2021, Analysis, Encryption and Libraries - Information Management Today

New Hive ransomware variant is written in Rust and use improved encryption method

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. According to a report published by blockchain analytics company Chainalysis, the Hive ransomware is one of the top 10 ransomware strains by revenue in 2021. key files.

Encryption

Encryption Ransomware Blockchain Libraries

Cyber espionage campaign targets Asian countries since 2021

Security Affairs

SEPTEMBER 13, 2022

A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. ” continues the report.

Government

Government Access Libraries Education

Homomorphic Encryption Makes Real-World Gains, Pushed by Google, IBM, Microsoft

eSecurity Planet

JUNE 24, 2021

The increasing mobility of data, as it ping-pongs between clouds, data centers and the edge, has made it an easier target of cybercrime groups, which has put a premium on the encryption of that data in recent years. Since then, interest in fully homomorphic encryption (FHE) has increased, largely paralleling the rise of cloud computing.

Encryption

Encryption Cloud Libraries Privacy

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

2021 cyber security review of the year

IT Governance

JANUARY 10, 2022

For many, 2021 was a year to forget. You can read more about that attack, along with the year’s other biggest stories, in our 2021 cyber security review of the year. 2021 got off to an inauspicious start when cyber security researchers reported a huge leak of Brazilian residents’ data. First came the Colonial Pipeline hack.

Security

Security Data breaches Ransomware Phishing

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs

JANUARY 17, 2022

Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. ” reads the analysis published by Rising.AFR-6fyvilv #Sfile #Ransomware New Sample: 6E029B9B0A600CDC1E75A4F7228B332B pic.twitter.com/tB27dM8tjd — dnwls0719 (@fbgwls245) January 9, 2022. as the suffix name.

Ransomware

Ransomware Encryption Libraries Communications

Hertzbleed Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips

Security Affairs

JUNE 15, 2022

Hertzbleed attack: Researchers discovered a new vulnerability in modern Intel and AMD chips that could allow attackers to steal encryption keys. “Second, Hertzbleed shows that, even when implemented correctly as constant time, cryptographic code can still leak via remote timing analysis. ” continues the post.

Encryption

Encryption Libraries Security Cybersecurity

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

The campaign has been active since at least 2021, threat actors employed downloaders and loaders to deploy next-stage malware. ” reads the analysis published by Checkpoint. The CurKeep payload is very small, it is 10kb in size, contains 26 functions and is not statically compiled with any library.

Government

Government IT Encryption Libraries

Sugar Ransomware, a new RaaS in the threat landscape

Security Affairs

FEBRUARY 2, 2022

The Sugar malware was first discovered in the wild in November 2021, it is a Delphi malware that borrows code from other ransomware families. ” reads the analysis published by Walmart. Other similarities were found by the experts in the GPLib library used for encryption/decryption operations.

Ransomware

Ransomware Retail Libraries Encryption

Malware campaign hides a shellcode into Windows event logs

Security Affairs

MAY 7, 2022

” reads the analysis published by Kaspersky researcher Denis Legezo. The experts discovered that the attackers are hiding encrypted shellcode containing the next-stage malware as 8KB pieces in event logs. ” continues the analysis. Threat actors also used to sign modules to avoid detection.

Encryption

Encryption Libraries Archiving Communications

New enhanced Joker Malware samples appear in the threat landscape

Security Affairs

JULY 16, 2021

In April 2021, more than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. The developers are embedding Joker as a payload that can be encrypted in different ways, either a.dex file xored or encrypted with a number, or through the same.

Encryption

Encryption Libraries Cloud Security

Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

Security Affairs

JUNE 22, 2021

The ransomware uses OpenSSL’s AES algorithm with CBC mode to encrypt files and leverages Telegram’s API for C2 communications. The ransomware appends radioactive symbols (“ ”) to the filenames of encrypted files. . ip: 185.141.25.168 [link] pic.twitter.com/6WhAFlxk1L — r3dbU7z (@r3dbU7z) May 29, 2021.

Ransomware

Ransomware Encryption Passwords Cloud

YTStealer info-stealing malware targets YouTube content creators

Security Affairs

JUNE 29, 2022

To control the browser, the malware uses a library called Rod. The malware encrypts all the data with a key that is unique for each sample and sends it along with a sample identifier to the C2 server located at the domain name youbot[.]solutions. ” “The business listing has a logo of an eye in a red circle.

Authentication

Authentication Libraries Encryption Marketing

Best Digital Forensics Tools & Software for 2021

eSecurity Planet

AUGUST 13, 2021

While several open-source tools exist for disk and data capture, network analysis, and specific device forensics, a growing number of vendors are building off what’s publicly available. This article looks at the top digital forensic software tools of 2021 and what customers should consider when buying or acquiring a DSF tool.

e-Discovery

e-Discovery Computer and Electronics Marketing Compliance

Guarding Against Solorigate TTPs

eSecurity Planet

FEBRUARY 3, 2021

On February 2, 2021, Reuters reported that a second advanced persistent threat ( APT ), connected to China, also exploited SolarWinds software. On February 3, 2021, threat detection and response vendor Trustwave released three additional findings on SolarWinds vulnerabilities. Also Read: Top CASB Security Vendors for 2021.

Cybersecurity

Cybersecurity Access Authentication Cloud

macOS: Bashed Apples of Shlayer and Bundlore

Security Affairs

JULY 14, 2021

The Uptycs threat research team has been observing over 90% of macOS malware in our daily analysis and customer telemetry alerts using shell scripts. The openssl program is a command line tool in macOS for using the various cryptography functions (SSL, TLS) of OpenSSL’s crypto library from the shell.

Encryption

Encryption Passwords Libraries Security

A taste of the latest release of QakBot

Security Affairs

MAY 6, 2021

This piece of malware is focused on stealing banking credentials and victim’s secrets using different techniques tactics and procedures (TTP) which have evolved over the years, including its delivery mechanisms, C2 techniques, and anti-analysis and reversing features. h/t @MiguelSantareno – malware submitted on 0xSI_f33d.

Encryption

Encryption Libraries Ransomware IT

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Security Affairs

FEBRUARY 16, 2021

Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Filename: FT.FATURA.EKFUHLWS+LUVPBC0DGZUWISOAPDK.msi MD5 : 70aa68c29622df360dea76daa4255835 Creation time: 2/5/2021 7:10:49 AM. MSI file – The Javali Dropper. Filename: Avira.exe / rundll32.exe

Libraries

Libraries Communications Phishing Encryption

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

Security Affairs

FEBRUARY 5, 2021

In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware, Palo Alto Networks warns. It also hides malicious processes using library injection and encrypts the malicious payload. ” states the analysis published by Palo Alto Networks.

Mining

Mining Libraries Encryption Access

How to Prevent SQL Injection Attacks

eSecurity Planet

MARCH 10, 2021

Also Read: Best Penetration Testing Software for 2021. . For SQLi purposes, this means keeping all web application software components, including database server software, frameworks, libraries, plug-ins, and web server software, up to date. . Encryption: Keep Your Secrets Secret. Utilizing an SQLi Detection Tool .

Passwords

Passwords Encryption Access Security

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

The recent campaign was observed between June 2020 and January 2021, threat actors used DLL side-loading to execute shellcode that decrypts a final payload tracked as “ FoundCore.” ” reads the technical analysis of the malware. the messages were dropping a variant of a malicious program named NewCore RAT.

Military

Military Government Phishing Libraries

Check Point vs Palo Alto Networks: Top NGFWs Compared

eSecurity Planet

OCTOBER 11, 2022

Check Point’s NGFWs leverage an application library of thousands of web applications to identify, allow, block, or limit usage of applications and the features within them, enabling safe internet use while protecting against threats and malware. Both Check Point and Palo Alto are top performers, with AAA ratings in 2021 Cyber Ratings tests.

Cloud

Cloud Security IoT IT

How better key management can close cloud security gaps troubling US government

Thales Cloud Protection & Licensing

FEBRUARY 28, 2024

Thales CipherTrust Data Discovery and Classification helps your organization get complete visibility into your sensitive data with efficient data discovery, classification, and risk analysis across heterogeneous data stores--the cloud, big data, and traditional environments--in your enterprise. This hack included US Government networks.

Cloud

Cloud Government Encryption Security

Information Management Today

New Hive ransomware variant is written in Rust and use improved encryption method

Cyber espionage campaign targets Asian countries since 2021

Webinars

Trending Sources

Homomorphic Encryption Makes Real-World Gains, Pushed by Google, IBM, Microsoft

Webinars

2021 cyber security review of the year

Experts warn of attacks using a new Linux variant of SFile ransomware

Hertzbleed Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Sugar Ransomware, a new RaaS in the threat landscape

Malware campaign hides a shellcode into Windows event logs

New enhanced Joker Malware samples appear in the threat landscape

Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

YTStealer info-stealing malware targets YouTube content creators

Best Digital Forensics Tools & Software for 2021

Guarding Against Solorigate TTPs

macOS: Bashed Apples of Shlayer and Bundlore

A taste of the latest release of QakBot

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

How to Prevent SQL Injection Attacks

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Check Point vs Palo Alto Networks: Top NGFWs Compared

How better key management can close cloud security gaps troubling US government

Stay Connected