Information Management Today

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

OCTOBER 18, 2023

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. ” reported Google TAG.

Archiving

Archiving Security IT Data breaches

Apple released iOS 17.2 to address a dozen of security flaws

Security Affairs

DECEMBER 12, 2023

Apple rolled out emergency security updates to backport patches for two actively exploited zero-day flaws to older devices. which address a dozen of security flaws. Apple this week rolled out emergency security updates to backport patches for two actively exploited zero-day flaws to older devices. The company released iOS 17.2

Security

Security IT Information Security

Google warned 12K+ users targeted by state-sponsored hackers

Security Affairs

DECEMBER 1, 2019

Google’s Threat Analysis Group (TAG) revealed that it has detected and blocked attacks carried out by nation-state actors on 12,000 of its users in the third quarter of this year. ” reads the report published by Google TAG.”We SecurityAffairs – Google TAG, state-sponsored hacking). Pierluigi Paganini.

Phishing

Phishing Authentication Passwords Risk

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

Military

Military Phishing File names Government

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Archiving

Archiving Risk Government IT

CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Security Affairs

JANUARY 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two Qlik Sense vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Libraries

Libraries IT Cybersecurity Risk

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. TAG researchers tracked more than 30 vendors selling exploits or surveillance capabilities to nation-state actors. ” continues the analysis. Pierluigi Paganini.

Government

Government Security IT Information Security

Google blocked China-linked APT31’s attacks targeting U.S. Government

Security Affairs

MARCH 9, 2022

The campaign took place in February and Google Threat Analysis Group (TAG) team was not able to link it to the ongoing invasion of Ukraine. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages. Government appeared first on Security Affairs.

Government

Government Phishing Military IT

Ex-members of the Conti ransomware gang target Ukraine

Security Affairs

SEPTEMBER 8, 2022

Researchers from Google’s Threat Analysis Group (TAG) reported that some former members of the Conti cybercrime group were involved in five different campaigns targeting Ukraine between April and August 2022. ” reads the TAG’s report. ” concludes TAG. ” concludes TAG. Pierluigi Paganini.

Ransomware

Ransomware Government Phishing IT

Google warned users of 33,015 nation-state attacks since January

Security Affairs

OCTOBER 17, 2020

Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of attacks from nation-state actors. Google delivered 33,015 alerts to its users during the first three quarters of 2020 to warn them of phishing attacks, launched by nation-state actors, targeting their accounts. Pierluigi Paganini.

Healthcare

Healthcare Phishing Authentication Government

Apple addressed 2 new iOS zero-day vulnerabilities

Security Affairs

NOVEMBER 30, 2023

Apple released emergency security updates to fix two actively exploited zero-day flaws impacting iPhone, iPad, and Mac devices. Apple released emergency security updates to address two zero-day vulnerabilities impacting iPhone, iPad, and Mac devices. The company addressed the flaw with improved locking.

Security

Security IT Information Security

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Security Affairs

MAY 23, 2022

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. org jadlactnato.webredirect[.]org. Pierluigi Paganini.

Government

Government Communications Cybersecurity Security

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

OCTOBER 14, 2021

The data were provided by Google’s Threat Analysis Group (TAG), which tracks government-backed hacking campaign, which warns of a significant increase in the number of the alert compared to the previous year. ” wrote Ajax Bash, a Google security engineer from the TAG. SecurityAffairs – hacking, cyber security).

Phishing

Phishing Military Government Security

macOS Zero-Day exploited in watering hole attacks on users in Hong Kong

Security Affairs

NOVEMBER 12, 2021

Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. The experts believe that the attack was orchestrated by a nation-state actor, but did not attribute the campaign to a specific APT group. Pierluigi Paganini.

Encryption

Encryption IT Security Information Security

GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217.

Libraries

Libraries Passwords Security IT

Google TAG details cyber activity with regard to the invasion of Ukraine

Security Affairs

MARCH 31, 2022

The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. “ However, for the first time, TAG has observed COLDRIVER campaigns targeting the military of multiple Eastern European countries, as well as a NATO Centre of Excellence.” In one case observed by the TAG team.

Military

Military Phishing Government Ransomware

Google fixed the third Chrome zero-day of 2023

Security Affairs

JUNE 6, 2023

Google released security updates to address a high-severity zero-day flaw in the Chrome web browser that it actively exploited in the wild. Google released security updates to address a high-severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser.

Libraries

Libraries Security IT Information Security

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 1, 2023

Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm.

IT

IT Libraries Cybersecurity Passwords

Google addressed the sixth Chrome Zero-Day vulnerability in 2023

Security Affairs

NOVEMBER 29, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser. ” reads the advisory published by Google.

Libraries

Libraries Security Access IT

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. On Wednesday, Google announced to have warned approximately 14,000 Gmail users that they had been targeted by nation-state hackers. TAG sent a above average batch of government-backed security warnings yesterday.

Phishing

Phishing Military Government Security

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control ( GC2 ) in an attack against an unnamed Taiwanese media organization. China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization.

Phishing

Phishing Cloud Government Education

North Korea-linked campaign targets security experts via social media

Security Affairs

JANUARY 26, 2021

Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. ” reads the TAG’s report. ” reads the TAG’s report.

Security

Security Communications Cybersecurity Government

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Krebs on Security

NOVEMBER 28, 2022

The Army told Reuters it removed an app containing Pushwoosh in March, citing “security concerns.” ” The Army app was used by soldiers at one of the nation’s main combat training bases. gun lobby, the National Rifle Association (NRA), and Britain’s Labour Party.” THE PINCER TROJAN CONNECTION.

Government

Government Risk IT Marketing

Google fixes 2 new actively exploited zero-day flaws in Chrome

Security Affairs

OCTOBER 1, 2021

Google rolled out urgent security updates to address two new actively exploited zero-day vulnerabilities in its Chrome browser. Google this week rolled out urgent security updates for the Chrome browser to address four security flaws, including two new zero-day vulnerabilities that are being exploited in the wild.

Security

Security Government IT Information Security

China: new rules on use of algorithms for digital business, data analytics and decision-making

DLA Piper Privacy Matters

JANUARY 19, 2022

Finally, users must be allowed to delete their individual tagging. There is also a basic principle that the algorithm must “promote good values” and comply with China’s cyber and national security regulations. Use of certain specified algorithms (e.g.

Analytics

Analytics Sales Business Services Compliance

Indian power generation giant Tata Power hit by a cyber attack

Security Affairs

OCTOBER 15, 2022

The company confirmed that the security breach impacted “some of its IT systems.” ” the company wrote in a filing with the National Stock Exchange (NSE) of India. The security firm is tracking this cluster of malicious activities under the moniker Threat Activity Group 38 aka TAG-38.

Access

Access Risk Security IT

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 21, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Patch it now!

Security

Security e-Discovery Artificial Intelligence Ransomware

China-linked threat actors target Indian Power Grid organizations

Security Affairs

APRIL 9, 2022

The security firm is tracking this cluster of malicious activities under the moniker Threat Activity Group 38 aka TAG-38. The attackers employed a modular backdoor dubbed ShadowPad , an implant used by several groups linked to the People’s Liberation Army (PLA) and the Ministry of State Security (MSS). Pierluigi Paganini.

Cybersecurity

Cybersecurity Security Information Security IT

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 6, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. It’s Testing U.S.

Security

Security Military Phishing Sales

Microsoft Patch Tuesday fix Outlook zero-day actively exploited

Security Affairs

MARCH 14, 2023

Microsoft Patch Tuesday security updates for March 2023 addressed 74 new vulnerabilities in Microsoft Windows and Windows Components; Office and Office Components; Edge (Chromium-based); Microsoft Dynamics; Visual Studio; and Azure. .” ” states Microsoft.

Authentication

Authentication Ransomware Access Security

Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks

Security Affairs

JANUARY 25, 2022

The investigation started in November after Google TAG published a blogpost about watering-hole attacks targeting macOS users in Hong Kong. Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. Pierluigi Paganini.

Authentication

Authentication Security IT Information Security

Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

Security Affairs

JULY 15, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Government Analytics

State-sponsored hackers are using COVID-19 lures, Google warns

Security Affairs

APRIL 23, 2020

Google warns that nation-backed hackers are exploiting the COVID-19 pandemic to organizations involved in the fight against the pandemic. Google is warning that nation-state actors are exploiting the COVID-19 (Coronavirus) pandemic to target health care organizations and entities involved in the fight against the pandemic.

Phishing

Phishing Government Communications IT

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. “In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. . ” states the report published by Microsoft.

Security

Security Encryption Passwords Communications

Nation-state actors are exploiting CVE-2020-0688 Microsoft Exchange server flaw

Security Affairs

MARCH 9, 2020

Cybersecurity firm Volexity is warning that nation-state actors are attempting to exploit a vulnerability recently addressed in Microsoft Exchange email servers tracked as CVE-2020-0688. Query our API for "tags=CVE-2020-0688" to locate hosts conducting scans. reads the advisory published by Microsoft. Pierluigi Paganini.

Authentication

Authentication Communications Cybersecurity Security

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

Google won a lawsuit against the Glupteba botnet operators

Security Affairs

NOVEMBER 21, 2022

Google won a lawsuit filed against two Russian nationals involved in the operations of the Glupteba botnet. ” The IT giant won a lawsuit filed against two Russian nationals involved in the operations of the botnet, the court’s ruling sets an important legal precedent in the fight against cybercrime. Pierluigi Paganini.

Blockchain

Blockchain IoT IT Access

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

An individual thought to be involved has earned accolades from the likes of Apple , Dell , and Microsoft for helping to find and fix security vulnerabilities in their products. In 2018, security intelligence firm HYAS discovered a malware network communicating with systems inside of a French national power company.

Passwords

Passwords Manufacturing Security Data breaches

Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

Security Affairs

MARCH 20, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Google’s TAG team revealed that China-linked APT groups are targeting Ukraine ’s government for intelligence purposes. March 17 – Ukraine SBU arrested a hacker who supported Russia during the invasion.

Cloud

Cloud Government Risk Information Security

Experts uncovered a new wave of attacks conducted by Mustang Panda

Security Affairs

MAY 9, 2022

The attacks were also reported by Google’s TAG team, which confirmed they were for intelligence purposes. These lures often masquerade as legitimate documents of national and organizational interest to the targets.” The post Experts uncovered a new wave of attacks conducted by Mustang Panda appeared first on Security Affairs.

Phishing

Phishing Government Archiving Cybersecurity

GUEST ESSAY: The drivers behind persistent ransomware — and defense tactics to deploy

The Last Watchdog

SEPTEMBER 7, 2022

The increase in remote workforces and difficulty enforcing security controls with expanding perimeters has played a role in the rise of ransomware. The price tag of the ransom is just one of the many costs of these attacks, and remediation can often exceed this fee many times over. The impact of ransomware. Preventing ransomware.

Ransomware

Ransomware Education Phishing Financial Services

Google disrupts the Glupteba botnet

Security Affairs

DECEMBER 7, 2021

Google announced to have taken down the infrastructure operated by the Glupteba , it also sued Russian nationals Dmitry Starovikov and Alexander Filippov for creating and operating the botnet. TAG also partnered with CloudFlare and others take down servers. users were warned via Safe Browsing. Pierluigi Paganini.

Blockchain

Blockchain Mining Cloud Access

Russia-linked Cold River APT targeted US nuclear research laboratories

Security Affairs

JANUARY 9, 2023

The Cold River APT group targeted the Brookhaven (BNL), Argonne (ANL), and Lawrence Livermore National Laboratories (LLNL). In March 2022, the Google Threat Analysis Group (TAG) spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine. Pierluigi Paganini.

Military

Military Phishing Cybersecurity Passwords

ProxyNotShell Finally Gets Patched by Microsoft

eSecurity Planet

NOVEMBER 10, 2022

. “An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging,” Leonard said. Vulnerable Time of Year.

Phishing

Phishing IT Security Cybersecurity

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Apple released iOS 17.2 to address a dozen of security flaws

Webinars

Trending Sources

Google warned 12K+ users targeted by state-sponsored hackers

Webinars

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Google blocked China-linked APT31’s attacks targeting U.S. Government

Ex-members of the Conti ransomware gang target Ukraine

Google warned users of 33,015 nation-state attacks since January

Apple addressed 2 new iOS zero-day vulnerabilities

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

macOS Zero-Day exploited in watering hole attacks on users in Hong Kong

GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023

Google TAG details cyber activity with regard to the invasion of Ukraine

Google fixed the third Chrome zero-day of 2023

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Google addressed the sixth Chrome Zero-Day vulnerability in 2023

Google warns of APT28 attack attempts against 14,000 Gmail users

China-linked APT41 group spotted using open-source red teaming tool GC2

North Korea-linked campaign targets security experts via social media

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Google fixes 2 new actively exploited zero-day flaws in Chrome

China: new rules on use of algorithms for digital business, data analytics and decision-making

Indian power generation giant Tata Power hit by a cyber attack

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

China-linked threat actors target Indian Power Grid organizations

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Microsoft Patch Tuesday fix Outlook zero-day actively exploited

Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks

Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

State-sponsored hackers are using COVID-19 lures, Google warns

Microsoft: North Korea-linked Zinc APT targets security experts

Nation-state actors are exploiting CVE-2020-0688 Microsoft Exchange server flaw

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Google won a lawsuit against the Glupteba botnet operators

French Firms Rocked by Kasbah Hacker?

Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

Experts uncovered a new wave of attacks conducted by Mustang Panda

GUEST ESSAY: The drivers behind persistent ransomware — and defense tactics to deploy

Google disrupts the Glupteba botnet

Russia-linked Cold River APT targeted US nuclear research laboratories

ProxyNotShell Finally Gets Patched by Microsoft

Stay Connected