2019 and Encryption - Information Management Today

European Police Shut Down Encrypted App Used by Criminals

Data Breach Today

FEBRUARY 7, 2023

Police Seize Drugs, Firearms and 4M Euros in Raids on Exclu Users and Operators Police in multiple European countries carried out raids against the operators and users of the Exclu encrypted chat app, arresting four dozen individuals.

Encryption

Arrests and Indictments in LockBit Crackdown

Data Breach Today

FEBRUARY 20, 2024

US, UK and European Authorities Seize Decryption Keys and Will Contact Victims An international law enforcement operation that infiltrated ransomware-as-a-service operation LockBit has resulted in arrests, indictments and the seizure of encryption keys that can be used to help victims recover their data.

Ransomware

Ransomware Encryption

Patch Tuesday, December 2019 Edition

Krebs on Security

DECEMBER 10, 2019

By nearly all accounts, the chief bugaboo this month is CVE-2019-1458 , a vulnerability in a core Windows component (Win32k) that is present in Windows 7 through 10 and Windows Server 2008-2019. ’ An odd discrepancy on top of a CVE advisory for an outdated OS. It is very likely this is being exploited in the wild.”

Libraries

Libraries Encryption Security Ransomware

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

New Linux variant of Clop Ransomware uses a flawed encryption algorithm

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. ” continues the report.

Encryption

Encryption Ransomware Cloud IT

Trojan Shield, the biggest ever police operation against encrypted communications

Security Affairs

JUNE 8, 2021

Trojan Shield operation: The FBI and Australian Federal Police ran an encrypted chat platform that was used by crime gangs and intercepted their communications. The FBI and Australian Federal Police (AFP) ran an encrypted chat platform that was used by crime gangs and intercepted their communications.

Encryption

Encryption Communications Sales Passwords

Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs

Security Affairs

FEBRUARY 2, 2021

Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992 , to encrypt virtual hard disks. Pierluigi Paganini.

Encryption

Encryption Ransomware Systems administration Cybersecurity

LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains

Security Affairs

JULY 29, 2021

ransomware is now able to encrypt Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. the first ransomware that uses group policies to encrypt Windows domains appeared first on Security Affairs. A new variant of the LockBit 2.0

Encryption

Encryption Ransomware Access Security

How Encryption Became the Board’s New Best Friend

Thales Cloud Protection & Licensing

MAY 7, 2019

Originally published in TEISS on May 1, 2019. For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. The 2019 Thales Data Threat Report-Global Edition revealed that as digital transformations are taking place, sensitive data is often at risk. Enter encryption.

Encryption

Encryption Digital transformation Risk Cybersecurity

The Ransomware Files, Episode 7: Ryuk's Rampage

Data Breach Today

MAY 6, 2022

Rockford Public Schools in Rockford, Illinois, was hit by Ryuk ransomware days after the school year started in September 2019. The attack encrypted more than 6 million files, wrecked applications and locked up servers. But the district kept classes running while mounting a mighty recovery effort.

Ransomware

Ransomware Encryption

Homomorphic Encryption Makes Real-World Gains, Pushed by Google, IBM, Microsoft

eSecurity Planet

JUNE 24, 2021

The increasing mobility of data, as it ping-pongs between clouds, data centers and the edge, has made it an easier target of cybercrime groups, which has put a premium on the encryption of that data in recent years. Since then, interest in fully homomorphic encryption (FHE) has increased, largely paralleling the rise of cloud computing.

Encryption

Encryption Cloud Libraries Privacy

Data Encryption Shields the Energy Sector Against Emerging Threats

Thales Cloud Protection & Licensing

JANUARY 13, 2021

Data Encryption Shields the Energy Sector Against Emerging Threats. According to a Siemens/Ponemon report , in 2019, 56% of gas, wind, water and solar utilities around the world experienced at least one cyberattack that caused a shutdown or loss of operational data. Encryption. Wed, 01/13/2021 - 09:42.

Encryption

Encryption Energy and Utilities Compliance Marketing

NEW TECH: Breakthrough ‘homomorphic-like’ encryption protects data in-use, without penalties

The Last Watchdog

SEPTEMBER 30, 2019

Homomorphic encryption has long been something of a Holy Grail in cryptography. Related: Post-quantum cryptography on the horizon For decades, some of our smartest mathematicians and computer scientists have struggled to derive a third way to keep data encrypted — not just the two classical ways, at rest and in transit.

Encryption

Encryption Cloud Access Privacy

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

MAY 8, 2019

Related: Marriott reports huge data breach Ever thought about encrypting the data held on a portable storage device? Launched as a one-man operation in 2007, DataLocker has grown into a leading manufacturer of encrypted external drives, thumb drives, flash drives and self-encrypting, recordable CDs and DVDs.

Encryption

Encryption Cloud Access Manufacturing

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Security Affairs

MARCH 4, 2020

Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. A bug in Let’s Encrypt’s certificate authority (CA) software, dubbed Boulder, caused the correct validation for some certificates.

Encryption

Encryption IT Security Information Security

The grand “finale” of China’s Encryption Law

HL Chronicle of Data Protection

NOVEMBER 22, 2019

Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People’s Republic of China Encryption Law ended with its passage on 26 October 2019. To read Hogan Lovells’ The grand “finale” of China’s Encryption Law, click here.

Encryption

Encryption Marketing Government IT

The Next Step in End-to-End Encryption: Introducing EncryptReduce

Thales Cloud Protection & Licensing

AUGUST 27, 2019

This past March at RSAC 2019, Pure Storage and Thales introduced the security industry’s first end-to-end data encryption framework that realizes storage array data reduction efficiencies. Historically, host data encryption and array data reduction are like oil and water – they simply don’t mix.

Encryption

Encryption Marketing Security IT

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years.

Authentication

Authentication Encryption Security Access

Ryuk Ransomware evolution avoid encrypting Linux folders

Security Affairs

DECEMBER 26, 2019

Experts spotted a new strain of the Ryuk Ransomware that was developed to avoid encrypting folders commonly seen in *NIX operating systems. Kremez noticed that the ransomware doesn’t encrypt folders that are associated with *NIX operating systems. 2019-12-21: #Ryuk #Ransomware as V2.EXE ” reported BleepingComputer.

Encryption

Encryption Ransomware Security IT

Ragnar Ransomware encrypts files from virtual machines to evade detection

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Custom Ragnar Locker ransom note (Source: Sophos). Pierluigi Paganini.

Encryption

Encryption Ransomware Energy and Utilities File names

The Future of Data Protection Begins at GITEX 2019

Thales Cloud Protection & Licensing

OCTOBER 3, 2019

I’ve seen numerous attack campaigns targeting this region come to the surface in 2019 alone. DarkMatter confirmed as much in its Cyber Security Report: June 2019 when it found that approximately 90 percent of UAE-based enterprises exhibited outdated software, credential problems in the form of weak/exposed passwords and insecure protocols.

Cloud

Cloud Encryption Phishing Passwords

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. The situation is better in the first half of 2019, when SonicWall recorded 4.8 The situation is better in the first half of 2019, when SonicWall recorded 4.8 billion attacks.

IoT

IoT Encryption Ransomware Security

The grand “finale” of China’s Encryption Law

HL Chronicle of Data Protection

NOVEMBER 22, 2019

Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People’s Republic of China Encryption Law ended with its passage on 26 October 2019. To read Hogan Lovells’ The grand “finale” of China’s Encryption Law, click here.

Encryption

Encryption Marketing Government IT

BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

The Last Watchdog

NOVEMBER 18, 2019

Encrypted flash drives, essentially secure storage on a stick, are a proven technology that has been readily available for at least 15 years. And yet today there is a resurgence in demand for encrypted flash drives. And yet today there is a resurgence in demand for encrypted flash drives.

Encryption

Encryption Data Privacy GDPR Digital transformation

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

The Kr00k vulnerability, tracked as CVE-2019-15126, could be exploited by nearby remote attackers to intercept and decrypt some wireless network packets transmitted over-the-air by a vulnerable device. “ after a disassociation occurs, data from the chip’s Tx buffer will be transmitted encrypted with the all-zero TK. .

Encryption

Encryption Manufacturing Paper Communications

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Security Affairs

DECEMBER 5, 2019

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel. “Additionally, we are able to determine the exact seq and ack num bers by counting encrypted packets and/or examining their size. SecurityAffairs – CVE-2019-14899 , hacking).

Encryption

Encryption Paper Authentication Access

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware

Ransomware Encryption Metadata Manufacturing

Guest Blog: End-to-End Data Encryption with Data Reduction from Thales & Pure Storage

Thales Cloud Protection & Licensing

MARCH 13, 2019

At the 2019 RSA Conference, Pure Storage and Thales introduced Vormetric Transparent Encryption for Efficient Storage – the IT and security industries’ first end-to-end data encryption framework that realizes storage array data reduction. Storage Costs of Encrypted Data.

Encryption

Encryption Compliance Access Security

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ released emulators for World War II cipher machines (Enigma, Typex and The Bombe) that can be executed in the encryption app CyberChef. link] #GCHQ100 pic.twitter.com/t2ixVE6j7H — GCHQ (@GCHQ) March 14, 2019. We even tested them against the real thing! Try them out for yourself! Pierluigi Paganini.

Encryption

Encryption Military Education Communications

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. “We’ve found someone who can crack the encryption.” Then came the unlikely call from an FBI agent. “Don’t pay,” the agent said.

Ransomware

Ransomware Encryption Manufacturing Phishing

The Necessity of Data Security: Recapping the 2019 Thales Data Security Summit

Thales Cloud Protection & Licensing

MAY 14, 2019

The ability to narrow the gap between taking advantage of digital transformation without compromising security was a reoccurring theme at our 2019 annual Data Security Summit on May 1. They typically do not provide encryption, seamless upgrades for flaws and updates, or optics. IoT is forever changing the boundaries of the perimeter.

Digital transformation

Digital transformation Security IoT Cloud

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

Passwords

Passwords Access Insurance Government

2019 IT Security Outlook: New Attack Vectors Will Emerge

eSecurity Planet

DECEMBER 6, 2018

Our 2019 IT security predictions: Encryption will lose its luster, cloudjacking and containers will be growing risks, and more.

IT

IT Security Encryption Risk

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

STOP Ransomware Installing Password Stealing Trojans on Victims – by @LawrenceAbrams [link] — BleepingComputer (@BleepinComputer) March 10, 2019. The post STOP ransomware encrypts files and steals victim’s data appeared first on Security Affairs. ” reads a blog post published by Bleepingcomputer.

Encryption

Encryption Ransomware Passwords File names

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Security Affairs

JANUARY 7, 2020

Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability , tracked as CVE-2019-2215 , in Android. ” reads a blog post published by Stone.

Encryption

Encryption Access Military Marketing

7 Habits of a Highly Effective CISO: 2019 Data Security Resolutions

Thales Cloud Protection & Licensing

JANUARY 3, 2019

It’s 2019 and data is everywhere – and what you can do with what is at your fingertips is truly transformative. However, there has to be a more thorough focus on security in multiple clouds environments so encryption with sophisticated multi-cloud key management is a must-have solution. How Do You Select a Trusted Vendor?

Big data

Big data Security Digital transformation Encryption

RSAC 2019 Blog Series: Taking the Risk out of Digital Transformation: RSAC 2019’s Quest for Delivering “Better”

Thales Cloud Protection & Licensing

FEBRUARY 27, 2019

In our recently launched 2019 Data Threat Report-Global Edition , we found that 97% of enterprises are using sensitive data within digitally transformative technology but, only 30% are encrypting that data. Reducing Risk and Beating the Hackers.

Digital transformation

Digital transformation Risk Encryption Blockchain

DeathRansom ransomware evolves encrypting files, but experts identified its author

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Pierluigi Paganini.

Encryption

Encryption Ransomware IT Phishing

Making the Case for Encryption in the Era of Digital Transformation – Highlights from our Annual Data Threat Report

Thales Cloud Protection & Licensing

JANUARY 29, 2019

A great way to mitigate some of the risks associated with cloud or multi-cloud environments is to deploy encryption solutions. In fact, 38% of organizations’ security concerns with cloud environments would be alleviated with data encryption at the service provider level. The importance of encryption cannot be overstated.

Digital transformation

Digital transformation Encryption Cloud Customer Experience

AESDDoS bot exploits CVE-2019-3396 flaw to hit Atlassian Confluence Server

Security Affairs

APRIL 28, 2019

The flaw exploited in the attacks, tracked as CVE-2019-3396 , is a server-side template injection vulnerability that resides in the Widget Connector macro in Confluence Server. “In our analysis, we saw that an attacker was able to exploit CVE-2019-3396 to infect machines with the AESDDoS botnet malware.” Pierluigi Paganini.

File names

File names Encryption Risk Security

Recapping RSA Conference 2019: No Silver Bullet for Security

Thales Cloud Protection & Licensing

MARCH 15, 2019

I was really looking forward to participating in RSA 2019 and it was a great event. I have always evangelized that you can either bring your own encryption or bring your own key to the cloud…as both provide a higher security posture than subscribing to KMS, and will ensure encrypted workloads in the cloud are doing their job without risk.

Security

Security Encryption Cloud Cybersecurity

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . The following graph shows that three trading posts accounted for 64 percent of the cards on offer during the first half of 2019. . AMEX accounted for 12 percent. .

Sales

Sales Marketing Encryption Retail

US Government Sites Give Bad Security Advice

Krebs on Security

MARCH 25, 2020

Specifically, it says, “The [link] ensures that you are connecting to the official website… ” Here’s the deal: The [link] part of an address (also called “Secure Sockets Layer” or SSL) merely signifies the data being transmitted back and forth between your browser and the site is encrypted and cannot be read by third parties.

Government

Government Security Phishing Encryption

Bitdefender released a free decryptor for the MegaCortex ransomware

Security Affairs

JANUARY 6, 2023

The MegaCortex ransomware first appeared on the threat landscape in May 2019 when it was spotted by security experts at Sophos. Since November 2019, MegaCortex operators started adopting double extortion tactics. The decryptor also supports the “Scan Entire System” mode which allows users to search for all encrypted files.

Ransomware

Ransomware Encryption Security IT

How to Better Secure Your Data in 2019

OneHub

JANUARY 3, 2019

With 2019 upon us, many businesses are beginning to consider their data security practices for the new year. Protect your company’s online data better in 2019 by becoming aware of several helpful tips when it comes to data security. These basic data security measures should still be taken in 2019: . Beware of Malware .

Security

Security Passwords Cloud GDPR

European Police Shut Down Encrypted App Used by Criminals

Arrests and Indictments in LockBit Crackdown

Webinars

Trending Sources

Patch Tuesday, December 2019 Edition

Webinars

New Linux variant of Clop Ransomware uses a flawed encryption algorithm

Trojan Shield, the biggest ever police operation against encrypted communications

Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs

LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains

How Encryption Became the Board’s New Best Friend

The Ransomware Files, Episode 7: Ryuk's Rampage

Homomorphic Encryption Makes Real-World Gains, Pushed by Google, IBM, Microsoft

Data Encryption Shields the Energy Sector Against Emerging Threats

NEW TECH: Breakthrough ‘homomorphic-like’ encryption protects data in-use, without penalties

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

The grand “finale” of China’s Encryption Law

The Next Step in End-to-End Encryption: Introducing EncryptReduce

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Ryuk Ransomware evolution avoid encrypting Linux folders

Ragnar Ransomware encrypts files from virtual machines to evade detection

The Future of Data Protection Begins at GITEX 2019

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

The grand “finale” of China’s Encryption Law

BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

8Base ransomware operators use a new variant of the Phobos ransomware

Guest Blog: End-to-End Data Encryption with Data Reduction from Thales & Pure Storage

GCHQ implements World War II cipher machines in encryption app CyberChef

Researchers Quietly Cracked Zeppelin Ransomware Keys

The Necessity of Data Security: Recapping the 2019 Thales Data Security Summit

Hackers Were Inside Citrix for Five Months

2019 IT Security Outlook: New Attack Vectors Will Emerge

STOP ransomware encrypts files and steals victim’s data

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

7 Habits of a Highly Effective CISO: 2019 Data Security Resolutions

RSAC 2019 Blog Series: Taking the Risk out of Digital Transformation: RSAC 2019’s Quest for Delivering “Better”

DeathRansom ransomware evolves encrypting files, but experts identified its author

Making the Case for Encryption in the Era of Digital Transformation – Highlights from our Annual Data Threat Report

AESDDoS bot exploits CVE-2019-3396 flaw to hit Atlassian Confluence Server

Recapping RSA Conference 2019: No Silver Bullet for Security

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

US Government Sites Give Bad Security Advice

Bitdefender released a free decryptor for the MegaCortex ransomware

How to Better Secure Your Data in 2019

Stay Connected