Security Affairs

FEBRUARY 23, 2022

Pangu Lab researchers disclosed details of the Bvp47 backdoor that was used by the US NSA Equation Group. National Security Agency (NSA) Equation Group. The name “ Bvp47 ” comes form numerous references to the string “Bvp” and the numerical value “0x47” used in the encryption algorithm.

Encryption 116

Encryption Military Archiving Government 116

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption 114

Encryption Military Phishing Communications 114

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

Energy and Utilities 105

Energy and Utilities Military Government Phishing 105

Security Affairs

DECEMBER 25, 2022

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 399 by Pierluigi Paganini appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security 52

Security Military Ransomware Encryption 52

Security Affairs

APRIL 9, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! billion rubles.

Security 90

Security Computer and Electronics Ransomware Marketing 90

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 87

Security Data breaches Ransomware Artificial Intelligence 87

Security Affairs

NOVEMBER 5, 2023

North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware in attacks against blockchain engineers, reported Elastic Security Labs. ” reads the report.

Blockchain 106

Blockchain Archiving Military Encryption 106

Security Affairs

SEPTEMBER 21, 2021

Russia-linked cyber espionage group Turla made the headlines again, the APT has employed a new backdoor in a recent wave of attacks. Cisco Talos researchers reported that the Russia-linked Turla APT group recently used a new backdoor, dubbed TinyTurla, in a series of attacks against the US, Germany, and Afghanistan. Pierluigi Paganini.

Military 90

Military Government Encryption Access 90

Security Affairs

DECEMBER 7, 2019

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon group.

Military 61

Military Government Phishing Archiving 61

Security Affairs

MAY 31, 2022

SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020. ” states Kaspersky.

Encryption 99

Encryption Military Phishing Communications 99

Security Affairs

FEBRUARY 28, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 355 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security 52

Security Ransomware Phishing Encryption 52

Security Affairs

MARCH 13, 2023

In February 2023, EclecticIQ researchers spotted multiple KamiKakaBot malware samples that were employed by the Dark Pink APT group (aka Saaiwc) in attacks against government entities in Southeast Asia countries. “The ISO file also contains a decoy Word document that has an XOR-encrypted section. ” concludes the report.

Phishing 86

Phishing Encryption Military Government 86

Security Affairs

APRIL 19, 2023

UK and US agencies are warning of Russia-linked APT28 group exploiting vulnerabilities in Cisco networking equipment. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Military 93

Military Access Cybersecurity Education 93

Security Affairs

APRIL 23, 2022

The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. The post Phishing attacks using the topic “Azovstal” targets entities in Ukraine appeared first on Security Affairs. To nominate, please visit:?

Phishing 95

Phishing Military Ransomware Encryption 95

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security 132

Security Data breaches Ransomware Military 132

Security Affairs

AUGUST 9, 2022

In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. The attackers breached dozens of enterprises and in some cases compromised their IT infrastructure, taking over systems used to manage security solutions.

Encryption 106

Encryption Military Archiving Phishing 106

eSecurity Planet

MAY 2, 2022

Cybersecurity researchers last week revealed that a new ransomware gang called Onyx is simply destroying larger files rather than encrypting them. The Onyx ransomware group doesn’t bother with encryption. Besides, if the motive is money, as you would expect from a ransomware group, then the approach seems questionable.

Ransomware 116

Ransomware Encryption Military Cybersecurity 116

Security Affairs

JULY 1, 2020

Xerox Corporation is the last victim of the Maze ransomware operators, hackers have encrypted its files and threaten of releasing them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. “The Cyble Research Team has identified and analyzed the proof.

Ransomware 105

Ransomware Encryption Military IT 105

Security Affairs

MARCH 17, 2021

Back in December, the SolarWinds supply chain attack made the headlines when a Russian cyber espionage group tampered with updates for SolarWinds’ Orion Network Management products that the IT company provides to government agencies, military, and intelligence offices. ” reads the incident report published by mimecast.

Encryption 105

Encryption Military Access Archiving 105

Security Affairs

SEPTEMBER 23, 2020

Russia-linked cyberespionage group APT28 uses fake NATO training documents as bait in attacks aimed at government bodies. The Russia-linked cyberespionage group APT28 is behind a string of attacks that targeting government bodies with Zebrocy Delphi malware. The Zebrocy payload (present in “Course 5 – 16 October 2020.exe”)

Military 109

Military Government Encryption Communications 109

Security Affairs

NOVEMBER 9, 2019

Kaspersky researchers have found a new advanced backdoor used by the Platinum advanced persistent threat (APT) group in attacks in the wild. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast. This C2 encrypts data with the same key as the C&C requests.

IT 51

IT Archiving Encryption Passwords 51

Security Affairs

MAY 17, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 264 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security 53

Security Mining Ransomware Military 53

Security Affairs

JUNE 14, 2020

MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to leak it in case the victim will not pay the ransom. The post Maze ransomware gang hacked M&A firm Threadstone Advisors LLP appeared first on Security Affairs. Cohen, Pittsburgh Brewing Co., Pierluigi Paganini.

Ransomware 108

Ransomware Military Encryption IT 108

Security Affairs

JUNE 23, 2022

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. The final payload encoded in the image is TClient, which is a backdoor that was used by the Tropic Trooper APT group in past campaigns. The collected information is formatted and sent to the C&C server.

Military 108

Military Encryption Passwords IT 108

Security Affairs

MAY 18, 2022

I once again appeal to the residents of Costa Rica go out on the street and demand payment Another attempt to get in touch through other services will be punished by deleting the key” The gang claims to have insiders in the government and revealed that the attack was carried out by an affiliate group tracked as UNC1756. GB of data.

Ransomware 111

Ransomware Government Military Encryption 111

Security Affairs

AUGUST 4, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. Maze ransomware operators have also breached the systems of the Xerox Corporation and stolen files before encrypting them.

Ransomware 118

Ransomware Encryption Military Data breaches 118

Thales Cloud Protection & Licensing

APRIL 27, 2022

Each present a unique set of challenges and require equally powerful next-generation cyber security. A conventional computer would need 300 trillion years to break RSA encryption – considered the gold standard for Public Key Encryption (PKE). But another, far more damaging, attack vector is looming – quantum attack.

Encryption 71

Encryption Cybersecurity Government Communications 71

Security Affairs

JUNE 6, 2019

The Platinum cyber espionage group uses steganographic technique to hide communications with the Command and Control Servers (C&C). Experts from Kaspersky have linked the Platinum APT group with cyber attacks involving an elaborate, and new steganographic technique used to hide communications with C2 servers.

Communications 73

Communications Encryption Military Government 73

IT Governance

APRIL 2, 2020

Australia’s Defence Force Recruiting systems were taken offline after security breach (unknown). South African utility provider Eskom is still feeling effects of a cyber security incident (unknown). Wichita State University notifies students and staff of a security incident (1,762). Ransomware. Data breaches.

Data breaches 143

Data breaches Ransomware Energy and Utilities Phishing 143

Security Affairs

NOVEMBER 11, 2020

European Parliament votes to tighten up rules for the sale and export of surveillance and encryption technology. The term “ dual-use ” refers to technology that can be used for both peaceful and military aims. The current update was urged by technological developments and growing security risks. Pierluigi Paganini.

Sales 102

Sales Military Government Encryption 102

Security Affairs

AUGUST 14, 2020

The memo also reveals that the company has hired an external security firm to investigate the incident. Maze ransomware operators have also breached the systems of the Xerox Corporation and stolen files before encrypting them. The post Maze ransomware gang leaked Canon USA’s stolen files appeared first on Security Affairs.

Ransomware 133

Ransomware Archiving Military Encryption 133

Security Affairs

JUNE 17, 2020

system-on-chip maker MaxLinear disclosed a security incident, Maze ransomware operators infected some of its computing systems in May. “On May 24, 2020, we discovered a security incident affecting some of our systems. The post Maze Ransomware gang breached the US chipmaker MaxLinear appeared first on Security Affairs.

Ransomware 96

Ransomware Data breaches Military Cybersecurity 96

IT Governance

NOVEMBER 1, 2022

We identified 102 security incidents throughout the month, which is the second largest figure so far this year – trailing only August (112). Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. Cyber attacks.

Data breaches 111

Data breaches Ransomware Insurance Phishing 111

Security Affairs

AUGUST 7, 2020

The memo also reveals that the company has hired an external security firm to investigate the incident. Maze ransomware operators have also breached the systems of the Xerox Corporation and stolen files before encrypting them. appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, Maze ransomware).

Ransomware 97

Ransomware Military Encryption Cloud 97

Security Affairs

JUNE 19, 2019

According to security researchers at Trend Micro, a cyberespionage campaign is targeting Android users in Middle Eastern countries. Security researchers at Trend Micro have spotted a cyberespionage campaign, dubbed ‘Bouncing Golf, that is targeting Android users in Middle Eastern countries. Pierluigi Paganini.

Encryption 84

Encryption Military Communications Security 84

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . ” The spam messages contain URLs to.ZIP files that serve VBS content designed to download the payload from one of six hardcoded encrypted URLs. . .

Passwords 108

Passwords Military Manufacturing Encryption 108

Security Affairs

MAY 26, 2020

Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ , which is a malware that was employed in past campaigns attributed to the Turla APT group. Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. Pierluigi Paganini.

Military 100

Military Communications Encryption Authentication 100