Data Breach Today

FEBRUARY 14, 2023

The Tonto Team Used Spear-Phishing Emails to Target Group-IB Employees Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Malwarebytes says the group has ramped up spying against Russian government agencies.

Phishing 334

Phishing Government IT 334

Data Breach Today

SEPTEMBER 18, 2023

Australian Federal Police, Department of Home Affairs Reportedly Among the Victims An April ransomware attack against one of Australia's largest law firms swept up the data of 65 Australian government agencies, the country's national cybersecurity coordinator said Monday.

Government 289

Government Ransomware Cybersecurity 289

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” reads the advisory published by Google TAG.

Government 116

Government Authentication Phishing IT 116

Data Breach Today

JULY 24, 2021

StrongPity Campaign Targeted Syrian E-Governance Website Hack-for-hire group StrongPity deployed Android malware to target Syria's e-government site visitors as part of its latest cyberespionage campaign, a new report by security firm Trend Micro details.

Government 363

Government Security IT 363

Data Breach Today

APRIL 3, 2021

Three FortiOS Vulnerabilities Being Exploited for the Campaign CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government and private sector companies for cyberespionage.

Government 277

Government 277

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. 9, 2024, U.S. On July 28 and again on Aug.

Passwords 305

Passwords Phishing Access Encryption 305

Data Breach Today

AUGUST 10, 2023

Motives, Operations Closely Linked to China's Ministry of State Security A Chinese state-sponsored spy group called RedHotel has emerged as a dominant espionage agent against government entities of at least 17 countries worldwide.

Government 237

Government Security IT 237

Data Breach Today

MAY 10, 2023

Bitdefender Spots Novel 'DownEx' Malware Targeting Foreign Government Agencies A possibly Russian state hacking group has been deploying a novel backdoor dubbed DownEx against international governmental targets located in Kazakhstan and Afghanistan, reports Bitdefender.

Government 245

Government 245

Data Breach Today

JULY 12, 2023

26 Countries Hit by Espionage Group Storm-0558 Through Microsoft Outlook Flaw Security experts say China-based hackers are "leading their peers in the deployment of zero-days" in the wake of another wide-ranging attack that abused a flaw in Microsoft Outlook and used forged authentication tokens to access email accounts of governments in the United (..)

Government 240

Government Authentication Access Security 240

Security Affairs

MARCH 11, 2024

A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. “Several “intense” cyberattacks targeted multiple French government agencies since Sunday night, as disclosed by the prime minister’s office.” ” reported the French newspaper Le Monde.

Government 129

Government Information Security Access Security 129

Data Breach Today

MAY 18, 2022

Ransomware Group Continues to Demand Ransom Payment From Besieged Government Ransomware group Conti, which has been holding to ransom crypto-locked Costa Rican government systems since April, has claimed on its leak site Conti News that it has "insiders" in the country's government, and that they are working toward the compromise of "other systems." (..)

Government 278

Government IT Ransomware 278

Weissman's World

NOVEMBER 29, 2023

With Information Governance: Great! With Information Governance: Great! appeared first on Holly Group. But I don’t know that I’ve properly distinguished between the “bad” public technologies and the possible “good” of those installed internally –… Read More » Public AI: Bad. Internal AI: Good. Internal AI: Good.

Information governance 156

Information governance Government Privacy 156

Security Affairs

JUNE 6, 2022

(USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”. USA) has identified an increase in activity within hacktivist groups, they’re leveraging current geopolitical tensions between the Ukraine and Russia to perform cyber-attacks. Resecurity, Inc.

Government 139

Government Cybersecurity IoT Security 139

Data Breach Today

AUGUST 24, 2022

and Microsoft Outlook Emails An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an email inbox scrapping tool, proof of the group's dedication to developing and maintaining purpose-built capabilities. Tool Can Steal Gmail, Yahoo!

Government 240

Government IT 240

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Experts attributed the attacks, with low confidence, to a China-linked APT group. “Attribution is difficult, and threat actors are known to use indicators from other groups as false flags.

Government 107

Government Phishing Archiving Cybersecurity 107

Data Breach Today

SEPTEMBER 27, 2022

Indictment 'Did Not Hinder APT41’s Operations,' says HHS HC3 Two federal indictments against APT41, a Chinese state-sponsored hacking group, haven't slowed down its operations, the U.S. government acknowledges in a warning telling the healthcare sector to be vigilant about the threat actor.

Government 241

Government IT 241

Data Breach Today

SEPTEMBER 25, 2023

Backdoor Is Associated With Stealth Falcon APT Group Security researchers discovered a novel backdoor targeting a governmental agency in the Middle East for espionage purposes. Deadglyph is unique because it's made up of different parts written in different programming languages: native x64 binary and a.NET assembly.

Government 289

Government Security IT 289

Data Breach Today

AUGUST 5, 2022

Also: BEC Attack Headaches and Inside the Nomad Bridge Hack In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.

Ransomware 263

Ransomware Information Security Government Security 263

Data Breach Today

MAY 17, 2022

Threat Group Seeking to Gain Access to Other Government Systems Ransomware actor Conti, which has been targeting Costa Rican government entities since April 2022, has claimed on its leak site Conti News that it has "insiders" in the country's government, and they are working toward the compromise of "other systems."

Government 246

Government IT Ransomware Access 246

Data Breach Today

JUNE 8, 2023

Suspected Belarusian Hacking Group Has Targeted Ukraine; Crime Crossover 'Unusual' Hacking group Asylum Ambuscade, which security researchers say aligns with Belarusian government interests, has an "unusual" twist: it appears to be mixing cybercrime - focused on banking and cryptocurrency customers - with cyberespionage, including attacks targeting (..)

Government 147

Government Security IT 147

Data Breach Today

JUNE 26, 2023

Civil rights groups are accusing the government of shielding the country's privacy regulator from criticism.

Privacy 228

Privacy Government IT 228

Data Breach Today

SEPTEMBER 17, 2020

Treasury Department on Thursday imposed sanctions on an Iranian advanced persistent threat group, 45 associated individuals and a front company the Iranian government used for a years-long malware campaign that targeted Iranian dissidents, journalists and others. FBI Releases Advisory on Previously Undisclosed Iranian Malware The U.S.

Government 326

Government 326

Data Breach Today

MARCH 17, 2021

Federal Agencies Working on Incident Response, Other Issues The White House on Wednesday unveiled the formation of a Unified Coordination Group to lead the government's response to attacks exploiting unpatched vulnerabilities in on-premises Microsoft Exchange email servers.

Government 309

Government 309

Data Breach Today

JUNE 9, 2021

South Korean Government Reportedly Targeted Using AppleSeed Backdoor Researchers at Malwarebytes have uncovered the latest tactics, techniques, and procedures used by the North Korean threat group Kimsuky, also known as Thallium, Black Banshee and Velvet Chollima, as it continues to launch espionage attacks.

Government 315

Government IT 315

Data Breach Today

MAY 14, 2020

CISA Warns That Lazarus Group Has Added 3 New Tools A sophisticated hacking group associated with the North Korean government that's been tied to a number of high-profile attacks, including WannaCry, is using three new malware variants, according to the U.S.

Cybersecurity 306

Cybersecurity Government Security 306

Data Breach Today

JUNE 25, 2020

Department of Justice unsealed a superseding indictment against WikiLeaks founder Julian Assange that expands the scope of the government's case against him. Federal prosecutors now allege that Assange conspired with the Anonymous and LulzSec groups to obtain classified information to publish.

Government 351

Government 351

Data Breach Today

JULY 1, 2023

Attackers Updating Malware to Conduct Espionage by Distributing Phishing Links An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links. (..)

Phishing 147

Phishing Government IT 147

Krebs on Security

FEBRUARY 9, 2023

Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. In September 2021, the Kremlin issued treason charges against Ilya Sachkov , formerly head of the cybersecurity firm Group-IB.

Ransomware 185

Ransomware Government Cybersecurity Blockchain 185

Data Breach Today

AUGUST 22, 2022

Complication: Beleaguered Spyware Vendor Remains Blacklisted by US Government Beleaguered spyware vendor NSO Group is attempting to reboot its corporate image by pledging to only sell its wares to NATO member countries, lay off 10% of its workforce and replace its CEO, as it seeks a buyer. faces an uphill battle.

Government 228

Government IT 228

Data Breach Today

JULY 25, 2020

Kaspersky: MATA Framework Used to Spread Ransomware, Steal Databases Lazarus Group, a sophisticated hacking group associated with the North Korean government, is using a new malware framework to spread ransomware and steal databases from victims, according to security firm Kaspersky.

Ransomware 243

Ransomware Government Security 243

Data Breach Today

JUNE 26, 2023

Group Targeting Transportation, Construction, Government Agencies, CrowdStrike Says A Chinese state hacker is using novel tradecraft to gain initial access to victim systems, according to CrowdStrike.

Manufacturing 147

Manufacturing Education Communications Government 147

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. ru, the very same account Truniger used to recruit hackers for the Snatch Ransomware group back in 2018. ru account and posted as him.

Ransomware 206

Ransomware Data breaches Encryption Systems administration 206

Data Breach Today

JULY 14, 2023

Armageddon Campaign Now Capable of Targeting Thousands of Ukrainian Systems at Once Russian hacking group Armageddon has upgraded its skills to simultaneously target several thousand Ukrainian government information systems.

Government 130

Government IT 130

Data Breach Today

MAY 24, 2023

Threat Actor Shares Limited Code Similarity With Turla A suspected cyberespionage group that has been active since 2020 has targeted government and diplomatic entities in the Middle East and South Asia using a malware tool set capable of controlling victims' machines and exfiltrating system data and credentials.

Government 130

Government 130

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. The researchers also tracked at least four ransomware groups exploiting four zero-day vulnerabilities. ” continues the report.

Government 111

Government Ransomware Libraries Access 111

Data Breach Today

FEBRUARY 17, 2020

Researchers Say Groups With Apparent Ties to Iran Exploiting VPN Vulnerabilities Since August, security researchers have warned that attackers are targeting unpatched VPN servers with known vulnerabilities.

Government 235

Government Security 235

Data Breach Today

DECEMBER 8, 2022

Black Friday Attack Affected Intersport Outlets in Northern France The Hive ransomware-as-a-service group says it posted customer data obtained during a November attack against French sports retailer Intersport.

Retail 147

Retail Ransomware Government IT 147