2022, Document, Ransomware and Security - Information Management Today

Microsoft Patch Tuesday, December 2022 Edition

Krebs on Security

DECEMBER 14, 2022

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The security updates include patches for Azure , Microsoft Edge, Office , SharePoint Server , SysInternals , and the.NET framework.

Ransomware

Ransomware Authentication Security Access

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. 11-12, 2022. 11-12, 2022. 11, 2022 after they SIM-swapped an AT&T customer by impersonating them at a retail store using a fake ID. Image: Elliptic.co.

Blockchain

Blockchain Ransomware Retail Analytics

Spanish bank Globalcaja confirms Play ransomware attack

Security Affairs

JUNE 5, 2023

Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja was the victim of a Play ransomware attack that impacted operations at several offices of the bank. The group will publish the stolen data on June 11, 2023, if the bank will not pay the ransom.

Ransomware

Ransomware Data breaches Cloud Security

Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits

eSecurity Planet

MARCH 27, 2023

Enterprise IT, network and security product vulnerabilities were among those actively exploited in zero-day attacks last year, according to a recent Mandiant report. Mandiant tracked 55 zero-day vulnerabilities that were actively exploited in 2022. firewalls, IPS/IDS appliances, etc.),” the researchers wrote.

Cloud

Cloud Ransomware Risk Access

Blackbasta gang claimed responsibility for Synlab Italia attack

Security Affairs

MAY 4, 2024

The company has yet to disclose a data breach e never mentioned in its update that it was the victim of a ransomware attack. Such drastic containment measures are typically associated with malware infections, while the unavailability of affected systems often suggests a ransomware infection. The group claimed the theft of 1.5

Ransomware

Ransomware Data breaches Personal data Phishing

Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems

Security Affairs

SEPTEMBER 12, 2022

Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems. In August, Cisco disclosed a security breach, the Yanluowang ransomware gang breached its corporate network in late May and stole internal data. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware IT Authentication File names

Lockbit ransomware gang claims to have hacked Ministry of Justice of France

Security Affairs

JANUARY 27, 2022

A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. A few hours ago Lockbit ransomware operators have announced to have stolen data from Ministry of Justice of France and threatened to leak it. The deadline for the payment has been fixed on 10 Feb, 2022 11:20:00.

Ransomware

Ransomware Government Security IT

Ukrainian REvil gang member sentenced to 13 years in prison

Security Affairs

MAY 2, 2024

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims. in March 2022. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. million in U.S.

Ransomware

Ransomware Encryption Information Security IT

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Passwords

Passwords Phishing Access Encryption

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023. In the latter part of 2022 and the first half of 2023, the cybersecurity landscape witnessed a significant increase in both the variety and quantity of cyberattacks and their consequences.

Artificial Intelligence

Artificial Intelligence Ransomware Cybersecurity Manufacturing

Australian Privacy Regulator Sues in Data Breach Case

Hunton Privacy

NOVEMBER 15, 2023

Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty ( i.e. , a fine) in connection with the company’s response to a data breach that occurred in February 2022.

Data breaches

Data breaches Privacy Risk Information Security

Alberta OIPC’s 2022 PIPA Breach Report – Trends and Key Takeaways

Data Protection Report

AUGUST 16, 2022

On July 27, 2022, the Office of the Information and Privacy Commissioner of Alberta ( OIPC ) released its 2022 PIPA Breach Report. [1] malware, ransomware, hacking). Failure to Secure. 1] The report analyzes the nearly 2,000 breach reports [2] received by the OIPC during. . Cause of breach for RROSH breaches. 14-30 days.

Privacy

Privacy Risk Cybersecurity Phishing

The Week in Cyber Security and Data Privacy: 23–29 October 2023

IT Governance

OCTOBER 31, 2023

Thousands of drivers have sensitive data exposed to hackers in major IT breach Date of breach: Unclear, but breached documents date back to 2017. Incident details: A security vulnerability in a third party left personal data exposed of thousands of motorists who had their vehicle towed on behalf of the An Garda Síochána.

Data Privacy

Data Privacy Privacy Data breaches Security

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

MARCH 16, 2022

#Russia began active preparations for disconnection from the global Internet No later than March 11, all servers and domains must be transferred to the #Russian zone. pic.twitter.com/wOCdRqOJej — NEXTA (@nexta_tv) March 6, 2022. That’s a serious security breach of assets right there. Original post at [link].

Authentication

Authentication Access Systems administration Military

51 Must-Know Phishing Statistics for 2023

IT Governance

JUNE 8, 2023

A Digital Guardian report found that 90% of corporate security breaches are the result of phishing attacks. million unique phishing websites in Q4 2022, which is the most it has ever recorded. Other popular attack methods are script files (23%), Office documents (19%) and PDF documents (6%). million) in 2022.

Phishing

Phishing Data breaches Communications Government

Cyber Incident Reporting Language in Omnibus Bill Headed to President Biden’s Desk

Hunton Privacy

MARCH 14, 2022

On March 11, 2022, the U.S. The bill previously was passed by the House of Representatives on March 9, 2022. President Biden is expected to sign the bill and has until March 15, 2022, to do so before the current spending authorization expires.

Cybersecurity

Cybersecurity Ransomware Communications Government

EP 49: LoL

ForAllSecure

JUNE 21, 2022

Kyle Hanslovan CEO of Huntress Labs joins The Hacker Mind to discuss recent LoL attacks, specifically the Microsoft Follina attack and the Kaseya ransomware attack, and how important it is for small and medium sized businesses to start using enterprise grade security, given the evolving nature of these attacks. I'm Robert Vamosi.

Ransomware

Ransomware Marketing IT Libraries

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing

Phishing Security Artificial Intelligence Security awareness

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

ForAllSecure

FEBRUARY 8, 2023

From her talk at SecTor 2022 , Paula Januszkiewicz, CEO of Cqure , returns to The Hacker Mind and explains how a lot of little configuration errors in common Windows tools and services can open the door to persistence on a system for bad actors and what sysadmins can do to mitigate these. And secure Academy. So how does this happen?

Access

Access IT Phishing Passwords

Conti Ransomware Group Diaries, Part III: Weaponry

Krebs on Security

MARCH 4, 2022

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Conti is by far the most aggressive and profitable ransomware group in operation today. Part II explored what it’s like to be an employee of Conti’s sprawling organization.

Ransomware

Ransomware Insurance Security IT

CyberheistNews Vol 13 #12 [Heads Up] This Week's New SVB Meltdown Social Engineering Attacks

KnowBe4

MARCH 21, 2023

CyberheistNews Vol 13 #12 | March 21st, 2023 [Heads Up] This Week's New SVB Meltdown Social Engineering Attacks On Saturday March 11, I warned about the coming wave of phishing attacks that would undoubtedly follow the SVB collapse. We were not disappointed. KYC' is a banking term that stands for 'Know Your Customer' or 'Know Your Client.'

Phishing

Phishing Security awareness Passwords Marketing

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Luckily for cybersecurity startups, there’s no shortage of interest in tomorrow’s next big security vendors. billion in 2021, and growing concerns over data security , software supply chains , and ransomware suggest the market will remain strong through economic ups and downs. How Do VC Firms Work? a16z Investments.

Cybersecurity

Cybersecurity Cloud Marketing Security

Information Management Today

Microsoft Patch Tuesday, December 2022 Edition

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Trending Sources

Spanish bank Globalcaja confirms Play ransomware attack

Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits

Blackbasta gang claimed responsibility for Synlab Italia attack

Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems

Lockbit ransomware gang claims to have hacked Ministry of Justice of France

Ukrainian REvil gang member sentenced to 13 years in prison

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Australian Privacy Regulator Sues in Data Breach Case

Alberta OIPC’s 2022 PIPA Breach Report – Trends and Key Takeaways

The Week in Cyber Security and Data Privacy: 23–29 October 2023

Hacker breaches key Russian ministry in blink of an eye

51 Must-Know Phishing Statistics for 2023

Cyber Incident Reporting Language in Omnibus Bill Headed to President Biden’s Desk

EP 49: LoL

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

Conti Ransomware Group Diaries, Part III: Weaponry

CyberheistNews Vol 13 #12 [Heads Up] This Week's New SVB Meltdown Social Engineering Attacks

Top VC Firms in Cybersecurity of 2022

Stay Connected