Russian APT groups target European governments ahead of May Elections

Security Affairs

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. According to experts from FireEye, Russia-linked APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) and Sandworm Team (also TeleBots ) cyberespionage groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections.

Members of Chinese Espionage Group Develop a 'Side Business'

Data Breach Today

Groups 161

Despite Doxing, OilRig APT Group Remains a Threat

Data Breach Today

Researchers Describe What They've Learned From Data Dump Despite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to governments and businesses, researchers at Palo Alto Network's Unit 42 report

Groups 245

Creating data governance committees, forums and working groups

Information Management Resources

You may have a data governance forum, data steering group, or something similar. Data governance Data management Data strategyWhatever you call it is not important, it’s who sits on it and what it does that is.

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Security Affairs

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Since August of 2015, the Buhtrap group has conducted 13 successful attacks against financial institutions stealing more than ?1.

Groups 101

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media.

Emissary Panda APT group hit Government Organizations in the Middle East

Security Affairs

Chinese Cyber-Spies Target Government Organizations in Middle East. Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East.

OilRig APT group: the evolution of attack techniques over time

Security Affairs

Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. I would define this group of references as reports. Those reports have been divided into 4 timing groups in order to simplify the evaluation process.

Chinese Spy Group Mixes Up Its Malware Arsenal with Brand-New Loaders

Threatpost

Government Malware APT10 China espionage loader new malware variants PlugX quasar rat spy groupNew campaigns also show modified versions of known payloads.

Are You Ever Finished With Information Governance?

Weissman's World

We at Holly Group spend our days working with clients to help them improve their Current State of information and move them towards their desired Future State. The post Are You Ever Finished With Information Governance? appeared first on Holly Group.

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Groups 101

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

Security Affairs

Group-IB, an international company that specializes in preventing cyberattacks , has detected more than 40 000 compromised user credentials of online government services in 30 countries around the world. CERT-GIB (Group-IB’s Computer Emergency Response Team) upon identification of this information promptly warned CERTs of the affected countries about the threat so that risks could be mitigated. About the author: Group-IB.

Why Information Architecture is VITAL to Information Governance

Weissman's World

Our very own Kevin Parker has written another stellar piece on the importance of information architecture to information governance. The post Why Information Architecture is VITAL to Information Governance appeared first on Holly Group.

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum.

Groups 104

Machete cyber-espionage group targets Latin America military

Security Affairs

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military.

EU Mass Surveillance Alive and Well, Privacy Groups Warn

Data Breach Today

Groups 161

Hunting the ICEFOG APT group after years of silence

Security Affairs

A security researcher found new evidence of activities conducted by the ICEFOG APT group, also tracked by the experts as Fucobha. The cyber mercenaries were recruited by governments and private companies, it was composed of highly skilled hackers able to conduct sophisticated attacks.

Groups 110

Reimagining Information Governance with Blockchain

Weissman's World

The post Reimagining Information Governance with Blockchain appeared first on Holly Group. Blockchain information governance

Buckeye APT group used Equation Group tools prior to ShadowBrokers leak

Security Affairs

China-linked APT group tracked as APT3 was using a tool attributed to the NSA-linked Equation Group more than one year prior to Shadow Brokers leak. The APT3 cyberespionage group had been active since at least 2009 and its last operation was uncovered in mid-2017.

5 Steps to Information Governance Success

Weissman's World

To hear some people tell it, the future of information governance is a complex, frightening place to ponder. The post 5 Steps to Information Governance Success appeared first on Holly Group. governance infogov information governance information management

Recent Andariel Group ActiveX Attacks Point to Future Targets

Threatpost

Changes in the group's script may indicate that the hackers may start using attack vectors other than ActiveX. Government Hacks ActiveX ActiveX vulnerability andariel group apt Code Injection Lazarus Group North Korea South Korea zero day

Is Your Information Governance Mostly Sound and Fury?

Weissman's World

” Shakespeare penned these words as a metaphor for life (Macbeth, Act V, Scene V), but they relate equally well to information governance in that organizations often spend more time arguing over the particulars than actually doing much about them. appeared first on Holly Group.

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Security Affairs

The popular US whistleblower Edward Snowden has reported the abuse of surveillance made by many governments, he blamed the Israeli company NSO Group for developing and selling surveillance software to Saudi Arabia. Speaking during a conference in Tel Aviv on Wednesday, Snowden explained that the spy software developed by NSO Group enabled the murder of dissident journalist Jamal Khashoggi, at a conference in Tel Aviv on Wednesday. Security Affairs – NSO Group, Khashoggi).

LUCKY ELEPHANT campaign targets South Asian governments

Security Affairs

The NETSCOUT Threat Intelligence team uncovered a credential harvesting campaign tracked as LUCKY ELEPHANT targeting mostly South Asian governments. According to the ASERT, the LUCKY ELEPHANT campaign was carried out by an Indian APT group. .

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. The cyber-espionage group tracked as APT40 (aka TEMP.

TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

Threatpost

Critical Infrastructure Government Malware apt critical infrastructure dragos ICS Industrial Control Systems new attacks physical destruction russia targets Trisis Triton us electric companies xenotime

Open Government Today: “The Harder I Work, The Behinder I Get”

Weissman's World

This 3-Minute Drill troubleshoots a typical municipality’s information challenges as it strives to meet its Open Government commitment. The post Open Government Today: “The Harder I Work, The Behinder I Get” appeared first on Holly Group. governance information governance Open Government

'Highly Active' Seedworm Group Hits IT Services, Governments

Dark Reading

Since September, the cyber espionage actors have targeted more than 130 victims in 30 organizations including NGOs, oil and gas, and telecom businesses

U.S. Government Goes After North Korea’s Joanap Botnet

Threatpost

Government Malware botnet Hidden Cobra joanap botnet Lazarus Group Microsoft Windows North Korea park jin hyokThe Department of Justice is looking to dismantle the Joanap botnet, which has been built and controlled by North Korea-linked hackers since 2009.

Yana Peel, chief executive of London’s Galleries, resigned after discovery of her links with NSO group

Security Affairs

The head of London’s Serpentine Galleries resigned on Tuesday following a Guardian report about her links to the Israeli surveillance firm NSO Group. On Tuesday, the chief executive of London’s Serpentine Galleries, Yana Peel, resigned following the revelation of the Guardian newspaper about her links to the Israeli surveillance firm NSO Group. SecurityAffairs – NSO group, Surveillence).

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security Affairs

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. According to the experts, the campaign is carried out, with “moderate confidence,” by APT groups linked to the Iranian Government.

Leafminer cyber espionage group targets Middle East

Security Affairs

Hackers belonging an Iran-linked APT group tracked as ‘Leafminer’ have targeted government and various organizations in the Middle East. An Iran-linked APT group tracked as ‘Leafminer’ has targeted government and businesses in the Middle.

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape.

5 Reasons Why Information Governance and Cybersecurity Go Hand in Hand

InfoGoTo

Those who know and manage the data working closely with those who strive to protect it – information governance and IT functioning in tandem. If IG and cybersecurity work in silos both groups can easily adjust to a myopic perspective. It’s a logical partnership.

Top-Tier Russian Hacking group Fxmsp claims hack of major AntiVirus Companies

Security Affairs

A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. The group is offering the accesses to the single companies for $250,000 and is asking $150,000 for the source code of the software.

Groups 110

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Security Affairs

Russia-Linked cyberespionage group Turla uses a new toolset and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. In June, ESET researchers observed the Russia-linked cyberespionage group using weaponizing PowerShell scripts in attacks against EU diplomats.

MuddyWater APT group updated its multi-stage PowerShell backdoor Powerstats

Security Affairs

The MuddyWater cyber espionage group has used an updated multi-stage PowerShell backdoor in recent cyber attacks. The group evolved over the years by adding new attack techniques to its arsenal.

Turla APT group adds Topinambour Trojan to its arsenal

Security Affairs

Kaspersky researchers revealed that since earlier this year, Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks. Security experts at Kaspersky revealed that the Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks since early 2019. In the past months, security experts reported the APT group has been updating its arsenal.

Governance is Always Never Having to Say You’re Sorry

Weissman's World

There’s a disturbing trend in the information governance profession that needs to stop now, namely the tendency to apologize for the work we’re doing. The post Governance is <del>Always</del> Never Having to Say You’re Sorry appeared first on Holly Group. governance Information Management change management information governance information management

CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups

Security Affairs

One of the zero-day flaws ( CVE-2019-0797 ) patched this week by Microsoft has been exploited in targeted attacks by several threats groups, including FruityArmor and SandCat APT groups.

Groups 104