Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. 22, 2020, the U.S.

Ransomware 275

Ransomware Government Security IT 275

Data Breach Today

NOVEMBER 10, 2023

Also: Key Takeaways From UK AI Summit; Security Insights From India In the latest weekly update, editors at Information Security Media Group discuss the shaping of responsible artificial intelligence governance, major takeaways from the U.K.

Artificial Intelligence 257

Artificial Intelligence Information Security Government Security 257

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. The researchers also tracked at least four ransomware groups exploiting four zero-day vulnerabilities. ” continues the report.

Government 110

Government Ransomware Libraries Access 110

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, NSO GROUP)

IT 122

IT Government Security Information Security 122

Security Affairs

MARCH 19, 2024

Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide. The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities.

Government 81

Government Phishing Access Passwords 81

Security Affairs

JANUARY 17, 2024

Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Naturally, not empty-handed, but with DDoS gifts” read a message published by the hacker group on its Telegram channel. ” reported the AFP agency. reported NCSC.

Government 95

Government Access Security IT 95

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. Data belonging to current and former Government of Canada employees, members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel have been also exposed. Both contractors suffered a security breach in October.

Data breaches 111

Data breaches Government IT Ransomware 111

Security Affairs

FEBRUARY 19, 2024

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia.

Military 111

Military Government Access Risk 111

Security Affairs

SEPTEMBER 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Ransomware 107

Ransomware Government Cybersecurity IT 107

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. Gelsemium is a group focused on cyberespionage that has been active since at least 2014.

Government 103

Government Manufacturing Education Access 103

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Gennadievich Ermakov (aka GustaveDore, aiiis_ermak, blade_runner, JimJones), a Russian national who is a member of the REvil ransomware group.

Government 97

Government Insurance Ransomware Data breaches 97

Security Affairs

APRIL 23, 2024

The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities to steal defense technology information. North Korea-linked APT groups Lazarus , Andariel , and Kimsuky hacked multiple defense companies in South Korea, reported the National Police Agency.

Passwords 81

Passwords Authentication Cloud Cybersecurity 81

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military 104

Military Government Phishing Access 104

Security Affairs

MAY 21, 2020

The Chafer APT group has distributed data stealer malware since at least mid-2014, it was focused on surveillance operations and the tracking of individuals. The APT group targets telecommunication and travel industries in the Middle East to gather intelligence on Iran’s geopolitical interests. Pierluigi Paganini.

Government 115

Government Cybersecurity Paper Phishing 115

Security Affairs

SEPTEMBER 20, 2023

Pro-Russia hacker group NoName is suspected to have launched a cyberattack that caused border checkpoint outages at several Canadian airports. A massive DDoS cyber attack, likely carried out by Pro-Russia hacker group NoName , severely impacted operations at several Canadian airports last week, reported Recorded Future News.

Data breaches 127

Data breaches Government Security IT 127

AIIM

SEPTEMBER 7, 2021

What is Information Governance, and Why is it Important? There are many benefits to constructing an Information Governance program plan. How to Avoid Information Governance Pitfalls. As a result, there has been a shift in the importance organizations place upon effective Information Governance.

Information governance 180

Information governance Government Communications Education 180

Security Affairs

NOVEMBER 2, 2023

Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The security breach is the result of the MOVEit hacking campaign that took place this summer. ” states Bloomberg. ” states Bloomberg.

Access 106

Access Agriculture Ransomware Data breaches 106

Security Affairs

AUGUST 19, 2022

The Pro-Russia hacker group Killnet claimed responsibility for the attacks. e-Estonia refers to a movement by the government of Estonia to facilitate citizen interactions with the state through the use of electronic solutions. “The government had accused Russia of using such monuments to stir up tensions.”

Computer and Electronics 115

Computer and Electronics Digital transformation Government IT 115

Security Affairs

NOVEMBER 5, 2021

Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. 5 members of the group have been notified of suspicion of treason.” “The ARMAGEDON hacker group is an FSB special project, which specifically targeted Ukraine.

Military 121

Military Metadata Government Passwords 121

Security Affairs

NOVEMBER 14, 2023

USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting the energy sector, including nuclear facilities and related research entities. With at least a dozen sophisticated groups such as BlackCat/ALPHV , Medusa, and LockBit 3.0, Resecurity, Inc.

Ransomware 110

Ransomware Government Security Access 110

Security Affairs

MAY 2, 2022

The latest executive order from the Italian ACN agency banned Group-IB, a Russian-led cybersecurity firm from working in the government sector. Kislitsin continues to work for Group-IB and is still currently listed on the Russian version of their official WEB-site. Government. Government. based corporations.

Cybersecurity 96

Cybersecurity Government Paper Information Security 96

Security Affairs

JULY 9, 2023

The French government is going to grant law enforcement the power to spy on suspects through smartphones and other devices. In a statement issued in May, digital rights group La Quadrature du Net expressed serious concerns regarding the provisions, citing potential infringements on fundamental liberties.

Government 88

Government IoT Privacy Security 88

Security Affairs

JANUARY 29, 2024

Ukraine’s security service (SBU) detained an alleged member of the pro-Russia hacker group “the Cyber Army of Russia.” ” Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia.

Military 110

Military Communications Government Security 110

Security Affairs

SEPTEMBER 10, 2022

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. The Bronze President group is targeting political and law enforcement organizations and NGOs in Asia. Attacks part of this campaign were spotted in June and July 2022. Pierluigi Paganini.

Government 101

Government Archiving Metadata Encryption 101

Security Affairs

SEPTEMBER 27, 2023

group claimed the hack of the Japanese giant NTT Docomo. Resecurity , a global cybersecurity company protecting major Fortune 500 companies and government agencies, detailed Ransomed.vc Collectively, their activities range from attacks on various governments to the publication of sensitive data from enterprises.

Ransomware 116

Ransomware Cybersecurity Data breaches GDPR 116

Security Affairs

NOVEMBER 10, 2021

Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. SecurityAffairs – hacking, Taiwan Government).

Government 124

Government Military Information Security Security 124

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware 104

Ransomware IT Access Manufacturing 104

Security Affairs

JULY 19, 2022

The Minister for Foreign Affairs of Belgium revealed that multiple China-linked APT groups targeted the country’s defense and interior ministries. ” reads the Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government. However, the group has been active at least since 2012.

IT 87

IT Government Security Information Security 87

Security Affairs

MARCH 15, 2023

Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. According to its own estimates, Safran Group ’s revenue for 2022 was above €19 billion.

Manufacturing 87

Manufacturing Access Risk IT 87

Security Affairs

JUNE 29, 2023

The former head of network security at Group-IB has been arrested in Kazakhstan based on a request from U.S. Nikita Kislitsin who worked as the head of network security at Group-IB, as well as its Russian-based spinoff company (known as F.A.C.C.T.), law enforcement. law enforcement. He (Kislitsin) was then detained.”

Access 87

Access Cybersecurity Security Government 87

Security Affairs

JULY 27, 2023

Ilya Sachkov, CEO and co-founder of Group-IB was sentenced to 14 years in a high security prison colony according to the Moscow court announcement. As per the announcement from the Moscow court, Ilya Sachkov, the CEO and co-founder of Group-IB, has been sentenced to 14 years in a high-security prison colony.

Cybersecurity 88

Cybersecurity Security Government Information Security 88

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor.

Government 104

Government Authentication Communications Access 104

Security Affairs

MARCH 7, 2021

Russia-linked APT groups leveraged the Lithuanian nation’s technology infrastructure to launch cyber-attacks against targets worldwide. APT29 state-sponsored hackers also exploited Lithuania’s information technology infrastructure to carry out attacks against “foreign entities developing a COVID-19 vaccine.”

Military 127

Military Government Security IT 127

Security Affairs

MARCH 28, 2023

Intezer researchers reported that a South Asian espionage group, tracked as Bitter, is targeting the Chinese nuclear energy industry. Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group. Intezer concludes.

Phishing 82

Phishing Archiving Government IT 82

Security Affairs

MAY 29, 2022

Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. “With different levels of superiority, command lines and tasking. Pierluigi Paganini.

Cybersecurity 140

Cybersecurity Risk Security Government 140

Security Affairs

APRIL 20, 2023

Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Phishing 87

Phishing Military Ransomware Education 87

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Government 114

Government Privacy IT Security 114