2018, Analysis, Encryption and Libraries - Information Management Today

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

. “While continuing to monitor activity of the OceanLotus APT Group, BlackBerry Cylance researchers uncovered a novel payload loader that utilizes steganography to read an encrypted payload concealed within a.png image file.” ” reads the report published by the experts.

Libraries

Libraries Encryption Communications Manufacturing

Victims of Pylocky ransomware can decrypt their files for free

Security Affairs

JANUARY 11, 2019

In this phase, the ransomware sends to the command and control server information on the encryption process, including a string that contains the Initialization Vector (IV) and a random password used by the ransomware to encrypt the files. “To combat this ransomware, Cisco Talos is releasing a free decryption tool.

Ransomware

Ransomware Encryption Passwords Libraries

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

Security Affairs

SEPTEMBER 12, 2019

This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.” ” reads the analysis published by Secureworks. The landing page appears to be identical or quite similar to the spoofed library resource.

Phishing

Phishing Libraries File names Metadata

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Buran ransomware-as-a-service continues to improve

Security Affairs

NOVEMBER 12, 2019

Buran is advertised as a stable malware that uses an offline cryptoclocker , 24/7 support, global and session keys, and has no third-party dependencies such as libraries. The Rig EK was exploiting the CVE-2018-8174 to deliver the Buran ransomware. ” reads the analysis published by McAfee. ” concludes the analysis.

Ransomware

Ransomware Encryption Libraries Security

The Long Run of Shade Ransomware

Security Affairs

FEBRUARY 19, 2019

As stated in a recent Eset report , the Shade infection had an increase during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size (shown in Figure 1). Technical analysis. References to an Oil-Gas company.

Ransomware

Ransomware Mining File names Encryption

Application Security: Complete Definition, Types & Solutions

eSecurity Planet

FEBRUARY 13, 2023

CNAP provides encryption, access control, threat detection and response features for enhanced security. Mobile behavioral analysis: Similar to user and entity behavioral analysis (UEBA) solutions, mobile behavioral analysis tools look for signs that apps are engaging in risky or malicious behaviors.

Security

Security Cloud Risk Computer and Electronics

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years. ” reads the analysis published by ESET. This allows the InvisiMole group to devise creative ways to operate under the radar.”

Military

Military Communications Libraries Encryption

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Security Affairs

AUGUST 23, 2018

Malware researchers from ESET have conducted a new analysis of a backdoor used by the Russia-linked APT Turla in targeted espionage operations. The new analysis revealed a list of high-profile victims that was previously unknown. ” reads the analysis published by ESET. ” reads the analysis published by ESET.

Metadata

Metadata Military Libraries Access

Analyzing a Danabot Paylaod that is targeting Italy

Security Affairs

DECEMBER 20, 2018

Security firms such as Proofpoint and Eset analyzed other samples of the same threat targeting the Australian landscape back in May 2018 and, more recently, in Italy. Technical Analysis. These registry keys are responsible of the loading of dynamically linked libraries in the “read only ” and “ hidden ” “ C:ProgramDataD93C2DAC ”.

Libraries

Libraries Phishing Encryption Authentication

Operation Red Signature – South Korean Firms victims of a supply chain attack

Security Affairs

AUGUST 22, 2018

” reads the analysis published by TrendMicro. ” continues the analysis. This dynamic-link library (DLL) is responsible for decrypting the encrypted rcview.log file and executing it in memory. This dynamic-link library (DLL) is responsible for decrypting the encrypted rcview.log file and executing it in memory.

Passwords

Passwords Libraries Encryption Access

The Hacker Mind Podcast: Fuzzing Crypto

ForAllSecure

FEBRUARY 2, 2022

Guido Vranken returns to The Hacker Mind to discuss his CryptoFuzz tool on GitHub, as well as his experience fuzzing and finding vulnerabilities in cryptographic libraries and also within cryptocurrencies such as Ethereum. Back in 2018, they bought $50,000 in cryptocurrency and then locked it safely within their Trezor One wallet.

Libraries

Libraries Blockchain Mining Encryption

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Security Affairs

APRIL 10, 2019

That file was delivered via malscam campaigns around the world and its source-code is obfuscated in order to evade antivirus detection and complicate its analysis. The latter leverages the WinRar/Ace vulnerability ( CVE-2018-20250 ) dropping the malware itself into the Windows startup folder. Technical Analysis.

Security

Security IT Access Cybersecurity

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

For more details on this finding see the Technical Analysis below. Technical Analysis. xls MD5: d490573977cc6b42ba0b4325df953a7f SHA1: dacf34580c09f7b1e4b8ba02f3ab8b6be08d03ab Creation date: 2018-12-19 10:42:12 First submission in VT: 2019-02-19 23:16:29. dll library). File name: patent-2019-02-20T093A283A05-1.xls

File names

File names Phishing Libraries IT

2021 cyber security review of the year

IT Governance

JANUARY 10, 2022

The tech giant disclosed four zero-day bugs, which were being used to steal sensitive information, encrypt data for ransom and execute destructive attacks. Analysis from its real-time anti-phishing protection system found that cyber criminals increasingly targeted people who were searching for holidays and weekend breaks.

Security

Security Data breaches Ransomware Phishing

Best DevSecOps Tools

eSecurity Planet

MARCH 17, 2022

The top DevSecOps vendors offer a comprehensive suite of application security testing tools, including static application security testing (SAST), dynamic and interactive analysis testing (DAST and IAST), and software composition analysis (SCA). Aqua Security Features. Checkmarx Features. Contrast Security Features. Invicti Security.

Cloud

Cloud Risk Security Cybersecurity

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Security Affairs

FEBRUARY 23, 2019

The list of flaws in old versions of the firmware for D-Link DNS-320 includes at least a remote code execution vulnerability , and a hard-coded backdoor published in 2018 for ShareCenter DNS?320L. It is also possible to decrypt single files paying $19.99, in this case, victims have to send the encrypted file to the operators.

Ransomware

Ransomware Encryption File names Libraries

How to Prevent SQL Injection Attacks

eSecurity Planet

MARCH 10, 2021

For SQLi purposes, this means keeping all web application software components, including database server software, frameworks, libraries, plug-ins, and web server software, up to date. . Encryption: Keep Your Secrets Secret. Encryption is almost universally employed as a data protection technique today and for a good reason.

Passwords

Passwords Encryption Access Security

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

In 2018, the cyberespionage group targeted once again Vietnam running a spear-phishing campaign that uses weaponized documents featuring Vietnamese-language lures and themes. ” reads the technical analysis of the malware. GOBLIN PANDA was focused on Vietnam, most of the targets were in the defense, energy, and government sectors.

Military

Military Government Phishing Libraries

Y Soft Validated as a Digital Transformation Leader in Quocirca Print 2025 Report

Info Source

MARCH 5, 2018

Brno, Czech Republic and Dallas, Texas – March 5, 2018 – Y Soft® Corporation, a leading enterprise office solution provider, today announced that YSoft SafeQ ® is the best positioned provider for enterprises’ digital initiatives as identified in Quocirca’s report, Global Print 2025. Predictive analysis (23%). Security (43%).

Digital transformation

Digital transformation Paper Artificial Intelligence Cloud

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

Vamosi: Consider this, a quick Crunchbase query reveals that since January 2018 there have been at least 159 funding rounds related to authentication technology – resulting in a staggering $3 billion of investment in IAM-related startups overall. So by that, I mean, if your developer libraries are available, it's easy to do.

Passwords

Passwords Authentication Access Data breaches

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

It will ensure that libraries can continue to archive material, that journalists can continue to enjoy the freedoms that we cherish in this country, and that the criminal justice system can continue to keep us safe. The Government have set themselves a very tight timetable to pass this Bill into law before the end of April 2018.

GDPR

GDPR Personal data Government IT

Information Management Today

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Victims of Pylocky ransomware can decrypt their files for free

Webinars

Trending Sources

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

Webinars

Buran ransomware-as-a-service continues to improve

The Long Run of Shade Ransomware

Application Security: Complete Definition, Types & Solutions

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Analyzing a Danabot Paylaod that is targeting Italy

Operation Red Signature – South Korean Firms victims of a supply chain attack

The Hacker Mind Podcast: Fuzzing Crypto

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

2021 cyber security review of the year

Best DevSecOps Tools

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

How to Prevent SQL Injection Attacks

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Y Soft Validated as a Digital Transformation Leader in Quocirca Print 2025 Report

The Hacker Mind Podcast: Going Passwordless

The debate on the Data Protection Bill in the House of Lords

Top SD-WAN Solutions for Enterprise Security

Stay Connected