Security Affairs

APRIL 20, 2023

North Korea-linked APT group Lazarus employed new Linux malware in attacks that are part of Operation Dream Job. North Korea-linked APT group Lazarus is behind a new campaign tracked as Operation DreamJob (aka DeathNote or NukeSped ) that employed Linux malware.

Archiving 95

Archiving Education Phishing Cybersecurity 95

Security Affairs

APRIL 24, 2023

Truebot has been active since 2017 and some researchers linked it to the Russian Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). It is interesting to note that the domain was also hosting malware a variant of the TrueBot malware.

Cybersecurity 76

Cybersecurity Ransomware Education Authentication 76

IBM Big Data Hub

MAY 6, 2024

A forum to build the skills of the future IBM®, Broadcom and 21CS recently commissioned The Futurum Group to survey businesses, university leaders and students on trends across the mainframe landscape. The full report, 2024 Global Mainframe Skills Report: Insights from Industry and Educational Experts will be released on 6 May 2024.

Systems administration 94

Systems administration Education Digital transformation Access 94

Security Affairs

JANUARY 26, 2023

The UK agency reported ongoing spear-phishing campaigns carried out by Russia-based group SEABORGIUM and Iran-based group TA453 to gather intelligence on the victims. The group also targets former intelligence officials, experts in Russian affairs, and Russian citizens abroad. ” reads the alert published by the UK Agency.

Phishing 77

Phishing Education Authentication Passwords 77

erwin

JULY 16, 2020

The Open Group Architecture Framework (TOGAF) is a type of enterprise architecture (EA) framework. Where enterprise architecture is concerned, an “enterprise” refers to any organization or groups of organizations working toward a common goal. At the heart of The Open Group’s Framework is the Architecture Development Method (ADM).

e-Delivery 133

e-Delivery Education Communications Government 133

Krebs on Security

MAY 14, 2021

The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. “A number of the operators will most likely operate in their own closed-knit groups, resurfacing under new names and updated ransomware variants. .

Ransomware 364

Ransomware Education Communications Access 364

IT Governance

APRIL 29, 2024

The company has fixed the issue, blaming it on a vulnerability in the app’s groups feature. iSharing is used by more than 35 million users. Data breached: >35 million people’s data. 117 of them are known to have had data exfiltrated, exposed or otherwise breached.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

IT Governance

JANUARY 3, 2024

We’ll also soon publish our 2023 review of publicly disclosed incidents and records known to be breached across the year, as well as our quarterly report, so keep an eye on our blog. The group is threatening to leak the exfiltrated data. billion records containing property ownership data related to millions of people.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

Security Affairs

APRIL 1, 2023

The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid. Lockbit continues to be one of the most active ransomware gangs, in March the group added 100 new victims to its Tor leak site.

Ransomware 88

Ransomware Education Privacy Cybersecurity 88

Security Affairs

APRIL 27, 2023

The group is known to be an affiliate of the Clop ransomware RaaS affiliate, it has been linked to GoAnywhere attacks and Raspberry Robin infection. The group used the file-sharing app MegaSync for data exfiltration. The company warns that other financially motivated groups could adopt a similar infection chain.

Ransomware 84

Ransomware Education Security IT 84

Thales Cloud Protection & Licensing

OCTOBER 2, 2018

Since its inception, NCSAM has grown exponentially, reaching consumers, small and medium-sized business, corporations, educational institutions and young people across the nation. 8-12): Millions of Rewarding Jobs: Educating for a Career in Cybersecurity. 1-5): Make Your Home a Haven for Online Safety. Week 2 (Oct. Week 3 (Oct.

Cybersecurity 70

Cybersecurity Education Security Risk 70

Security Affairs

APRIL 27, 2023

The group operates a ransomware-as-a-service (RaaS) and provides its malicious code to a network of affiliates by imposing strict rules. The group aims at flying below the radar, and like other groups, doesn’t target systems in the CIS region. The group threatens to ban every affiliate who does leak samples.

Encryption 87

Encryption Ransomware Education Access 87

Security Affairs

MAY 4, 2023

CERT-UA is warning of destructive cyberattacks conducted by the Russia-linked Sandworm APT group against the Ukraine public sector. Russia-linked APT group Sandworm is behind destructive cyberattacks against Ukrainian state networks, the Ukrainian Government Computer Emergency Response Team (CERT-UA) warns.

Archiving 87

Archiving Education Authentication Ransomware 87

Security Affairs

APRIL 10, 2023

Iran-linked APT group MERCURY is behind destructive attacks on hybrid environments masquerading as a ransomware operation. The Microsoft Threat Intelligence team observed a series of destructive attacks on hybrid environments that were carried out by MuddyWater APT group (aka MERCURY ). Both groups used MULLVAD VPN.

Ransomware 89

Ransomware File names Access Education 89

Security Affairs

APRIL 25, 2023

North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. capital used in the stage-one dropper. Jamf concludes.

Education 84

Education Communications Marketing Cloud 84

IT Governance

OCTOBER 3, 2022

Our blog has become the go-to source for monthly data breach statistics, and we’ve been producing this series for over seven years. You can leave your comments and suggestions on our blog, or can start the conversation by getting in touch with us via LinkedIn or Twitter. Cyber attacks. Ransomware. Data breaches.

Data breaches 143

Data breaches Ransomware Education Phishing 143

Security Affairs

APRIL 30, 2023

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. Russia-linked APT28 group is targeting Ukrainian government bodies with fake ‘Windows Update’ guides, Computer Emergency Response Team of Ukraine (CERT-UA) warns.

Systems administration 92

Systems administration Military Phishing Government 92

Security Affairs

APRIL 7, 2023

The ransomware group added the company to the list of victims on its Tor leak site, it claims to have stolen the source code from the company, including a framework to develop bios, and private keys. MSI is headquartered in Taipei, Taiwan.

Ransomware 87

Ransomware Security Manufacturing Cybersecurity 87

Security Affairs

APRIL 19, 2023

The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-12 [$1000][ 1430644 ] Medium CVE-2023-2137: Heap buffer overflow in sqlite.

Libraries 91

Libraries Education Access Cybersecurity 91

Security Affairs

APRIL 14, 2023

The vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11” reads the advisory published by Google. The vulnerability is a Type Confusion issue that resides in the JavaScript engine V8.

Libraries 84

Libraries Education Cybersecurity Security 84

Security Affairs

APRIL 19, 2023

An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021 to mid-2022. The group rapidly weaponized N-day vulnerabilities in popular enterprise applications by using publicly disclosed POCs. ” reads the report published by Microsoft.

Energy and Utilities 89

Energy and Utilities Military Education Phishing 89

Security Affairs

MAY 2, 2023

A joint operation conducted by the FBI and Ukrainian police seized 9 crypto exchanges used by cybercriminal groups for money laundering. “Web resources offered users anonymous exchange of cryptocurrencies.

Education 89

Education Ransomware Cybersecurity Security 89

Security Affairs

APRIL 26, 2023

Researchers from Palo Alto Networks Unit 42 recently observed the China-linked Alloy Taurus group (aka GALLIUM , Softcell ) targeting Linux systems with a new variant of PingPull backdoor. In recent years, the researchers observed the group expanding its operations to include financial institutions and government entities. softether[.]net

Communications 95

Communications Military Government Libraries 95

Security Affairs

APRIL 22, 2023

The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023. CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability.

IT 91

IT Libraries Cybersecurity Education 91

Security Affairs

APRIL 16, 2023

The LockBit group is the first ransomware gang of all time that has created encryptors to target macOS systems, MalwareHunterTeam team warn. Researchers warn that the LockBit ransomware gang has developed encryptors to target macOS devices.

Archiving 97

Archiving Encryption Ransomware Education 97

IT Governance

DECEMBER 11, 2023

suffers second ransomware attack in months Having been struck by a ransomware attack in October by the BlackSuit group , which led to operations and appointments being postponed, Akumin Inc. has suffered a second attack, this time by the BianLian ransomware group. Akumin Inc. Data breached: 5 TB.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

MAY 7, 2024

It emerged this week, according to the New York City Department of Education, that data from a further 381,000 students was also compromised in this incident. Data breached: 1,201,000 people’s data. Organisation(s) Sector Location Data breached? Known data breached MovieBoxPro Source 1 ; source 2 (New) Leisure China? Young, Inc.

Data breaches 59

Data breaches Education Manufacturing Retail 59

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.”

Ransomware 296

Ransomware Agriculture Encryption Access 296

Security Affairs

APRIL 18, 2023

The vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11. The CVE-2023-2033 flaw is the first Chrome zero-day vulnerability addressed by Google in 2023.

IT 82

IT Cybersecurity Education Risk 82

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats.

IT 92

IT Military Phishing Passwords 92

Security Affairs

APRIL 12, 2023

. “Although there is no evidence that the data concerned have been used for fraudulent purposes, out of extreme caution, we invite you to pay particular attention and to verify any contact attempt via e-mail, mail and/or text message that may appear to come from Hyundai Italia or by other entities of the Hyundai Group.

Data breaches 92

Data breaches Manufacturing Cybersecurity Education 92

Security Affairs

APRIL 28, 2023

“The man was an administrator of closed groups and channels in the Telegram messenger, where he sold personal data of citizens of Ukraine and the European Union.” .” reads the announcement published by the Ukraine Cyber Police.

Sales 94

Sales Personal data Education Access 94

Security Affairs

MAY 1, 2023

Its wide array of capabilities was appreciated and used by nation-state actors such as the China-linked APT group Earth Berberoka. Shared Hosting / Registration Similarities: The experts were able to group registrations by using registrars, name servers, IPs, and dynamic DNS providers. ” concludes the report.

Education 76

Education Risk Security IT 76

Security Affairs

MAY 4, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Unlike other ransomware operations, Royal doesn’t offer Ransomware-as-a-Service, it appears to be a private group without a network of affiliates. Source J.D. reads the alert.

Ransomware 93

Ransomware IT Encryption Education 93

Security Affairs

APRIL 17, 2023

The CreateJobLocal function receives groups of directories, often in groups of five. The script uses the CreateJobLocal( $folders ) function to create PowerShell script blocks to be run as jobs via the Start-Job cmdlet.

Ransomware 92

Ransomware Education Cybersecurity Security 92

Security Affairs

APRIL 3, 2023

The response to the incident put in place by WD suggests that the company was the victim of a ransomware attack, but at this time it is not included in any of Tor leak sites of ransomware groups.

IT 90

IT Security Cloud Ransomware 90

Security Affairs

APRIL 8, 2023

The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022.

IT 82

IT Ransomware Education Cybersecurity 82