Archiving and Cybersecurity - Information Management Today

IT Army of Ukraine gained access to a 1.5GB archive from Gazprom

Security Affairs

JANUARY 31, 2023

GB archive. GB archive belonging to the Russian energy giant Gazprom. The group of hacktivists announced the hack on their Telegram channel claiming that the archive contains more than 6,000 files of the companies of the Gazprom group. “The archive with a capacity of 1.5 “The archive with a capacity of 1.5

Archiving

Archiving Access IT Communications

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. ’ At this time, the domain mandiantyellowpress[.]com

Ransomware

Ransomware Cybersecurity Archiving Security

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

The Last Watchdog

APRIL 1, 2020

Related: What we’ve learned from the massive breach of Capitol At RSA 2020 , I learned about how one of the routine daily chores all large organizations perform — data governance — has started to emerge as something of a cybersecurity multiplier. A robust data archiving strategy puts data into tiers, Lahiri says.

Government

Government Cybersecurity Archiving Access

Instagram flaw allowed to see private, archived Posts/Stories of users without following them

Security Affairs

JUNE 15, 2021

Instagram has addressed a new flaw that allowed anyone to access private accounts viewing archived posts and stories without having to follow them. Researcher Mayur Fartade has found a vulnerability in Instagram that allowed anyone to access private accounts, viewing archived posts and stories without having to follow them.

Archiving

Archiving Access Ransomware Security

Snake, a new Info Stealer spreads through Facebook messages

Security Affairs

MARCH 7, 2024

The campaign has been active since at least August 2023 when it was disclosed by a cybersecurity researcher on X. The archives contain two downloaders, a batch script and a cmd script, with the final downloader used to drop the appropriate Python Infostealer variant on the victim’s system.

Archiving

Archiving Cybersecurity IT Information Security

Weekly Vulnerability Recap – August 21, 2023 – When ACE Equals Bad

eSecurity Planet

AUGUST 21, 2023

August 18 , 2023 Vulnerability Allows Code Execution When Opening WinRAR Archives Vulnerability CVE-2023-40477 in the popular WinRAR utility allows for arbitrary code execution (ACE) to automatically occur during the opening of the archive container.

Archiving

Archiving Cybersecurity Encryption Privacy

iShutdown lightweight method allows to discover spyware infections on iPhones

Security Affairs

JANUARY 17, 2024

Cybersecurity researchers from Kaspersky have identified a “lightweight method,” called iShutdown, to identify the presence of spyware on Apple iOS devices. The log file is stored in a sysdiagnose (sysdiag) archive. The lightweight nature of this method makes it readily available and accessible.

Archiving

Archiving Cybersecurity IT Access

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Security Affairs

NOVEMBER 20, 2023

Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploiting the WinRAR zero-day vulnerability tracked as CVE-2023-38831. The economically motivated APT group used specially crafted archives in phishing attacks against forum users through online trading forum posts. ” concludes the report.

Phishing

Phishing Archiving Financial Services Cybersecurity

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

The attackers sent out emails with ZIP archives containing an IMG files that serves as decoys for hidden EXE malware and ACCDB documents. CERT-UA warned Ukrainian CEOs to enhance cybersecurity measures for accountants’ automated workplaces. ” read the advisory published by CERT-UA. ” continues the report.

Archiving

Archiving Phishing Access Cybersecurity

Dissecting IcedID behavior on an infected endpoint

OpenText Information Management

MARCH 30, 2023

OpenText™ Cybersecurity Services observed a recent malspam campaign where IcedID was delivered via an archived zip file containing a Visual Basic script. It targets a victim’s financial information and it is also capable of dropping other malware, most commonly CobaltStrike.

Archiving

Archiving Cybersecurity IT Security

Experts found the first LockBit encryptor that targets macOS systems

Security Affairs

APRIL 16, 2023

MalwareHunterTeam researchers discovered the LockBit encryptors in a ZIP archive uploaded to VirusTotal. "locker_Apple_M1_64": BleepingComputer confirmed that the zip archive contained “previously unknown encryptors for macOS, ARM, FreeBSD, MIPS, and SPARC” architectures.

Archiving

Archiving Encryption Ransomware Education

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

eSecurity Planet

MARCH 15, 2024

HackerGPT, first launched in 2023, is a ChatGPT-powered tool that merges AI technology with cybersecurity-focused expertise. in February 2024, it serves as an extensive repository of hacking tools and techniques to actively assist users in managing complex cybersecurity protection strategies. Launch of HackerGPT 2.0

Cybersecurity

Cybersecurity Education Privacy Access

Data of 106 million visitors to Thailand leaked online

Security Affairs

SEPTEMBER 20, 2021

The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected Elasticsearch database containing the personal details of more than 106 million visitors to Thailand. While the IP address of the database is still public, the database was taken offline and has been replaced with a honeypot.

Honeypots

Honeypots Archiving Personal data Cybersecurity

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

New Jersey’s Cybersecurity and Communications Integration Cell (NJCCIC) reported that since April, threat actors used the the Phorpiex botnet to send millions of phishing emails as part of a LockBit Black ransomware campaign. Experts estimated that in one year it allowed to steal crypto assets worth of 500,000 dollars.

Phishing

Phishing Ransomware Security awareness Authentication

Expert warns of Turtle macOS ransomware

Security Affairs

DECEMBER 1, 2023

The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. The experts speculate the malware was first developed for Windows, then ported to macOS.

Ransomware

Ransomware Encryption Archiving Cybersecurity

Real estate agency exposes details of 690k customers

Security Affairs

DECEMBER 21, 2023

Cybersecurity researcher Jeremiah Fowler discovered an unprotected database associated with Estate Wealth Network. The archive, totaling 1.16 Goyzer claims to provide technological solutions for real estate developers, property managers, and brokers. During this period, another case has garnered attention. terabytes, housed over 1.5

Archiving

Archiving Phishing Cybersecurity Risk

Lockbit ransomware gang demanded an 80 million ransom to CDW

Security Affairs

OCTOBER 14, 2023

Data in the archives suggest it is associated with employee badges, audits, commission payout data, and other account-related information. ” CDW revealed that it had detected suspicious activity related to the Sirius Federal servers and quickly launched an investigation with the help of external cybersecurity experts. “we

Ransomware

Ransomware Cybersecurity Archiving Education

Since declaring cyber war on Russia Anonymous leaked 5.8 TB of Russian data

Security Affairs

APRIL 24, 2022

The collective has leaked a 432GB archive containing 645,000 emails. The collective has leaked a 211GB archive containing 365,000 emails. The collective has leaked a 432GB archive containing 575,000 emails. The collective has leaked a 130GB archive containing 250,000 emails. Sawatzky is a property management company.

Archiving

Archiving Government Cybersecurity Security

Follow the 3-2-1 Rules of Data Backups

Adam Levin

MARCH 31, 2022

When it comes to backing up your data, IT and cybersecurity experts alike consistently advise what’s known as the “3-2-1” rules, which are: Keep at least three copies of your data: The emphasis here is on at least. Backups are inherently fallible, and can fall prey to malware, ransomware, power surges, and hardware failure.

Archiving

Archiving Cloud Cybersecurity Ransomware

Vulnerability Recap 6/3/24 – Check Point, Okta & Fortinet Issues

eSecurity Planet

JUNE 3, 2024

The problem: Cybersecurity firm eSentire’s threat response unit discovered fake browser updates that delivered instances of BitRAT and Lumma Stealer malware. Discord, which has lately been heavily used as a cyberattack surface, hosts the zip archive file. When they try to upgrade, a zip file downloads onto their computer.

Authentication

Authentication Passwords Access Cybersecurity

Ragnar Locker ransomware leaked data stolen from ADATA chipmaker

Security Affairs

JUNE 21, 2021

The group published the link to 13 password-protected archives, allegedly containing sensitive data stolen from the chipmaker. Attention Password for the Archives: XXXXXXXXXXX#1JLDiw8″ reads the post published by the group on its leak site. !!Inside

Ransomware

Ransomware Archiving Passwords Authentication

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Upon opening the file, a RAR-archive named “Viyskovi_zlochinci_RU.rar” is created. . The archive contains a link file named “War criminals destroying Ukraine (home addresses, photos, phone numbers, pages on social networks).lnk,” The script calculates a unique identifier of the computer based on its.

Military

Military Phishing File names Archiving

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

The Last Watchdog

NOVEMBER 8, 2021

However, M&A is a complex undertaking, and integrating and consolidating IT, cybersecurity and data privacy infrastructure only adds to the challenge. M&A invariably creates technology gaps that bad actor’s prey upon. Patient data exposures. Healthcare data security and privacy is a problem that continues to grow.

Access

Access Privacy Security IoT

Data protection strategy: Key components and best practices

IBM Big Data Hub

MAY 28, 2024

Unsurprisingly, companies are increasingly prioritizing data protection within their cybersecurity initiatives, realizing that a robust data protection strategy not only defends against potential data breaches but also ensures ongoing compliance with regulatory laws and standards.

Data breaches

Data breaches GDPR Compliance Encryption

New QBot campaign delivered hijacking business correspondence

Security Affairs

APRIL 17, 2023

“If the user complies, an archive will be downloaded from a remote server (compromised site), protected with a password given in the original PDF file.” ” Upon opening the attachment, it will retrieve an archive from a compromised website. The archive contains an obfuscated Windows Script File (.WSF)

e-Delivery

e-Delivery Archiving Education Passwords

Meet new Archive-It and Web Group teammates

Archive-It

NOVEMBER 26, 2018

by the Archive-It team. Archive-It and the Internet Archive’s Web Group welcomed three new teammates this fall. They have already contributed important updates and improvements to the web crawling, data service, and archival replay tools relied upon by Archive-It partners.

Archiving

Archiving Computer and Electronics IT Big data

Experts found an RCE vulnerability in QNAP Q’center

Security Affairs

JUNE 7, 2021

Researchers at cybersecurity firm Shielder discovered a remote code execution on QNAP Q’center through a manipulated QPKG installation package. Researchers at cybersecurity firm Shielder discovered a remote code execution flaw on QNAP Q’center through a manipulated QPKG installation package.

Archiving

Archiving Cybersecurity IT Security

LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage

Security Affairs

MARCH 6, 2024

quickly attempted a comeback that has largely been dismissed by the cybersecurity community as a dud. In fact, the cybersecurity community often overlooks the fact that LockBit 3.0 was one of the first ransomware groups to start embedding leaked data into torrent files for download and uploading these archives to TOR.

Risk

Risk Ransomware Access Cybersecurity

China-linked TA413 group actively exploits Microsoft Follina zero-day flaw

Security Affairs

JUNE 1, 2022

This week, the cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) Researchers from Proofpoint reported that TA413 is conducting a spear-phishing campaign that uses ZIP archives containing weaponized Word Documents. in Microsoft Office in attacks in the wild. app for the attacks.

Archiving

Archiving Cybersecurity Phishing Security

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

JULY 31, 2022

A threat actor that goes online with the moniker Adrastea , and that defines itself as a group of independent cybersecurity specialists and researchers, claims to have hacked MBDA. We are “Adrastea” – a group of independent specialists and researchers in the field of cybersecurity. “Hello!

Manufacturing

Manufacturing Military Archiving Cybersecurity

“gitgub” malware campaign targets Github users with RisePro info-stealer

Security Affairs

MARCH 17, 2024

Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. The researchers noticed that the users must unpack several layers of archives using the password “GIT1HUB1FREE,” which is provided in the README.md

Passwords

Passwords File names Archiving Cybersecurity

Anonymous: Operation Russia after 100 days of war

Security Affairs

JUNE 4, 2022

B00da and Porteur leaked a 1T archive containing data and emails from the law firm. Anonymous has leaked a 823 GB archive containing 1.5 B00da , Porteur , and Wh1t3 Sh4d0w leaked a 184 GB archive containing company emails. million emails.

Archiving

Archiving Government Passwords Cybersecurity

CERT-UA warns of an ongoing SmokeLoader campaign

Security Affairs

MAY 8, 2023

Threat actors are using emails sent from compromised accounts with the subject “bill/payment” with an attachment in the form of a ZIP archive. “The mentioned ZIP archive is a polyglot file containing a decoy document and a JavaScript file “pax_2023_AB1058.js” We are in the final!

Archiving

Archiving Phishing Access Cybersecurity

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

Cybersecurity researchers 3xp0rt reported that a threat actor that goes online with the moniker ‘kapuchin0’ (and also uses the alias Gookee) has leaked the source code of the HelloKitty ransomware on the XSS forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. ” said kapuchin0.

Ransomware

Ransomware Archiving Encryption Cybersecurity

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

The archive contains 73.481.539 records. “It “AT&T has launched a robust investigation supported by internal and external cybersecurity experts. The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. It was leaked online today.”

Data breaches

Data breaches Sales Archiving Access

GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack

Security Affairs

MAY 28, 2022

Now the Microsoft-owned company provided an update on the incident, the attackers were able to escalate access to npm infrastructure and access the following files exfiltrated from npm cloud storage: A backup of skimdb.npmjs.com containing data from April 7, 2021, with the following information:An archive of user information from 2015.

Metadata

Metadata Passwords Archiving Access

Another nation-state actor exploits Microsoft Follina to attack European and US entities

Security Affairs

JUNE 6, 2022

The popular cybersecurity expert Kevin Beaumont, who named the bug Follina , published an analysis of the flaw. Last week, the cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) Gathered data are exfiltrated in the form of zip archives to the address 45.77.156[.]179.

Phishing

Phishing Archiving Cybersecurity Government

e-Records 2019: Better Together in a Digital World: Security and Retention Conference Recap

The Texas Record

NOVEMBER 21, 2019

Robbins took the audience on a journey introducing all the conference themes that were then touched on throughout the day– building and growing relationships between records management and other related groups, namely cybersecurity and information technology.

Archiving

Archiving Records Management Security Information governance

Russia behind a massive spear-phishing campaign that hit Ukraine

Security Affairs

JUNE 7, 2021

Three Ukrainian cybersecurity agencies ( Ukrainian Secret Service , Ukrainian Cyber Police , and CERT Ukraine ), including the Ukrainian Secret Service, warned last week of a “massive” spear-phishing campaign conducted by Russia-linked hackers against its government and organizations in the private industry. Details in the application… ».

Phishing

Phishing Archiving Government Passwords

CISA adds UnRAR and Windows flaws to Known Exploited Vulnerabilities Catalog

Security Affairs

AUGUST 10, 2022

The Cybersecurity & Infrastructure Security Agency (CISA) has added a recently disclosed security flaw, tracked as CVE-2022-30333 (CVSS score: 7.5), in the UnRAR utility to its Known Exploited Vulnerabilities Catalog. The vulnerability was reported in late June by cybersecurity researcher Simon Scannell from SonarSource.

Archiving

Archiving Cybersecurity Risk Security

2020 Likely To Break Records for Breaches

Adam Levin

JULY 10, 2020

A recent article released by cybersecurity and antivirus firm Bitdefender shows that 8.4 Quidd (4 million records): An archive of 4 million usernames, email addresses, and hashed passwords from online marketplace Quidd were found online following an April data breach. Marriott (5.2

Data breaches

Data breaches Cybersecurity Archiving Personal data

Anonymous hacked other Russian organizations, some of the breaches could be severe

Security Affairs

APRIL 20, 2022

Anonymous claims to have stolen 426,000 emails and leaked an archive of 160 GB in size. Anonymous claims to have stolen 15,600 emails and leaked an archive of 9.5 Anonymous claims to have stolen 87,500 emails and leaked an archive of 107 GB in size. GUOV i GS – General Dept. GB in size.

Archiving

Archiving Access Government Cybersecurity

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

doc,docx,rtf,txt,xls,xlsx,ppt,pptx,vsd,vsdx,pdf,png,jpeg,jpg,zip,rar,7z,mp4,sql ,php,vbk,vib,vrb,p7s and.sys,dll,exe,bin,dat) to archive them using the legitimate WinRAR program. The attackers were observed using WinRAR with the “-df” option to delete the source file after being added to the archives.

Archiving

Archiving Education Authentication Ransomware

Startup Sees File System as Key to Security

eSecurity Planet

JULY 12, 2021

While many cybersecurity vendors approach zero trust from the perspective of microsegmentation , shrinking the network as much as possible, one startup thinks security needs to be as close to the data as possible and is thus focused on data storage. Secure file server stops attacks.

Security

Security Ransomware Metadata Cloud

IT Army of Ukraine gained access to a 1.5GB archive from Gazprom

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Trending Sources

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

Instagram flaw allowed to see private, archived Posts/Stories of users without following them

Snake, a new Info Stealer spreads through Facebook messages

Weekly Vulnerability Recap – August 21, 2023 – When ACE Equals Bad

iShutdown lightweight method allows to discover spyware infections on iPhones

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Dissecting IcedID behavior on an infected endpoint

Experts found the first LockBit encryptor that targets macOS systems

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

Data of 106 million visitors to Thailand leaked online

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Expert warns of Turtle macOS ransomware

Real estate agency exposes details of 690k customers

Lockbit ransomware gang demanded an 80 million ransom to CDW

Since declaring cyber war on Russia Anonymous leaked 5.8 TB of Russian data

Follow the 3-2-1 Rules of Data Backups

Vulnerability Recap 6/3/24 – Check Point, Okta & Fortinet Issues

Ragnar Locker ransomware leaked data stolen from ADATA chipmaker

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

Data protection strategy: Key components and best practices

New QBot campaign delivered hijacking business correspondence

Meet new Archive-It and Web Group teammates

Experts found an RCE vulnerability in QNAP Q’center

LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage

China-linked TA413 group actively exploits Microsoft Follina zero-day flaw

Threat actor claims to have hacked European manufacturer of missiles MBDA

“gitgub” malware campaign targets Github users with RisePro info-stealer

Anonymous: Operation Russia after 100 days of war

CERT-UA warns of an ongoing SmokeLoader campaign

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

AT&T confirmed that a data breach impacted 73 million customers

GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack

Another nation-state actor exploits Microsoft Follina to attack European and US entities

e-Records 2019: Better Together in a Digital World: Security and Retention Conference Recap

Russia behind a massive spear-phishing campaign that hit Ukraine

CISA adds UnRAR and Windows flaws to Known Exploited Vulnerabilities Catalog

2020 Likely To Break Records for Breaches

Anonymous hacked other Russian organizations, some of the breaches could be severe

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Startup Sees File System as Key to Security

Stay Connected