Data Breach Today

DECEMBER 4, 2024

Platform Used for Drugs, Arms Trafficking and Money Laundering French and Dutch police led the takedown of an encrypted messaging platform used in international drug and arms trafficking. Dutch police discovered the app, named Matrix, on the phone of a criminal convicted in 2021 of murdering a journalist.

Encryption 281

Encryption 281

Data Breach Today

SEPTEMBER 6, 2024

Also: AI's Role in Cybersecurity; New Fraud Prevention Rules In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments. (..)

Encryption 305

Encryption Artificial Intelligence Cybersecurity 305

Data Breach Today

MARCH 19, 2024

They highlight the need for proactive measures to protect digital assets from future breaches, deliver long-term data security and ensure the integrity of encryption. Expert Perspectives on Protecting Data and Developing Quantum-Safe Cryptography As quantum computing looms, experts emphasize the urgency of embracing quantum-safe strategies.

Encryption 294

Encryption Security 294

Data Breach Today

DECEMBER 3, 2024

Platform Used for Drugs, Arms trafficking, and Money Laundering French and Dutch police led the takedown of an encrypted messaging platform used in international drug and arms trafficking. Dutch police discovered the app, named Matrix, on the phone of a criminal convicted in 2021 of murdering a journalist.

Encryption 261

Encryption 261

Security Affairs

FEBRUARY 4, 2025

Researchers from Google disclosed an improper signature verification vulnerability, tracked asCVE-2024-56161 (CVSS score of 7.2), in AMD’s Secure Encrypted Virtualization (SEV). AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode.

Encryption 245

Encryption Security Access Information Security 245

eSecurity Planet

FEBRUARY 26, 2025

Explore the risks of popular apps and why switching to encrypted alternatives is crucial. The post US Officials Recommend Using Encrypted Apps for Messaging appeared first on eSecurity Planet. Take control of your data and protect your privacy before its too late!

Encryption 104

Encryption Privacy Cybersecurity Risk 104

Collaboration 2.0

FEBRUARY 6, 2025

Quantum computers could soon break today's strongest encryption, putting sensitive data at risk. Let's dive deep into what this all means for telecommunications, security, AI, and our future.

Encryption 279

Encryption IT Risk Security 279

Collaboration 2.0

JANUARY 9, 2025

If you ever send emails that contain sensitive or private information, consider email encryption. Getting started is a lot easier than you'd expect.

Encryption 263

Encryption 263

Collaboration 2.0

MARCH 14, 2025

Apple will add support for encrypted RCS messages in future updates to iOS, iPadOS, MacOS, and WatchOS.

Encryption 212

Encryption Privacy 212

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” ” reads the report filed with SEC.

Ransomware 297

Ransomware Encryption Cybersecurity Access 297

Collaboration 2.0

FEBRUARY 25, 2025

The UK's demand for an encryption backdoor in iCloud, and Apple's response, have repercussions that go far beyond national borders, threatening user privacy and security worldwide.

Encryption 213

Encryption Privacy Security 213

Data Breach Today

OCTOBER 25, 2024

Rust-Based Ransomware Employs Aggressive Anti-Detection Tactics Operators of a Russian-speaking ransomware group launched a new encryptor with enhanced measures for defeating cyber defenders including wiping logs, disrupting backup systems and stopping decryption without insiders knowledge.

Ransomware 279

Ransomware Encryption 279

Security Affairs

JANUARY 10, 2025

A version discovered by Check Point in September relied on Apple’s XProtect encryption algorithm for obfuscation, allowing it to evade antivirus detection until its source code leak in November. Elastic researchers noticed that regarding Safari, only the cookies are collected by the AppleScript script for the current version.

Archiving 300

Archiving Phishing Encryption Passwords 300

Security Affairs

OCTOBER 22, 2024

The security breach exposed low-sensitivity performance monitoring data, including customer usernames, account info, and encrypted internal credentials. A threat actor exploited a zero-day vulnerability in a non-Rackspace utility bundled with the ScienceLogic application. Rackspace helped ScienceLogic address this issue.

IT 306

IT Cybersecurity Encryption Cloud 306

Security Affairs

JANUARY 24, 2025

The reverse shell issued a challenge by sending an encrypted string using a hard-coded certificate. When a magic packet was detected, the agent spawned a reverse shell to the IP address and port specified by the packet. If the remote user returned the correct string, they were granted a command shell; otherwise, the connection was closed.

Encryption 302

Encryption Access Security IT 302

Security Affairs

SEPTEMBER 2, 2024

ui : Displays real-time progress and statistics of the encryption process, such as the number of files encrypted. no_vm_ss : Encrypts files on ESXi hosts without shutting down running virtual machines, using the esxicli terminal and deleting snapshots. The ransomware uses a function called encrypt_file to handle file encryption.

Ransomware 338

Ransomware Encryption Libraries IT 338

Security Affairs

MAY 22, 2024

The authentication bypass vulnerability impacts GHES when using SAML single sign-on with encrypted assertions. “On instances that use SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, an attacker could forge a SAML response to provision and/or gain access to a user with administrator privileges.”

Authentication 340

Authentication Encryption IT Compliance 340

Security Affairs

NOVEMBER 26, 2024

The ZIP file is then XOR encrypted, base64 encoded, and sent via a POST request to a specified URL using the built-in cURL command. Banshee Stealer can also steal cryptocurrency from different wallets, including Exodus, Electrum, Coinomi, Guarda, Wasabi Wallet, Atomic and Ledger. concludes the report.

Archiving 358

Archiving Encryption Passwords IT 358

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware 352

Ransomware Encryption Metadata Manufacturing 352

Security Affairs

JANUARY 5, 2025

TIM.exe then loads a malicious launcher DLL libcurl.dll whichwilldecrypt and load the PLAYFULGHOST payload from an encrypted file named Debug.log.” . “Then, the LNK file launches QQLaunch.exe , a legitimate binary from Tencent QQ, which launches another legitimate binary TIM.exe which is a renamed version of the program CURL.

File names 324

File names Archiving Phishing Encryption 324

Security Affairs

JULY 9, 2024

Upon execution, an encryption key is generated by CryptGenRandom() function. The malicious code uses the key to initialize ChaCha20 symmetric key and subsequently encrypt files. Once a file is encrypted, the symmetric file key is encrypted by RSA-4096 and appended to the end of the file.

Ransomware 319

Ransomware IT Encryption Passwords 319

Security Affairs

JANUARY 23, 2024

In early January, independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor. The ransomware employs encryption based on a ChaCha keystream, which is utilized to perform XOR operations on 64-byte-long chunks of the file.

Encryption 358

Encryption Ransomware Blockchain Insurance 358

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware 336

Ransomware Encryption Blockchain Insurance 336

Security Affairs

APRIL 17, 2024

As such, the data the ransomware is able to encrypt is limited to files owned by the confluence user. It will of course succeed in encrypting the datastore for the Confluence application, which can store important information.” ” continues the report. 0” at startup and “/tmp/log.1”

Ransomware 361

Ransomware Encryption Access IT 361

Security Affairs

APRIL 21, 2024

The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it. Earlier versions of the ransomware were written in C++ and the malware added the.akira extension to the encrypted files. “Akira threat actors utilize a sophisticated hybrid encryption scheme to lock data.

Ransomware 351

Ransomware Encryption Education Phishing 351

Security Affairs

NOVEMBER 12, 2024

The auto-reboot feature returns devices to a “Before First Unlock” restricting app access to encryption keys. The feature erases sensitive data from memory to prevent unauthorized extraction.

Encryption 319

Encryption Passwords Security Communications 319

Data Breach Today

JUNE 18, 2024

Company Publishes Information on Double Key Encryption Under Regulatory Pressure Following a legal intervention made by the German federal cybersecurity agency, Microsoft has disclosed additional information on encryption measures it adopted to secure its customer data.

Encryption 303

Encryption Security Paper Cybersecurity 303

Security Affairs

FEBRUARY 12, 2024

The experts exploited the vulnerability to reconstruct encryption keys and developed a decryptor that allows victims of the Rhysida ransomware to recover their encrypted data for free. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware 325

Ransomware Encryption Paper Manufacturing 325

Data Breach Today

SEPTEMBER 30, 2024

Attackers Embrace Dating Sites and Encrypted Messaging Apps for Social Engineering Russian military and intelligence hacking teams continue to refine their Ukrainian targeting, lately shifting to online attacks designed to support and help Moscow's military operations succeed, including social engineering schemes launched via dating portals and encrypted (..)

Military 309

Military Encryption 309

WIRED Threat Level

JUNE 4, 2024

When a drug kingpin named Microsoft tried to seize control of an encrypted phone company for criminals, he was playing right into its real owners’ hands.

Encryption 347

Encryption IT Security 347

Security Affairs

JUNE 6, 2024

TargetCompany has been active since June 2021 , once encrypted a file it adds.mallox,exploit,architek, or.brg extension to the filenames of encrypted files. The malware then enters “VM mode” to encrypt files with specific extensions. TXT” in all folders containing encrypted files. The malware appends the “.locked”

Ransomware 325

Ransomware File names Encryption Communications 325

WIRED Threat Level

DECEMBER 3, 2024

At WIRED’s The Big Interview event, the president of the Signal Foundation talked about secure communications as critical infrastructure and the need for a new funding paradigm for tech.

Encryption 230

Encryption Communications Security Privacy 230

Security Affairs

FEBRUARY 24, 2024

Messaging services use classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. However, researchers believe that a sufficiently powerful quantum computer could compromise of end-to-end encrypted communications.

Encryption 345

Encryption Communications Authentication Security 345

Security Affairs

DECEMBER 1, 2023

The Turtle ransomware reads files into memory, encrypt them with AES (in CTR mode), rename the files, then overwrites the original contents of the files with the encrypted data. The malware adds the extension “ TURTLERANSv0 ” to the filenames of encrypted files. The binary also lacks of obfuscation.

Ransomware 353

Ransomware Encryption Archiving Cybersecurity 353

Security Affairs

OCTOBER 15, 2024

To exploit this vulnerability, the attacker needed GitHub Enterprise Server’s encrypted assertions feature enabled, direct network access, and a signed SAML response or metadata document. “Please note that encrypted assertions are not enabled by default. The flaw affects all versions of Enterprise Server prior to 3.15 and 3.14.2.

Metadata 313

Metadata Encryption Phishing Authentication 313

WIRED Threat Level

OCTOBER 24, 2023

Stefan Thomas lost the password to an encrypted USB drive holding 7,002 bitcoins. One team of hackers believes they can unlock it—if they can get Thomas to let them.

Encryption 353

Encryption Passwords IT Blockchain 353