2019, Analysis, Encryption and Libraries - Information Management Today

Homomorphic Encryption Makes Real-World Gains, Pushed by Google, IBM, Microsoft

eSecurity Planet

JUNE 24, 2021

The increasing mobility of data, as it ping-pongs between clouds, data centers and the edge, has made it an easier target of cybercrime groups, which has put a premium on the encryption of that data in recent years. Since then, interest in fully homomorphic encryption (FHE) has increased, largely paralleling the rise of cloud computing.

Encryption

Encryption Cloud Libraries Privacy

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

In January 2019, Reuters published a report into Project Raven, a campaign allegedly conducted by former NSA operatives and aiming at the same types of targets as Stealth Falcon. The authors used different languages to hinder analysis, researchers explained. ” reads the analysis published by ESET.

Libraries

Libraries Encryption Security IT

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The Operation CuckooBees had been operating under the radar since at least 2019, threat actors conducted multiple attacks to steal intellectual property and other sensitive data from victims. ” reads the analysis published by Symantec. dll, which includes the malicious export sqlite3_prepare_v4.

File names

File names Encryption Manufacturing Libraries

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

CVE-2019-13720 flaw in Chrome exploited in Operation WizardOpium attacks

Security Affairs

NOVEMBER 1, 2019

One of the two flaws in Chrome addressed by Google, CVE-2019-13720, was exploited in a campaign that experts attribute to Korea-linked threat actors. Reported by banananapenguin on 2019-10-12[$TBD][ 1019226 ] High CVE-2019-13720: Use-after-free in audio. ” continues the analysis.

Libraries

Libraries Encryption Security IT

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

” reads the analysis published by Cybereason. The malware also downloads the Command-and-control (C2) URLs, C2 communication is encrypted using Base64, RC4, and Curve25519. . With each new version, the malware adds new features like dynamic library loading, encryption, and adjustments to different locales and manufacturers.”

Financial Services

Financial Services Libraries Encryption Authentication

Strong Encryption Explained: 6 Encryption Best Practices

eSecurity Planet

JANUARY 5, 2024

Strong encryption protects data securely from unauthorized access, but the specific algorithms that qualify as strong encryption change over time as computing power increases and researchers develop new ways to break encryption. What Makes an Encryption Algorithm Strong?

Encryption

Encryption Passwords Libraries Security

New enhanced Joker Malware samples appear in the threat landscape

Security Affairs

JULY 16, 2021

Since 2019 experts found many Joker apps on Google Play store, in September 2019 security experts at Google removed from the store 24 apps. The developers are embedding Joker as a payload that can be encrypted in different ways, either a.dex file xored or encrypted with a number, or through the same. dex file as before.

Encryption

Encryption Libraries Cloud Security

Telegram flaw could have allowed access to users secret chats

Security Affairs

FEBRUARY 16, 2021

In 2019, Telegram had introduced in animated stickers , this was the starting point for the investigation of the experts. The “ rlottie ” folder caught their attention, it was the folder used for the Samsung native library for playing Lottie animations, originally created by Airbnb. . ” continues the report.

Access

Access Libraries Encryption Security

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

MAY 10, 2020

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. This issue could be exploited only when the encryption keys are obtained via a separate attack, meaning that the attackers have to chain more exploits in their campaigns. ” concludes the report.

Mining

Mining Libraries Access Encryption

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). ” continues the post.

Ransomware

Ransomware Encryption Libraries Authentication

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

“Fast forwarded to October 11, 2019, our Anglerfish honeypot captured another suspicious ELF sample, and it turned out to be the Downloader of the previous suspicious ELF sample.” ” reads the analysis published by 360 Netlab. One of the addresses disguised the Bot sample as a Google font library “ roboto.

Honeypots

Honeypots Systems administration Passwords IoT

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

NOVEMBER 18, 2020

In 2019, over 320 million users were registered with the MercadoLivre e-commerce platform. . ” reads the analysis published by Cybereason. Experts observed several variants over the recent months, it authors have improved encryption and implemented new functionality of the final Node.js SecurityAffairs – hacking, malware).

Phishing

Phishing Mining Libraries Encryption

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

Dacls was first spotted by researchers at Qihoo 360 Netlab in December 2019 when it was used to target both Windows and Linux devices. ” reads the analysis published by the researchers. . ” reads the analysis published by the researchers. This library has been used by several threat actors.”

Libraries

Libraries Communications Encryption Authentication

The Long Run of Shade Ransomware

Security Affairs

FEBRUARY 19, 2019

As stated in a recent Eset report , the Shade infection had an increase during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size (shown in Figure 1). Technical analysis. References to an Oil-Gas company.

Ransomware

Ransomware Mining File names Encryption

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

Security Affairs

SEPTEMBER 12, 2019

“In July and August 2019, CTU researchers discovered a new large global phishing operation launched by COBALT DICKENS. This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.”

Phishing

Phishing Libraries File names Metadata

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

” reads the analysis published by ESET. It exploits a vulnerability in the Windows wdigest.dll library and then uses an improved ListPlanting technique to inject its code into a trusted process. This allows the InvisiMole group to devise creative ways to operate under the radar.”

Military

Military Communications Libraries Encryption

Sofacy’s Zepakab Downloader Spotted In-The-Wild

Security Affairs

JANUARY 29, 2019

In the last weeks, the Cybaze-Yoroi ZLAB investigated a new APT28 campaign discovered in January 2019. The sample has been initially identified by an Italian independent security researcher, who warned the InfoSec community and shared the binary for further analysis. Technical Analysis. AutoIt script’s main function. Conclusion.

Communications

Communications Libraries Encryption Security

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

Encryption scrambles data to make it unreadable to those without decryption keys. Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. Encryption algorithm types will provide an overview of the mathematical algorithms used to encrypt data (AES, RSA, etc.),

Encryption

Encryption Authentication Passwords Communications

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 For more details on this finding see the Technical Analysis below. Technical Analysis. File name: patent-2019-02-20T093A283A05-1.xls Another document used by TA505 to spread FlawedAmmyy (.doc).

File names

File names Phishing Libraries IT

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Security Affairs

APRIL 10, 2019

SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019. The last days of March 2019 are making headlines due to a targeted cyber attack involving a new variant of infamous EMOTET malware. For more details and complete analysis of this malicious campaign see the Technical Analysis below.

Security

Security IT Access Cybersecurity

Analyzing the TriangleDB implant used in Operation Triangulation

Security Affairs

JUNE 22, 2023

The experts discovered the attack while monitoring the network traffic of their own corporate Wi-Fi network dedicated to mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA). According to Kaspersky researchers, Operation Triangulation began at least in 2019 and is still ongoing.

Libraries

Libraries Encryption Security IT

Guarding Against Solorigate TTPs

eSecurity Planet

FEBRUARY 3, 2021

Before jumping into the technical details regarding each new malware detected and proper safeguards, here is a brief look at the events to date: Sep 2019. This malware infiltrated SolarWinds in September 2019 with the expert insertion of code to avoid detection. Encryption. APT accessed SolarWinds; injects Sunspot malware.

Cybersecurity

Cybersecurity Access Authentication Cloud

China-linked APT41 group targets US-Based Research University

Security Affairs

AUGUST 21, 2019

based research university took place on April 2019. The hackers exploited the CVE-2019-3396 vulnerability in Atlassian Confluence Server to compromise the systems and load additional payloads, including a variant of the China Chop web shell. ” reads the analysis published by FireEye. into memory.

Libraries

Libraries Education Phishing Encryption

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Security Affairs

JULY 7, 2020

Lampion was first documented in December 2019 , and it was distributed in Portugal via phishing emails using templates based on the Portuguese Government Finance & Tax. VBS file leverages the Windows rundll32 library to inject the first DLL into memory (P-14-7.dll), More recently, in May 2020, a new variant of Lampion was observed.

Communications

Communications Cloud Phishing Encryption

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

It will ensure that libraries can continue to archive material, that journalists can continue to enjoy the freedoms that we cherish in this country, and that the criminal justice system can continue to keep us safe. Decisions also follow a lengthy procedure, so the chances of having an adequacy decision in place by March 2019 are small.

GDPR

GDPR Personal data Government IT

Information Management Today

Homomorphic Encryption Makes Real-World Gains, Pushed by Google, IBM, Microsoft

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Webinars

Trending Sources

China-linked APT41 group targets Hong Kong with Spyder Loader

Webinars

CVE-2019-13720 flaw in Chrome exploited in Operation WizardOpium attacks

EventBot, a new Android mobile targets financial institutions across Europe

Strong Encryption Explained: 6 Encryption Best Practices

New enhanced Joker Malware samples appear in the threat landscape

Telegram flaw could have allowed access to users secret chats

Blue Mockingbird Monero-Mining campaign targets web apps

Infecting Canon EOS DSLR camera with ransomware over the air

Roboto, a new P2P botnet targets Linux Webmin servers

Phishing campaign targets LATAM e-commerce users with Chaes Malware

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

The Long Run of Shade Ransomware

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Sofacy’s Zepakab Downloader Spotted In-The-Wild

Types of Encryption, Methods & Use Cases

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Analyzing the TriangleDB implant used in Operation Triangulation

Guarding Against Solorigate TTPs

China-linked APT41 group targets US-Based Research University

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

The debate on the Data Protection Bill in the House of Lords

Stay Connected