2020, Analysis, Encryption and Libraries - Information Management Today

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs

JANUARY 17, 2022

SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. “The SFile ransomware uses the Mbed TLS library, RSA-2048 and AES-256 algorithms for file encryption. .

Ransomware

Ransomware Encryption Libraries Communications

New EvilQuest ransomware targets macOS users

Security Affairs

JULY 1, 2020

Security experts have uncovered a new piece of ransomware dubbed EvilQuest designed to encrypt macOS systems, it is also able to install additional payloads and potentially take over the infected machine. I wonder who that is pic.twitter.com/5WLUS5GfBL — Felix (@c1truz_) June 30, 2020. ” reads the analysis wrote by Wardle.

Ransomware

Ransomware Libraries Encryption Communications

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

The APT group was discovered in June 2022 by Kaspersky which linked it to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. ” reads the analysis published by Checkpoint. All the tools connect to the same infrastructure, which is associated with China-linked APT ToddyCat.

Government

Government IT Encryption Libraries

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Telegram flaw could have allowed access to users secret chats

Security Affairs

FEBRUARY 16, 2021

The “ rlottie ” folder caught their attention, it was the folder used for the Samsung native library for playing Lottie animations, originally created by Airbnb. The research started in January 2020 and lasted until the end of August, with many pauses in between to focus on other projects.”

Access

Access Libraries Encryption Security

New enhanced Joker Malware samples appear in the threat landscape

Security Affairs

JULY 16, 2021

. “Recently, the Zimperium zLabs mobile threat research team has noticed a large uptick in Joker variants on Android marketplaces, with over 1000 new samples since our last coverage in September of 2020. If there is no answer, the malware remains silent since it can be running on a dynamic analysis emulator. dex file as before.

Encryption

Encryption Libraries Cloud Security

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

. “The Cybereason Nocturnus team is investigating EventBot, a new type of Android mobile malware that emerged around March 2020. ” reads the analysis published by Cybereason. The malware also downloads the Command-and-control (C2) URLs, C2 communication is encrypted using Base64, RC4, and Curve25519. .

Financial Services

Financial Services Libraries Encryption Authentication

Top 5 Application Security Tools & Software for 2023

eSecurity Planet

MAY 19, 2023

Encryption: This protects sensitive data by converting it into a coded form that can only be accessed or decrypted with the appropriate key. Encryption ensures that data remains confidential and secure, even if intercepted or accessed by unauthorized parties. This area is called static application security testing, or SAST.

Security

Security Cloud Compliance Risk

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

“Between March 24, 2020 at 18:25 UTC and March 26 at 11:54 UTC, Unit 42 observed several malicious emails sent from the spoofed address noreply@who [. ] ” reads the analysis published by PaloAlto Networks. ” reads the analysis published by PaloAlto Networks. ” continues the analysis.

Ransomware

Ransomware Phishing File names Encryption

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

NOVEMBER 18, 2020

The Chaes malware was first spotted in the middle to late 2020 by Cybereason researchers, it is a multistage information stealer that focuses on Brazilian customers of MercadoLivre, the largest e-commerce company in Latin America. ” reads the analysis published by Cybereason. The final payload of Chaes is a Node.Js

Phishing

Phishing Mining Libraries Encryption

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

MalwareMustDie (@malwaremustd1e) May 3, 2020. ” reads the analysis published by Intezer. ” continues the analysis. You may want to block #C2 at: 1[.]versionday[.]xyz versionday[.]xyz xyz at 66[.]11[.]125[.]66 66 (at 66.11.125.0/24) 24) Good for ur @radareorg RE [link] pic.twitter.com/MIQQihhmXo — ?MalwareMustDie

IoT

IoT Libraries IT Security

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

So, Cybaze-Yoroi ZLab team decided to dive deep into technical analysis. Technical Analysis. The two dll are legit windows library and are used in support of the malicious behaviour. As shown in the above figure, the malware is written in.NET framework and the creation date back to 29 Jan 2020. The SilentCMD Module.

Military

Military Communications Encryption IT

2021 cyber security review of the year

IT Governance

JANUARY 10, 2022

These incidents recall an incident at Dusseldorf University Hospital in Germany in 2020, when a patient died after being turned away by the hospital, which was under attack and unable to treat her. Following the wave of attacks, French President Emmanuel Macron unveiled a plan to better protect the public sector against ransomware.

Security

Security Data breaches Ransomware Phishing

Guarding Against Solorigate TTPs

eSecurity Planet

FEBRUARY 3, 2021

A March 2020 software update of the SolarWinds Orion management platform gave malicious actors unhindered access to key government and enterprise networks. Read Also: The IoT Cybersecurity Act of 2020: Implications for Devices. In September and October 2020, attackers attempted to breach Palo Alto Networks.

Cybersecurity

Cybersecurity Access Authentication Cloud

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

Security Affairs

FEBRUARY 5, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. It also hides malicious processes using library injection and encrypts the malicious payload. ” states the analysis published by Palo Alto Networks.

Mining

Mining Libraries Encryption Access

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Security Affairs

JULY 7, 2020

More recently, in May 2020, a new variant of Lampion was observed. Our analysis of the phishing email of this new campaign detected at the end of June – July 2020 showed that the template is very similar to the template distributed on May 8th, 2020. Figure 6: Deofuscated VBS file – Lampion trojan July 2020.

Communications

Communications Cloud Phishing Encryption

Best Digital Forensics Tools & Software for 2021

eSecurity Planet

AUGUST 13, 2021

While several open-source tools exist for disk and data capture, network analysis, and specific device forensics, a growing number of vendors are building off what’s publicly available. The Sleuth Kit enables administrators to analyze file system data via a library of command-line tools for investing disk images. Volatility.

e-Discovery

e-Discovery Computer and Electronics Marketing Compliance

Tape Won’t Work for Ransomware Protection. Here’s Why.

eSecurity Planet

SEPTEMBER 15, 2021

Q: If a ransomware attack happens on your system(s) and all the data is encrypted, is it possible that the hacker has total control of your system(s), meaning administrative privileges? Since all the system data is encrypted, the hackers have admin/root privileges. Will ransomware in the future attack tape libraries?

Ransomware

Ransomware Libraries Encryption Passwords

How to Prevent SQL Injection Attacks

eSecurity Planet

MARCH 10, 2021

For SQLi purposes, this means keeping all web application software components, including database server software, frameworks, libraries, plug-ins, and web server software, up to date. . Encryption: Keep Your Secrets Secret. Encryption is almost universally employed as a data protection technique today and for a good reason.

Passwords

Passwords Encryption Access Security

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

The recent campaign was observed between June 2020 and January 2021, threat actors used DLL side-loading to execute shellcode that decrypts a final payload tracked as “ FoundCore.” ” reads the technical analysis of the malware. the messages were dropping a variant of a malicious program named NewCore RAT.

Military

Military Government Phishing Libraries

The Importance of a Proactive Cyber Defense Solution To Protect Your Critical Data

Security Affairs

FEBRUARY 13, 2021

Falco is an open source library, a kernel module for Linux systems that intercepts the traffic between userspace and kernel space, detecting unexpected application and OS behaviour at runtime. and the library that is making that outbound connection is ‘post-receive’ within GitLab. Conclusion. government agencies and institutions).

Cybersecurity

Cybersecurity Access Marketing Military

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

This picture comes from an analysis of specific statistics and by reading between the lines in reports from 1Password, Cisco, CrowdStrike, Flashpoint, Google Threat Analysis Group/Mandiant, NetScout, Pentera, and Sophos. 553% increase in DNS Flood attacks from 1H 2020 to 2H 2023. 20,551 gambling industry attacks.

Cybersecurity

Cybersecurity Ransomware Passwords Cloud

Q&A: Here’s why securing mobile apps is an essential key to tempering political division

The Last Watchdog

JANUARY 11, 2021

On Android, the Official Trump 2020 App ranked nearly three times as secure as the Vote Joe App, for a simplistic reason: the Trump app used the most recent version of Android OS. Elements such as modern software frameworks, SDKs, open-source libraries and their versions are all captured by the Analyzer Engine.

Security

Security Libraries Encryption Privacy

Information Management Today

Experts warn of attacks using a new Linux variant of SFile ransomware

New EvilQuest ransomware targets macOS users

Webinars

Trending Sources

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Webinars

Telegram flaw could have allowed access to users secret chats

New enhanced Joker Malware samples appear in the threat landscape

EventBot, a new Android mobile targets financial institutions across Europe

Top 5 Application Security Tools & Software for 2023

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Kaiji, a new Linux malware targets IoT devices in the wild

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

2021 cyber security review of the year

Guarding Against Solorigate TTPs

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Best Digital Forensics Tools & Software for 2021

Tape Won’t Work for Ransomware Protection. Here’s Why.

How to Prevent SQL Injection Attacks

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

The Importance of a Proactive Cyber Defense Solution To Protect Your Critical Data

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Top SD-WAN Solutions for Enterprise Security

Q&A: Here’s why securing mobile apps is an essential key to tempering political division

Stay Connected