Groups, Information Security and Security - Information Management Today

ISMG Editors: Ransomware Groups Aiming for Smaller Targets

Data Breach Today

AUGUST 5, 2022

Also: BEC Attack Headaches and Inside the Nomad Bridge Hack In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.

Ransomware

Ransomware Information Security Government Security

ISMG Editors: Opening Day Overview of InfoSec Europe 2024

Data Breach Today

JUNE 5, 2024

Panel Discusses Trends in Ransomware, Application Security and Generative AI Information Security Media Group editors are live at InfoSecurity Europe Conference 2024 in London with an overview of opening-day activities and hot topics including the latest ransomware trends, software security, election security and artificial intelligence risks.

Artificial Intelligence

Artificial Intelligence Ransomware Information Security Risk

Gamification Can Make Security Training Fun

Data Breach Today

JULY 24, 2023

Webhelp CISO on Interactive Tools for Cybersecurity Awareness Training In a bid to revolutionize information security training and make it more engaging and memorable for employees, Ivan Milenkovic, group CISO at WebHelp, advises firms to adopt gamification and interactive content in corporate training to make it more accessible and memorable for employees. (..)

Security

Security Information Security Cybersecurity Access

Group Health Cooperative data breach impacted 530,000 individuals

Security Affairs

APRIL 10, 2024

Group Health Cooperative of South Central Wisconsin disclosed a data breach that impacted over 500,000 individuals. The Group Health Cooperative of South Central Wisconsin (GHC-SCW) is a non-profit organization that provides health insurance and medical care services to its members in the Madison metropolitan area of Wisconsin.

Data breaches

Data breaches e-Discovery Ransomware Insurance

Panda Restaurant Group disclosed a data breach

Security Affairs

MAY 1, 2024

Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of associates’ personal information. Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of personal information belonging to its associates. Panda Restaurant Group , Inc.

Data breaches

Data breaches Sales Cybersecurity Security

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. ” GAP #1. 22, 2020, the U.S. 22, 2020, the U.S.

Ransomware

Ransomware Government Security IT

Chinese Hacking Contractor iSoon Leaks Internal Documents

Data Breach Today

FEBRUARY 20, 2024

Company Mainly Hacked for the Ministry of Public Security An apparent leak of internal documents from a Chinese hacking contractor paints a picture of a disaffected, poorly paid workforce that nonetheless penetrated multiple regional governments and possibly NATO.

Information Security

Information Security Government Security

ISMG Editors: Our Pledge to You in a New Era of Journalism

Data Breach Today

MARCH 8, 2024

healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at Information Security Media Group.

Information Security

Information Security Security IT

ISMG Editors: What Did the Sam Altman-OpenAI Saga Teach Us?

Data Breach Today

DECEMBER 1, 2023

Also: ChatGPT Turns 1 Year Old; Police Nab Ransomware Gang Chief in Ukraine In the latest weekly update, four editors at Information Security Media Group discuss Sam Altman and OpenAI's brief leadership nightmare, the state of generative AI one year after the general release of ChatGPT, and how police nabbed a suspected ransomware group ringleader (..)

Ransomware

Ransomware Information Security Security

Cybersecurity Trends to Watch in 2024

Data Breach Today

JANUARY 1, 2024

Expert Panelists Debate Impact of AI, Geopolitics and New Tactics in the Year Ahead In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024.

Cybersecurity

Cybersecurity Ransomware Privacy Information Security

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

IT

IT Government Security Information Security

ISMG Editors’ Panel: Examining Open-Source Software Security

Data Breach Today

JUNE 25, 2021

Also: Updating SOCs, Communicating With the Board In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including open-source software vulnerabilities, and provides insights on updating SOCs and communicating effectively with the board.

Security

Security Communications Information Security

Large Language Models: Moving Past the Early Stage

Data Breach Today

JANUARY 3, 2024

For cybersecurity professionals, these are "exciting times we live in," said Dan Grosu, CTO and CISO at Information Security Media Group. AI, machine learning and large language models are not new, but they are coming to fruition with the mass adoption of generative AI.

Information Security

Information Security Cybersecurity Security

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware

Ransomware Manufacturing Access Security

SiegedSec hacktivist group hacked Idaho National Laboratory (INL)

Security Affairs

NOVEMBER 22, 2023

The Idaho National Laboratory (INL) disclosed a data breach after the SiegedSec hacktivist group leaked stolen human resources data. SiegedSec hacktivists group claimed responsibility for the hack of The Idaho National Laboratory (INL) and leaked stolen human resources data. organizations, especially U.S. municipalities.

Data breaches

Data breaches Security Access IT

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security

Security Phishing Information Security Communications

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The Blackjack group is believed to be affiliated with Ukrainian intelligence services that carried out other attacks against Russian targets, including an internet provider and a military infrastructure.

IoT

IoT Access Communications Military

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

OCTOBER 18, 2023

Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The researchers reported that several cybercrime groups began exploiting the flaw in early 2023, when the bug was still a zero-day. ” reported Google TAG.

Archiving

Archiving Security IT Data breaches

The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital

Security Affairs

NOVEMBER 12, 2023

The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. The group claims to theft of more than 400GB of data, including internal files, patient medical images, and also employee email communications. Ransom demands have been quite high, between $500.000 and $700.000.

Ransomware

Ransomware Encryption Communications IT

NATO is investigating a new cyber attack claimed by the SiegedSec group

Security Affairs

OCTOBER 5, 2023

NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. Additional cyber security measures have been put in place. The group published a series of screenshots showing access to hacked systems as proof of the hack. organizations, especially U.S.

Military

Military Security Access IT

Ransomlooker, a new tool to track and analyze ransomware groups’ activities

Security Affairs

OCTOBER 12, 2023

Ransomlooker monitors ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker , a tool to monitor ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide.

Ransomware

Ransomware Personal data Access Cybersecurity

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The Blackbasta extortion group added the company to the list of victims on its Tor leak site, as the researcher Dominic Alvieri reported.

Ransomware

Ransomware Phishing Access IT

China-linked APT groups targets orgs via Pulse Secure VPN devices

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks.

Security

Security Passwords Cybersecurity Government

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. The chipmaker has 14,000 employees as of 2024.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

Researchers released a free decryptor for the Key Group ransomware

Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom.

Ransomware

Ransomware Encryption Access Security

Dark Angels Team ransomware group hit Johnson Controls

Security Affairs

SEPTEMBER 28, 2023

The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. Today Johnson Controls, an ICS/SCADA vendor, confirmed they were a victim of Dark Angels ransomware group. ” reported Bleeping Computer. .”

Ransomware

Ransomware Insurance Cybersecurity Encryption

APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw

Security Affairs

DECEMBER 25, 2023

In some attacks, the APT group exploited a high-severity WinRAR flaw CVE-2023-38831 to deliver the LONEPAGE malware. In early August, the group UAC-0099 sent an email impersonating the Lviv city court using the ukr.net email service. ” The researchers pointed out that this attack technique can also deceive security-savvy victims.

Archiving

Archiving Phishing Security IT

New RA Group ransomware gang is the latest group using leaked Babuk source code

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware

Ransomware Encryption Healthcare Insurance

Lazarus APT group returned to Tornado Cash to launder stolen funds

Security Affairs

MARCH 16, 2024

North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million. North Korea-linked Lazarus APT group allegedly has reportedly resumed using the mixer platform Tornado Cash to launder $23 million. million from exchange HTX , which took place in November 2023, to the North Korea’s group.

Blockchain

Blockchain Cybersecurity IT Information Security

North Korea-linked APT groups target South Korean defense contractors

Security Affairs

APRIL 23, 2024

The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities to steal defense technology information. North Korea-linked APT groups Lazarus , Andariel , and Kimsuky hacked multiple defense companies in South Korea, reported the National Police Agency.

Passwords

Passwords Authentication Cloud Cybersecurity

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. Asahi Group Holdings, Ltd. Asahi Group Holdings, Ltd. SecurityAffairs – hacking, Asahi Group Holdings ). Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing Ransomware Sales Security

Daixin Team group claimed the hack of North Texas Municipal Water District

Security Affairs

NOVEMBER 28, 2023

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The Daixin Team group added NTMWD to the list of victims on its Tor leak site. The group claims to have stolen a total of 33844 files.

Ransomware

Ransomware Phishing Access Risk

Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos

Security Affairs

JANUARY 17, 2024

Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Naturally, not empty-handed, but with DDoS gifts” read a message published by the hacker group on its Telegram channel. ” reported the AFP agency. . reported NCSC.

Government

Government Access Security IT

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Security Affairs

NOVEMBER 20, 2023

The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. The economically motivated APT group used specially crafted archives in phishing attacks against forum users through online trading forum posts. ” reads the report published by NSFOCUS. ” concludes the report.

Phishing

Phishing Archiving Financial Services Cybersecurity

Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions

Security Affairs

SEPTEMBER 20, 2023

Pro-Russia hacker group NoName is suspected to have launched a cyberattack that caused border checkpoint outages at several Canadian airports. A massive DDoS cyber attack, likely carried out by Pro-Russia hacker group NoName , severely impacted operations at several Canadian airports last week, reported Recorded Future News.

Data breaches

Data breaches Government Security IT

Pro-Russia group KillNet targets US airports

Security Affairs

OCTOBER 10, 2022

The pro-Russia hacktivist group ‘KillNet’ is behind massive DDoS attacks that hit websites of several major airports in the US. The pro-Russia hacktivist group ‘ KillNet ‘ is claiming responsibility for massive distributed denial-of-service (DDoS) attacks against the websites of several major airports in the US.

Access

Access IT Security Information Security

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

Security Affairs

NOVEMBER 14, 2023

Department of Homeland Security in their recently published Intelligence Enterprise Homeland Threat Assessment. With at least a dozen sophisticated groups such as BlackCat/ALPHV , Medusa, and LockBit 3.0, Resecurity uncovered several episodes of attacks against nuclear operators – area of major concern for national security.

Ransomware

Ransomware Government Security Access

SysAid zero-day exploited by Clop ransomware group

Security Affairs

NOVEMBER 10, 2023

Microsoft spotted the exploitation of a SysAid zero-day vulnerability in limited attacks carried out by the Lace Tempest group. — Microsoft Threat Intelligence (@MsftSecIntel) November 9, 2023 SysAid reported that on November 2nd, its security team became aware of a potential vulnerability in its on-premise software.

Ransomware

Ransomware Archiving Access Cybersecurity

Magnet Goblin group used a new Linux variant of NerbianRAT malware

Security Affairs

MARCH 11, 2024

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. The group focuses on internet-facing services, in at least one instance the group exploited the vulnerability CVE-2024-21887 in Ivanti Connect Secure VPN.

Communications

Communications Encryption IT Security

META hit with privacy complaints by EU consumer groups

Security Affairs

MARCH 4, 2024

This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanction the company Meta – which owns Facebook, Instagram and WhatsApp – for allegedly breaching privacy rules.

Privacy

Privacy GDPR Personal data Data collection

Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841

Security Affairs

DECEMBER 27, 2023

Security firm Barracuda addressed a new zero-day, affecting its Email Security Gateway (ESG) appliances, that is actively exploited by the China-linked UNC4841 group. The vulnerability has been actively exploited by the Chinese hacker group UNC4841 Chinese. ” reads the advisory. urges the company.

Libraries

Libraries Access Cybersecurity Security

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw

Security Affairs

OCTOBER 19, 2023

Microsoft warns that North Korea-linked threat actors are actively exploiting a critical security vulnerability, tracked as CVE-2023-42793 (CVSS score: 9.8), in JetBrains TeamCity. Cybersecurity and Infrastructure Security Agency (CISA) added the JetBrains TeamCity to its Known Exploited Vulnerabilities Catalog.

Artificial Intelligence

Artificial Intelligence Authentication Cloud Access

Rhysida ransomware group claims the hack of Prospect Medical

Security Affairs

AUGUST 28, 2023

The Rhysida ransomware group claimed to have hacked Prospect Medical Holdings and sensitive information from the company. Many primary care services were closed on Friday while third-party security experts started investigating the security incident. The group also claims to have stolen 1 TB of documents.

Ransomware

Ransomware Paper Cybersecurity Security

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Security Affairs

JANUARY 29, 2024

Ukraine’s security service (SBU) detained an alleged member of the pro-Russia hacker group “the Cyber Army of Russia.” ” Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia.

Military

Military Communications Government Security

ISMG Editors: Ransomware Groups Aiming for Smaller Targets

ISMG Editors: Opening Day Overview of InfoSec Europe 2024

Trending Sources

Gamification Can Make Security Training Fun

Group Health Cooperative data breach impacted 530,000 individuals

Panda Restaurant Group disclosed a data breach

Conti Ransomware Group Diaries, Part I: Evasion

Chinese Hacking Contractor iSoon Leaks Internal Documents

ISMG Editors: Our Pledge to You in a New Era of Journalism

ISMG Editors: What Did the Sam Altman-OpenAI Saga Teach Us?

Cybersecurity Trends to Watch in 2024

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

ISMG Editors’ Panel: Examining Open-Source Software Security

Large Language Models: Moving Past the Early Stage

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

SiegedSec hacktivist group hacked Idaho National Laboratory (INL)

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital

NATO is investigating a new cyber attack claimed by the SiegedSec group

Ransomlooker, a new tool to track and analyze ransomware groups’ activities

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

China-linked APT groups targets orgs via Pulse Secure VPN devices

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Researchers released a free decryptor for the Key Group ransomware

Dark Angels Team ransomware group hit Johnson Controls

APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw

New RA Group ransomware gang is the latest group using leaked Babuk source code

Lazarus APT group returned to Tornado Cash to launder stolen funds

North Korea-linked APT groups target South Korean defense contractors

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Daixin Team group claimed the hack of North Texas Municipal Water District

Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions

Pro-Russia group KillNet targets US airports

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

SysAid zero-day exploited by Clop ransomware group

Magnet Goblin group used a new Linux variant of NerbianRAT malware

META hit with privacy complaints by EU consumer groups

Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw

Rhysida ransomware group claims the hack of Prospect Medical

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Stay Connected