2014, Government and Libraries - Information Management Today

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. Pierluigi Paganini. SecurityAffairs – Pysa ransomware, cybercrime).

Ransomware

Ransomware Government Encryption Passwords

Federal Communications Commission has cut off government funding for equipment from Chinese firms

Security Affairs

NOVEMBER 25, 2019

Federal Communications Commission has cut off government funding for equipment from Huawei and ZTE due to security concerns. Federal Communications Commission has cut off government funding for equipment from the Chinese companies Huawei and ZTE due to security concerns. Rural schools, hospitals, and libraries will feel the effects.

Communications

Communications Government Libraries Risk

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The CISA agency is warning of a surge in Emotet attacks targeting multiple state and local governments in the US since August. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. since August.

Government

Government Libraries Cybersecurity Phishing

1.2 million CPR numbers for Danish citizen leaked through tax service

Security Affairs

FEBRUARY 10, 2020

” states the Government Agency. “Google Hosted Libraries have been designed to remove all information that allows identifying users before logging on. In 2014, the company CSC (now DXC) was involved in a similar incident that exposed 900,000 CPR numbers. ” said DXC. Pierluigi Paganini. The post 1.2

Encryption

Encryption Libraries Access Government

Zeus Sphinx continues to be used in Coronavirus-themed attacks

Security Affairs

MAY 12, 2020

The Zeus Sphinx malware was first observed on August 2015, a few days after a new variant of the popular Zeus banking trojan was offered for sale on hacker forums, At the end of March, experts from IBM X-Force uncovered a hacking campaign employing the Zeus Sphinx malware that focused on government relief payment. Pierluigi Paganini.

Libraries

Libraries Sales Government IT

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e.

Ransomware

Ransomware Phishing Government File names

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

The hackers targeting organizations across multiple industries and have also targeted foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. Pierluigi Paganini.

Libraries

Libraries Encryption Communications Manufacturing

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. “HIDDEN COBRA actors most likely deployed ISO 8583 libraries on the targeted switch application servers. ” states the report.

Retail

Retail Libraries Government Phishing

Security Affairs newsletter Round 248

Security Affairs

JANUARY 26, 2020

Malware attack took down 600 computers at Volusia County Public Library. For the second time in a few days, Greek Government websites hit by DDoS attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Data breaches Military IoT

XDSpy APT remained undetected since at least 2011

Security Affairs

OCTOBER 2, 2020

The APT group, recently discovered by ESET, targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine, including militaries and Ministries of Foreign Affairs. The malware samples analyzed by the researchers are slightly obfuscated using string obfuscation and dynamic Windows API library loading.

Military

Military Phishing Passwords Government

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military

Military File names Government Libraries

Security Affairs newsletter Round 222 – News of the week

Security Affairs

JULY 13, 2019

Croatia government agencies targeted with news SilentTrinity malware. Backdoor mechanism found in Ruby strong_password library. Cyberattack shuts down La Porte County government systems. Prototype Pollution flaw discovered in all versions of Lodash Library. Once again thank you! A new NAS Ransomware targets QNAP Devices.

Security

Security Libraries Data breaches Ransomware

APT10 is back with two new loaders and new versions of known payloads

Security Affairs

MAY 27, 2019

The APT10 group has added two new malware loaders to its arsenal and used in attacks aimed at government and private organizations in Southeast Asia. In April 2019, China-linked cyber-espionage group tracked as APT10 has added two new loaders to its arsenal and used it against government and private organizations in Southeast Asia.

Libraries

Libraries Government Phishing Cloud

The Emotet botnet is back and hits 100K recipients per day

Security Affairs

DECEMBER 26, 2020

” The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities. In the middle-August, the malware was employed in fresh COVID19-themed spam campaign.

Ransomware

Ransomware Libraries Cybersecurity Security

ESET analyzes Turla APT’s usage of weaponized PowerShell

Security Affairs

JUNE 2, 2019

Turla group has been active since at least 2007 targeting government organizations and private businesses. “To confound detection, its operators recently started using PowerShell scripts that provide direct, in- memory loading and execution of malware executables and libraries. ” reads the report published by ESET.

Libraries

Libraries Security Cloud Cybersecurity

DHS CISA orders federal agencies to fix Zerologon flaw by Monday

Security Affairs

SEPTEMBER 20, 2020

DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The Department of Homeland Security’s CISA issued an emergency directive to order government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. Pierluigi Paganini.

Authentication

Authentication Passwords Government Libraries

China-linked APT40 group hides behind 13 front companies

Security Affairs

JANUARY 13, 2020

The cyber-espionage group tracked as APT40 (aka TEMP.Periscope , TEMP.Jumper , and Leviathan ), apparently linked to the Chinese government, is focused on targeting countries important to the country’s Belt and Road Initiative (i.e. Hainan Xiandun even appears to operate from the Hainan University Library!” Pierluigi Paganini.

Libraries

Libraries Information Security Military Government

Security Affairs newsletter Round 249

Security Affairs

FEBRUARY 2, 2020

A new piece of Ryuk Stealer targets government, military and finance sectors. CVE-2020-7247 RCE flaw in OpenSMTPD library affects many BSD and Linux distros. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Magento 2.3.4

Security

Security Military Ransomware Libraries

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

Security Affairs

DECEMBER 31, 2020

The malicious emails sent by the NVSC’s infected computers were received by the representatives of the Government of the Republic of Lithuania, ministries, as well as researchers that were contacted by the national center during epidemiological diagnostics. since August.

Passwords

Passwords Archiving Libraries Government

A few binary plating 0-days for Windows

Security Affairs

MARCH 15, 2019

This library tries to load the missing DLL “diagtrack_wininternal.dll” several times per day. The “diagtrack.dll” also tries to run the missing “WindowsPerformanceRecorderControl” and “diagtrack_win.dll” libraries from time to time (but less often than “diagtrack_wininternal.dll”). Exploitation.

Libraries

Libraries Authentication Access IT

CrowdStrike uncovered a new campaign of GOBLIN PANDA APT aimed at Vietnam

Security Affairs

SEPTEMBER 5, 2018

In 2014, experts noticed an intensification in the activity of the group that appeared interested in the dispute over the South China Sea. GOBLIN PANDA was focused on Vietnam, most of the targets were in the defense, energy, and government sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Metadata

Metadata File names Libraries Government

The evolutions of APT28 attacks

Security Affairs

DECEMBER 4, 2019

In other words all the infrastructures, the samples, the command and controls, the domains and IPs, the certificate, the libraries and, general speaking, all the operations that come before the attack phase in term of environments. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Libraries Security Military

Security Affairs newsletter Round 228

Security Affairs

AUGUST 25, 2019

At least 23 Texas local governments targeted by coordinated ransomware attacks. A backdoor mechanism found in tens of Ruby libraries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Once again thank you!

Security

Security Mining Data breaches Libraries

Apple Mail stores parts of encrypted emails in plaintext DB

Security Affairs

NOVEMBER 10, 2019

“This led me to the process called , run by the system level LaunchAgent apple, and the Suggestions folder in the user-level Library folder, which contains multiple files and some potentially important database files ( files).” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Encryption

Encryption Libraries Data collection Privacy

Security Affairs newsletter Round 239

Security Affairs

NOVEMBER 10, 2019

Ransomware attack impacted government services in the territory of Nunavut, Canada. A flaw in the Libarchive library impacts major Linux distros. Two former Twitter employees charged of spying on Users for Saudi Arabian Government. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Ransomware Libraries Archiving

Analyzing the APT34’s Jason project

Security Affairs

JUNE 6, 2019

According to FireEye, APT34 has been active since 2014. Microsoft.Exchange.WebService.dll which includes the real functionalities used by Jason.exe, it’s a Microsoft developed library, PassSamplewhich includes some patterns implementation of possible Passwords (ie.[User@first]@@[user@first]123) Original Leak.

Computer and Electronics

Computer and Electronics Passwords Security Cybersecurity

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Security Affairs

JULY 1, 2019

The hackers targeted organizations across multiple industries and have also hit foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. Pierluigi Paganini.

Manufacturing

Manufacturing Libraries Security Communications

Libraries, critical thinking and the war on truth – what lies ahead in 2024

CILIP

JANUARY 5, 2024

Libraries, critical thinking and the war on truth – what lies ahead in 2024 Nick Poole, Chief Executive, CILIP will leave CILIP at the end of March 2024. This powerful call-to-arms for reading and literacy was issued by Malala Yousafzai in her Nobel aAcceptance sSpeech in December 2014. Let us pick up our books and pens.

Libraries

Libraries Education Government Access

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

government. The experts noticed the use of an IP address that was part of the hacking infrastructure used by APT41 between May 2014 and August 2020. These commands include instructing the malware to upload log files, photos stored on the device, and acquire device location using the Baidu Location library.”

File names

File names Libraries Cybersecurity IT

Documentation Theory for Information Governance

ARMA International

NOVEMBER 15, 2019

iv] Further, “the practices of government [and other public and private institutions] become formal or official to the extent that they are documented.” [v] This article aims to consider what a documentary focus can offer to the practices and understandings of information governance. A Documentary Approach.

Information governance

Information governance Government Libraries Paper

Writing Your First Bootloader for Better Analyses

Security Affairs

SEPTEMBER 3, 2019

We need to tell to the liner that we want a plain binary file without linked libraries or linked symbols, fir such a reason we’re going to use –oformat binar. David Jurgens: Help PC Reference Library AshakiranBhatter : Writing BootLoader. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Computer and Electronics

Computer and Electronics Libraries Cybersecurity Security

Mobile Libraries: Culture on the Go

Unwritten Record

APRIL 14, 2020

National Bookmobile Day is April 22, part of National Library Week (April 19-25). . A library is a place that stores information, a place where people from all walks of life have the opportunity to obtain textual and audiovisual material for education, entertainment, and enlightenment. Libraries, Mobile — Third Army La.

Libraries

Libraries Education Access Agriculture

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

The money is kept by the government and in return, a “non-permanent” profit officially titled as “interest” is given back to the officers at the end of each year. The two dll are legit windows library and are used in support of the malicious behaviour. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Military

Military Communications Encryption IT

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Security Affairs

JULY 7, 2020

Lampion was first documented in December 2019 , and it was distributed in Portugal via phishing emails using templates based on the Portuguese Government Finance & Tax. VBS file leverages the Windows rundll32 library to inject the first DLL into memory (P-14-7.dll), More recently, in May 2020, a new variant of Lampion was observed.

Communications

Communications Cloud Phishing Encryption

Dominic Cummings: Libraries are "desperately needed"

CILIP

JANUARY 27, 2020

Dominic Cummings: Libraries are ?desperately Dominic Cummings: Libraries are ?desperately DURING the 2019 General Election Boris Johnson said he loved libraries and wanted to invest in opening more of them, but added: ?We His special adviser, Dominic Cummings, has no such conditions attached to his support for libraries.

Libraries

Libraries Government Paper Archiving

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Security Affairs

AUGUST 23, 2018

Turla is the name of a Russian cyber espionage APT group (also known as Waterbug, Venomous Bear and KRYPTON) that has been active since at least 2007 targeting government organizations and private businesses. The backdoor is a standalone DLL (dynamic link library) that interacts with Outlook and The Bat! Pierluigi Paganini.

Metadata

Metadata Military Libraries Access

APT34: Glimpse project

Security Affairs

MAY 2, 2019

Context: Since at least 2014, an Iranian threat group tracked by FireEye as APT34 has conducted reconnaissance aligned with the strategic interests of Iran. The group conducts operations primarily in the Middle East, targeting financial, government, energy, chemical, telecommunications and other industries. Source: MISP Project ).

Computer and Electronics

Computer and Electronics Communications Government Security

Access to Research ? a great, free digital resource for public libraries

CILIP

MARCH 6, 2020

a great, free digital resource for public libraries. a great, free digital resource for public libraries. DO your library users have health issues they want to find out more about? The service is only available on terminals in public libraries and cannot be accessed remotely. users on library premises. "At

Libraries

Libraries Access Communications IT

Writing Your First Bootloader for Better Analyses

Security Affairs

SEPTEMBER 3, 2019

We need to tell to the liner that we want a plain binary file without linked libraries or linked symbols, fir such a reason we’re going to use --oformat binar. David Jurgens: Help PC Reference Library AshakiranBhatter : Writing BootLoader. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. as -o boot.o

Computer and Electronics

Computer and Electronics Libraries Security Cybersecurity

A new trojan Lampion targets Portugal

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. To get details about the library inside the 0.zip

Passwords

Passwords e-Discovery IT Cleanup

CILIP response to Dominic Cummings concerns

CILIP

FEBRUARY 21, 2020

We acknowledge the online discussion about our recent Information Professional article concerning a 2014 blog by Dominic Cummings on Government and Departmental libraries. Nothing in the article - including the fact of its publication - endorses Cummings or his views, or the Government's policy on libraries.

Libraries

Libraries Government IT

The Evolution of Aggah: From Roma225 to the RG Campaign

Security Affairs

AUGUST 6, 2019

The attack attribution is still unclear but the large scale of the malicious activities has also been confirmed by Unit42, who reported attack attempt against government verticals too. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IT

IT Libraries Education Security

Nor Is This All

The Texas Record

OCTOBER 7, 2020

In late September, we lost an iconic figure in the library and archives field. In my current role as a government information analyst with the State and Local Records Management Division, I was aware of these inventories and consulted them every once in a while, but Dr. Gracy contextualized and breathed life into them. Dr. David B.

Archiving

Archiving Records Management Libraries Education

CERT France – Pysa ransomware is targeting local governments

Federal Communications Commission has cut off government funding for equipment from Chinese firms

Webinars

Trending Sources

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Webinars

CISA alert warns of Emotet attacks on US govt entities

1.2 million CPR numbers for Danish citizen leaked through tax service

Zeus Sphinx continues to be used in Coronavirus-themed attacks

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs newsletter Round 248

XDSpy APT remained undetected since at least 2011

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs newsletter Round 222 – News of the week

APT10 is back with two new loaders and new versions of known payloads

The Emotet botnet is back and hits 100K recipients per day

ESET analyzes Turla APT’s usage of weaponized PowerShell

DHS CISA orders federal agencies to fix Zerologon flaw by Monday

China-linked APT40 group hides behind 13 front companies

Security Affairs newsletter Round 249

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

A few binary plating 0-days for Windows

CrowdStrike uncovered a new campaign of GOBLIN PANDA APT aimed at Vietnam

The evolutions of APT28 attacks

Security Affairs newsletter Round 228

Apple Mail stores parts of encrypted emails in plaintext DB

Security Affairs newsletter Round 239

Analyzing the APT34’s Jason project

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Libraries, critical thinking and the war on truth – what lies ahead in 2024

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Documentation Theory for Information Governance

Writing Your First Bootloader for Better Analyses

Mobile Libraries: Culture on the Go

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Dominic Cummings: Libraries are "desperately needed"

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

APT34: Glimpse project

Access to Research ? a great, free digital resource for public libraries

Writing Your First Bootloader for Better Analyses

A new trojan Lampion targets Portugal

CILIP response to Dominic Cummings concerns

The Evolution of Aggah: From Roma225 to the RG Campaign

Nor Is This All

Stay Connected