Security Affairs

MARCH 31, 2023

Russian hacking group Winter Vivern has been actively exploiting Zimbra flaws to steal the emails of NATO and diplomats. The threat actors created bespoke JavaScript payloads designed for each government targets’ webmail portal. TA473’s cyber operations align with the support of Russian and/or Belarussian geopolitical goals.

Military 89

Military Phishing Passwords Government 89

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. ” reads the analysis published by Google TAG.

Phishing 83

Phishing Passwords Military Education 83

eSecurity Planet

NOVEMBER 7, 2022

Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. You also need platforms where you can share your knowledge and collaborate with other teams, which sometimes leads to catching APT groups. Defense in Depth.

Security awareness 117

Security awareness Phishing Passwords Risk 117

Krebs on Security

JUNE 29, 2023

Experts say Kislitsin’s prosecution could soon put the Kazakhstan government in a sticky diplomatic position, as the Kremlin is already signaling that it intends to block his extradition to the United States. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. prison system.

Cybersecurity 242

Cybersecurity Passwords Government Security 242

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government 128

Government Passwords Access Cloud 128

Security Affairs

APRIL 17, 2023

China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization. Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control ( GC2 ) in an attack against an unnamed Taiwanese media organization.

Phishing 95

Phishing Cloud Government Education 95

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

Security 131

Security Passwords Cybersecurity Government 131

Security Affairs

MAY 2, 2024

The threat actors were observed using methods such as exploiting virtual network computing (VNC) remote access software and default passwords. The government agencies urge OT operators in critical infrastructure sectors to implement a set of mitigations provided in the advisory. ” concludes the advisory.

Agriculture 86

Agriculture Passwords Authentication Government 86

Security Affairs

NOVEMBER 15, 2022

Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. The experts attributed the attacks to a new subgroup of the China-linked APT41 group, tracked as Earth Longzhi. The malware was embedded in a password-protected archive attached to the messages.

Archiving 92

Archiving Passwords Metadata Insurance 92

Security Affairs

NOVEMBER 5, 2021

Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. 5 members of the group have been notified of suspicion of treason.” “The ARMAGEDON hacker group is an FSB special project, which specifically targeted Ukraine.

Military 123

Military Metadata Government Passwords 123

Security Affairs

JULY 11, 2019

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. According to experts at ESET, the Windows zero-day flaw CVE-2019-1132 was exploited by the Buhtrap threat actor in a targeted attack aimed at a government organization in Eastern Europe.

Government 84

Government Passwords IT Security 84

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware 101

Ransomware Encryption Government Retail 101

Security Affairs

APRIL 26, 2024

Kaiser Permanente is an American integrated managed care consortium, it is made up of three distinct but interdependent groups of entities: the Kaiser Foundation Health Plan, Inc. KFHP) and its regional operating subsidiaries; Kaiser Foundation Hospitals; and the regional Permanente Medical Groups. million residents.

Data breaches 116

Data breaches Passwords Government Access 116

Krebs on Security

JUNE 15, 2021

Just how did a self-employed web site designer and mother of two come to work for one of the world’s most rapacious cybercriminal groups and then leave such an obvious trail of clues indicating her involvement with the gang? “Several group members had AllaWitte folders with data. .

Ransomware 304

Ransomware Passwords Government Access 304

Security Affairs

JANUARY 7, 2024

Sea Turtle cyber espionage group targeted telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. The Sea Turtle APT group focuses primarily on targeting organizations in Europe and the Middle East. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

IT 114

IT Passwords Government Archiving 114

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. this week acknowledged that a China-backed hacking group was able to steal one of the keys to its email kingdom that granted near-unfettered access to U.S. government inboxes.

Passwords 277

Passwords Authentication Sales Data breaches 277

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. The Energetic Bear APT group (aka DragonFly , Crouching Yeti , TEMP.Isotope, Berserk Bear, TeamSpy , Havex , Koala). ” reads the advisory. ” reads the advisory.

Government 116

Government Passwords Access Cybersecurity 116

Krebs on Security

MAY 12, 2022

KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets.

Authentication 268

Authentication Passwords Government Access 268

Security Affairs

NOVEMBER 13, 2020

At least the three nation-state actors have targeted seven COVID-19 vaccine makers, they are Strontium, Lazarus Group, and Cerium, Microsoft warns. Microsoft revealed that at least three APT groups have targeted seven companies involved in COVID-19 vaccines research and treatments. ” reads the post published by Microsoft.

Healthcare 111

Healthcare Phishing Government Passwords 111

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. 11-12, 2022.

Blockchain 229

Blockchain Ransomware Retail Analytics 229

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. government has used court orders to remotely disinfect systems compromised with malware. . Emerging in 2007 as a banking trojan, QakBot (a.k.a.

Ransomware 245

Ransomware Government Military Access 245

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Authentication 119

Authentication Retail Passwords Ransomware 119

eSecurity Planet

APRIL 14, 2022

Critical infrastructure , industrial control (ICS) and supervisory control and data acquisition (SCADA) systems are under increasing threat of cyber attacks, according to a number of recent warnings from government agencies and private security researchers. Strong password policies and management. and European facilities. using EDR ).

Authentication 132

Authentication Security awareness Cybersecurity Passwords 132

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. SALOMON As an affiliate of Spamdot, Salomon used the email address ad1@safe-mail.net , and the password 19871987gr.

Computer and Electronics 203

Computer and Electronics Passwords Sales Government 203

IT Governance

JANUARY 24, 2024

Leon Teale is a senior penetration tester at IT Governance with more than ten years’ experience performing penetration tests for clients in various industries all over the world. In my research work for IT Governance, I’ve noticed a pattern where the same names repeatedly crop up. What else can organisations do to protect themselves?

Passwords 139

Passwords Data breaches Encryption Risk 139

Security Affairs

APRIL 28, 2021

The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region. . The Naikon APT group mainly focuses on high-profile orgs, including government entities and military orgs.

Military 99

Military Passwords Government Security 99

Security Affairs

JANUARY 30, 2020

Iran-linked APT34 group has targeted a U. based research company that provides services to businesses and government organizations. Security experts from Intezer observed targeted attacks on a US-based research company that provides services to businesses and government organizations. ” continues the analysis. .

Passwords 70

Passwords Communications Government Phishing 70

Krebs on Security

MARCH 5, 2021

The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems. ” Reached for comment, Microsoft said it is working closely with the U.S.

Cleanup 364

Cleanup Cybersecurity Government Cloud 364

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. Wicked Rose and the NCPH hacking group are implicated in multiple Office based attacks over a two year period,” the iDefense report stated. Image: FBI. Security analysts and U.S.

Government 354

Government Mining Big data Phishing 354

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with ransomware groups.

Ransomware 117

Ransomware Manufacturing Education Passwords 117

Security Affairs

MARCH 13, 2024

The prestigious US university was the victim of a ransomware attack carried out by the Akira ransomware group. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.

Ransomware 111

Ransomware Data breaches Passwords Access 111

Security Affairs

FEBRUARY 21, 2024

China-linked APT group Mustang Panda targeted various Asian countries with a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. Trend Micro researchers uncovered a cyberespionage campaign, carried out by China-linked APT group Mustang Panda , targeting Asian countries, including Taiwan, Vietnam, and Malaysia.

Phishing 116

Phishing Government Archiving Passwords 116

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert. Pierluigi Paganini.

Ransomware 87

Ransomware Passwords Financial Services Manufacturing 87

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. Unsought invoice.

Ransomware 103

Ransomware Phishing Encryption Authentication 103

Security Affairs

OCTOBER 6, 2019

Microsoft says that the Iran-linked cyber-espionage group tracked as Phosphorus (aka APT35 , Charming Kitten , Newscaster , and Ajax Security Team) a 2020 presidential campaign. Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. .

Passwords 75

Passwords Government Access Authentication 75

IT Governance

FEBRUARY 21, 2019

Hello, and welcome to the IT Governance podcast for Thursday, 21 February 2019. The researchers explain that: “All password managers [they] examined sufficiently secured user secrets while in a ‘not running’ state. Each password manager also attempted to scrub secrets from memory. Here are this week’s stories.

Passwords 76

Passwords Data breaches Retail Government 76

Security Affairs

MARCH 5, 2019

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. The cyber-espionage group tracked as APT40 (aka TEMP. Periscope , TEMP. ” continues the analysis. Pierluigi Paganini.

Phishing 83

Phishing Passwords Manufacturing Government 83