Events, Groups and Security - Information Management Today

Ransomware Group Turns to Facebook Ads

Krebs on Security

NOVEMBER 10, 2020

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. The ad was designed to turn the screws to the Italian beverage vendor Campari Group , which acknowledged on Nov. Of course, it didn’t cost the ransomware group anything. EST today (Nov.

Ransomware

Ransomware IT Security

Bank Groups Object to Proposed Breach Notification Regulation

Data Breach Today

APRIL 15, 2021

ABA, Others Call Requirements Too Burdensome The American Bankers Association and three other banking groups have voiced objections to provisions in a proposed federal cyber incident notification regulation.

Security

Microsoft: Iranian Hackers Targeted Security Experts

Data Breach Today

OCTOBER 29, 2020

Spear-Phishing Campaign Aimed at Potential Attendees at 2 Upcoming Events A hacking group linked to Iran's government targeted over 100 security and policy experts who are potentially attending two upcoming security conferences with phishing emails designed to steal credentials and gather intelligence, according to Microsoft.

Security

Security Phishing Government

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

World Economic Forum: Organisations Must Invest in Security as ‘Catastrophic Cyber Event’ Looms

IT Governance

APRIL 27, 2023

It’s an issue among many industries, but it’s particularly acute in the cyber security sector – where the growing use of technology has propelled a demand for expertise that far outstrips the number of people entering or advancing their position in the field. But there are options available to organisations beyond hiring a new employee.

Security

Security Digital transformation Data breaches GDPR

Hackers Are Now Exploiting Windows Event Logs

eSecurity Planet

MAY 10, 2022

Hackers have found a way to infect Windows Event Logs with fileless malware , security researchers have found. During a “very targeted” campaign, hackers used Windows Event Logs to inject shellcode payloads and operate stealthily. If it does not find one, the encrypted shell code is written in 8KB chunks in the event logs.

Encryption

Encryption Libraries Communications Security

SolarWinds Security Event Manager – SIEM Product Overview and Insight

eSecurity Planet

FEBRUARY 6, 2023

SolarWinds lacks the full security suite presence of some competitors, but is well-integrated across a variety of bonus IT operation capabilities such as threat intelligence platform capabilities, privileged access management, USB security, and botnet detection. SolarWinds Security Event Manager (SEM) 2022.4

Security

Security Analytics Authentication Metadata

China-linked APT groups targets orgs via Pulse Secure VPN devices

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks.

Security

Security Passwords Cybersecurity Government

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security

Security Phishing Information Security Communications

RSA Conference 2020: ISMG Spotlights Security Leaders

Data Breach Today

FEBRUARY 14, 2020

Over 200 Video Interviews With Experts Planned Information Security Media Group, a premier media partner at the annual RSA Conference, will conduct over 200 video interviews at this year's event with cybersecurity thought leaders, executives, CISOs and sponsors.

Security

Security Information Security Cybersecurity

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. The domain used by the DEX file belongs to the Lemon Group ( js [.]big

Libraries

Libraries Communications Big data Passwords

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 31, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Artificial Intelligence Ransomware Cybersecurity

Okta and Lapsus$: A Post Mortem

Data Breach Today

MAY 10, 2022

A Perfect Storm Turned a Minor Security Event into a Debacle A hacking group called Lapsus$ caused major headaches for identity vendor Okta in March when it dropped incriminating but misleading screenshots of a security breach.

Security

Security IT

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

Okta's Data Breach Debacle After Lapsus$ Attack: Postmortem

Data Breach Today

MAY 11, 2022

Perfect Storm: How a Minor Security Event Became a Customer Relationship Headache A hacking group called Lapsus$ caused major headaches for identity vendor Okta in March when it dropped incriminating but misleading screenshots of a security breach.

Data breaches

Data breaches Security IT

Tennessee Pediatric Hospital Responding to Cyber Incident

Data Breach Today

MARCH 16, 2022

Other Healthcare Entities Reporting Breaches Tied to Their Own Recent Attacks A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events.

Security

Meet The Team Behind Mayhem: Come See Us At These Upcoming May 2023 Events

ForAllSecure

MAY 4, 2023

Upcoming Events We have two upcoming events planned for May 2023: Webinar: How to Uncover and Address Vulnerabilities in Open-Source Libraries GlueCon Read on to learn more about May’s events. While they provide access to pre-built components and tools, they can also introduce security vulnerabilities into your code.

Libraries

Libraries Sales Risk Marketing

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing

Phishing Education Authentication Passwords

Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

Security Affairs

MARCH 21, 2023

Ferrari disclosed a data breach after receiving a ransom demand from an unnamed extortion group that gained access to some of its IT systems. Ferrari disclosed a data breach after it received a ransom demand from an unnamed extortion group that breached its IT systems. The threat actor claims to have stolen certain client details.

Data breaches

Data breaches Manufacturing Cybersecurity Access

New SPIKEDWINE APT group is targeting officials in Europe

Security Affairs

FEBRUARY 29, 2024

The cyberspies used a bait PDF document masqueraded as an invitation letter from the Ambassador of India, inviting diplomats to a wine-tasting event in February 2024. Zscaler researchers warn that a previously unknown threat actor dubbed SPIKEDWINE has been observed targeting European officials.

Archiving

Archiving File names IT Information Security

RomCom RAT attackers target groups supporting NATO membership of Ukraine

Security Affairs

JULY 10, 2023

Threat actors are targeting NATO and groups supporting Ukraine in a spear-phishing campaign distributing the RomCom RAT. The upcoming NATO Summit will be held in Vilnius on July 11-12, during the event, it will be discussed the possible future membership in the alliance of Ukraine. ” concludes the report.

Phishing

Phishing Government IT Security

What Are You Doing for Cyber Security Awareness Month?

IT Governance

OCTOBER 6, 2022

This October is Cyber Security Awareness Month, an event designed to educate people about information security and the steps they can take to stay safe online. Now in its nineteenth year, the campaign provides tools and resources to help people learn more about the cyber security industry and the ways they can get involved.

Security awareness

Security awareness Security Phishing Passwords

ISMG Editors: RSA Conference 2023 Preview

Data Breach Today

APRIL 14, 2023

Special Guests Join Editors to Share RSA Predictions, Themes, Coverage In the latest weekly update, five key cybersecurity influencers join editors at Information Security Media Group to share predictions, themes and trends ahead of RSA Conference 2023, including a preview of speakers and interviews and an overview of ISMG's coverage at the event.

Information Security

Information Security Cybersecurity Security

Group-IB CEO remains in prison – the Russian-led company has been ‘blacklisted’ in Italy

Security Affairs

MAY 2, 2022

The latest executive order from the Italian ACN agency banned Group-IB, a Russian-led cybersecurity firm from working in the government sector. Kislitsin continues to work for Group-IB and is still currently listed on the Russian version of their official WEB-site. based corporations. Government.

Cybersecurity

Cybersecurity Government Paper Information Security

NSO Group Pegasus spyware leverages new zero-click iPhone exploit in recent attacks

Security Affairs

APRIL 19, 2022

Researchers reported that threat actors leveraged a new zero-click iMessage exploit to install NSO Group Pegasus on iPhones belonging to Catalans. The experts at the Citizen Lab, in collaboration with Catalan civil society groups, have identified at least 65 individuals targeted or infected with spyware. and before iOS 13.5.1.”

Government

Government Cybersecurity Security Access

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. national security secrets. national security secrets.

Security

Security Risk Military Government

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

Security Affairs

MAY 31, 2019

vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak. Data leaked by the company could be used by attackers to gather information about hotels’ network and security measures implemented to protect them. SecurityAffairs – Pyramid Hotel Group, data leak ).

Security

Security Cybersecurity Data breaches IT

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. “When the project team clicks the link, they encounter a region access restriction,” SlowMist wrote.

Phishing

Phishing Blockchain Military Passwords

Fake Company Sheds Light on Ransomware Group Tactics

eSecurity Planet

NOVEMBER 4, 2021

Ransomware groups seem to change form daily. In the latest news, the BlackMatter ransomware group announced it was shutting down – and just hours later came news that its victims were being transferred to the rival LockBit site. FIN7 Dupes Security Job Applicants. Also read: Best Ransomware Removal and Recovery Services.

Ransomware

Ransomware Systems administration Cybersecurity Phishing

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner. We are developing intelligent software to help them.”

Security

Security Risk Education Marketing

Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site

Security Affairs

NOVEMBER 23, 2022

The Pro-Russia group of hacktivists Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website. KILLNET , the Pro-Russia #hacking group, claims to have launched a #DDoS attack against the European Parliament's ( @Europarl_EN ) official website.

Communications

Communications IT Security Access

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. The victims were targeted with messages related to the Hirak El-Rif movement and the subsequent repression by the Moroccan security forces. Pierluigi Paganini.

Security

Security IT Access Information Security

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with ransomware groups.

Ransomware

Ransomware Manufacturing Education Passwords

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

“R,” “R$” and “ElSwapo1,” was the ringleader of a SIM-swapping group called the “Powell SIM Swapping Crew.” ” Colorado resident Emily “Em” Hernandez allegedly helped the group gain access to victim devices in service of SIM-swapping attacks between March 2021 and April 2023.

Blockchain

Blockchain Ransomware Retail Analytics

On US Capitol Security — By Someone Who Manages Arena-Rock-Concert Security

Schneier on Security

JANUARY 13, 2021

That’s the same equipment and approximately the same amount of force I was able to use when a group of fans got a little feisty and tried to get backstage at a Vanilla Ice show. […]. Social constructs and basic decency, not lightweight security gates, are what hold everyone except the outliers back in a typical crowd. […].

Security

Security Access IT

The Best of RSA Conference 2020

Data Breach Today

MARCH 25, 2020

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2020 in San Francisco, Information Security Media Group's editorial team conducted more than 130 video interviews with industry thought leaders. Here are the highlights.

Information Security

Information Security Security

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Alex Holden is founder of Hold Security , a Milwaukee-based cybersecurity firm. “ TA505 “), and a newer ransom group known as Venus.

Ransomware

Ransomware Metadata Insurance Encryption

Security Affairs newsletter Round 383

Security Affairs

SEPTEMBER 11, 2022

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 383 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security

Security Ransomware Phishing Authentication

Top Code Debugging and Code Security Tools

eSecurity Planet

AUGUST 26, 2021

In fact, there are more than a few flaws present, as well as the occasional gaping security hole. Code debugging and code security tools exist to find and help developers fix the problems that occur. Some use hard-coded algorithms in error grouping. Others use a machine learning grouping engine to spot error patterns and types.

Security

Security Libraries IT Cloud

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Security Affairs

NOVEMBER 6, 2023

Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “The script creates a ‘Covert Channel’ by exploiting the event descriptions in Google Calendar. “To use GRC, only a Gmail account is required.” ” reads the Google Report.

Communications

Communications Cloud IT Security

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”. In hope to secure the biggest ransom possible, the adversaries were going after large companies.

Ransomware

Ransomware Encryption Marketing Access

Healthcare Security Summit Features Leading CISOs

Data Breach Today

NOVEMBER 15, 2017

Two-Day Event Will Address Ransomware, Medical Device Security, Other Key Issues Information Security Media Group's Healthcare Security Summit in New York on Nov.

Security

Security Ransomware Information Security

The Best of RSA Conference 2019

Data Breach Today

APRIL 5, 2019

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2019 in San Francisco, Information Security Media Group's editorial team conducted more than 100 video interviews with industry thought leaders. Here are the highlights.

Information Security

Information Security Security

Ransomware Group Turns to Facebook Ads

Bank Groups Object to Proposed Breach Notification Regulation

Webinars

Trending Sources

Microsoft: Iranian Hackers Targeted Security Experts

Webinars

World Economic Forum: Organisations Must Invest in Security as ‘Catastrophic Cyber Event’ Looms

Hackers Are Now Exploiting Windows Event Logs

SolarWinds Security Event Manager – SIEM Product Overview and Insight

China-linked APT groups targets orgs via Pulse Secure VPN devices

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

RSA Conference 2020: ISMG Spotlights Security Leaders

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

Okta and Lapsus$: A Post Mortem

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Okta's Data Breach Debacle After Lapsus$ Attack: Postmortem

Tennessee Pediatric Hospital Responding to Cyber Incident

Meet The Team Behind Mayhem: Come See Us At These Upcoming May 2023 Events

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

New SPIKEDWINE APT group is targeting officials in Europe

RomCom RAT attackers target groups supporting NATO membership of Ukraine

What Are You Doing for Cyber Security Awareness Month?

ISMG Editors: RSA Conference 2023 Preview

Group-IB CEO remains in prison – the Russian-led company has been ‘blacklisted’ in Italy

NSO Group Pegasus spyware leverages new zero-click iPhone exploit in recent attacks

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

Calendar Meeting Links Used to Spread Mac Malware

Fake Company Sheds Light on Ransomware Group Tactics

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

FBI and CISA warn of attacks by Rhysida ransomware gang

Arrests in $400M SIM-Swap Tied to Heist at FTX?

On US Capitol Security — By Someone Who Manages Arena-Rock-Concert Security

The Best of RSA Conference 2020

New Ransom Payment Schemes Target Executives, Telemedicine

Security Affairs newsletter Round 383

Top Code Debugging and Code Security Tools

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Healthcare Security Summit Features Leading CISOs

The Best of RSA Conference 2019

Stay Connected