work Remotely Without Compromising Your Data

Protect, understand and unlock your data with Snowflake and Collibra

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Google TAG shares details about exploit chains used to install commercial spyware

Apache Software Foundation fixes code execution flaw in Apache Struts 2

UK ICO Issues Enforcement Notice and Warning to UK Home Office

Google addressed 3 actively exploited flaws in Android

News alert: DigiCert extends cert management platform to support Microsoft CA, AWS Private CA

Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict

The DDR Advantage: Real-Time Data Defense

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

China-linked APT41 group spotted using open-source red teaming tool GC2

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues

How to Implement Microsegmentation

A new Magecart campaign hides the malicious code in 404 error page

Microsoft Patch Tuesday, December 2022 Edition

Security AI and automation are key in protecting against costly data breaches for retailers and consumer goods businesses

CHINA: uncertainties helpfully clarified on various key data compliance activities

Google Updates Privacy Terms to Shift Away From Offering Some Services as a “Service Provider” Under the CCPA

How to Prevent Data Breaches: Data Breach Prevention Tips

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Open Source Security Index Lists Top Projects

Data privacy examples

Data management sets the next phase of zero-trust

Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

Bumblebee attacks, from initial access to the compromise of Active Directory Services

New skimmer attack uses WebSockets to evade detection

Security Affairs newsletter Round 371 by Pierluigi Paganini

Stay Connected