2015 and Government - Information Management Today

New Charges Derail COVID Release for Hacker Who Aided ISIS

Krebs on Security

JANUARY 19, 2021

military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. In December 2015, Ferizi was apprehended in Malaysia and extradited to the United States. military members and government employees. The Pentagon Crew forum founded by Ferizi.

Military

Military Passwords Government Personal data

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. Pierluigi Paganini.

Government

Government Passwords Access Security

Is the Belarusian government behind the surveillance Android app banned by Google?

Security Affairs

SEPTEMBER 3, 2020

Google has removed an app from the Play Store that was used by the Belarusian government to spy on anti-government protesters. Google has removed the app NEXTA LIVE ( com.moonfair.wlkm ) from the official Play Store because it was used by the Belarusian government to spy on anti-government protesters. Pierluigi Paganini.

Government

Government Communications Risk IT

The Australian government wants to respond to attacks on critical infrastructure

Security Affairs

AUGUST 16, 2020

The Australian government aims at giving itself the power to manage the response of private enterprises to cyber attacks on critical infrastructure. The Australian government wants to increase the security of critical infrastructure, for this reason, it plans to manage the response of private enterprises to cyber attacks targeting them.

Government

Government Paper Risk Security

Slovak police found wiretapping devices connected to the Govnet government network

Security Affairs

JUNE 10, 2020

Slovak police seized wiretapping devices connected to Govnet government network and arrested four individuals, including the head of a government agency. GOVNET is a network that interconnects different Slovak government agencies. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Communications Cybersecurity Security

The British government aims at improving its offensive cyber capability

Security Affairs

OCTOBER 13, 2020

Intelligence experts pointed out that the British government already conducted offensive hacking operations, including the one that targeted the ISIS in 2017. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reported The Guardian. “Our Pierluigi Paganini. SecurityAffairs – hacking, UK).

Government

Government Military IT Security

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Security Affairs

APRIL 27, 2020

The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities. ” reads the alert issued by the Israeli government. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Passwords Ransomware

Proposed government Coronavirus contact tracing app leaked data

Security Affairs

APRIL 20, 2020

A contact tracking app for the Coronavirus proposed to the government of the Netherlands is affected by security issues that could expose user data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. “A data breach was found in the corona app Covid19 Alert. Pierluigi Paganini.

Government

Government Blockchain Data breaches Privacy

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. government.

Cloud

Cloud Government Insurance IT

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023.

Government

Government Manufacturing Education Access

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. Pierluigi Paganini. SecurityAffairs – Pysa ransomware, cybercrime).

Ransomware

Ransomware Government Encryption Passwords

Ex Twitter employee found guilty of spying for Saudi Arabian government

Security Affairs

AUGUST 10, 2022

In November 2019, the former Twitter employees Abouammo and the Saudi citizen Ali Alzabarah have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government. The two former Twitter employees operated for the Saudi Arabian government with the intent of unmasking dissidents using the social network.

Government

Government Marketing Access IT

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Authentication Access Risk

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. . ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Passwords Access Cybersecurity

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. Pierluigi Paganini.

Government

Government Security awareness Security Risk

Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office

Krebs on Security

MAY 26, 2020

“ Rechinu ” or “The Shark,” and his ATM company Intacash , were the subject of a three part investigation by KrebsOnSecurity published in September 2015. Tudor, a.k.a. Further reading: Alleged Chief of Romanian ATM Skimming Gang Arrested in Mexico.

Government

Government IT Security

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

FEBRUARY 23, 2020

Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. . “CrimsonRAT has been known to target diplomatic and government organizations in Southeast Asia.” Pierluigi Paganini.

Government

Government File names Passwords Phishing

DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h

Security Affairs

JULY 17, 2020

US DHS CISA urges government agencies to patch SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being exploited. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The bug affects the DNS server component that ships with all Windows Server versions from 2003 to 2019.

Government

Government Security Cybersecurity IT

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

Krebs on Security

OCTOBER 7, 2020

citizen who absconded from justice before being convicted on multiple counts of fraud in 2015. The scam artist John Bernard (left) in a recent Zoom call, and a photo of John Clifton Davies from 2015. that was part of John Davies’ 2015 fraud conviction. After eluding justice in the U.K., John Clifton Davies, a.k.a.

Communications

Communications Military Security Government

RaidForums Gets Raided, Alleged Admin Arrested

Krebs on Security

APRIL 12, 2022

Department of Justice (DOJ) said today it seized the website and user database for RaidForums , an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. Coelho landed on the radar of U.S.

Sales

Sales Data breaches Government Access

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. Separately, law enforcement agencies in the U.S. energy facilities. billion euros in 2020 alone.

Marketing

Marketing Energy and Utilities Ransomware Blockchain

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

JULY 29, 2020

McCoy and fellow NYU researchers found BriansClub earned close to $104 million in gross revenue from 2015 to early 2019, and listed over 19 million unique card numbers for sale. In 2015, the major credit card associations instituted new rules that made it riskier and potentially more expensive for U.S.

Sales

Sales Retail Military Paper

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Experts say Kislitsin’s prosecution could soon put the Kazakhstan government in a sticky diplomatic position, as the Kremlin is already signaling that it intends to block his extradition to the United States. Burkov was arrested in 2015 by Israeli authorities, and the Russian government fought Burkov’s extradition to the U.S.

Cybersecurity

Cybersecurity Passwords Government Security

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch File encryption 2013 – 2015. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Encryption Privacy Security awareness

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada. ” The U.S.

IT

IT Ransomware Mining Government

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. The government says Iza kept R.C.’s

Government

Government Artificial Intelligence Personal data Phishing

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Krebs on Security

MARCH 22, 2024

But on March 21, Shelest released a lengthy statement wherein he admitted to maintaining an ownership stake in Nuwber, a consumer data broker he founded in 2015 — around the same time he launched Onerep. states exempt so-called “public” or “government” records from consumer privacy laws. government.

Healthcare

Healthcare Privacy Data breaches Government

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

The US Census Bureau is the largest US federal government statistical agency responsible dedicated to providing current facts and figures about America’s people, places, and economy. Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year.

Government

Government Data collection Access Communications

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Krebs on Security

APRIL 19, 2019

George Washington University Professor Orin Kerr ‘s 2017 dissection of the government’s charges is worth a read for a deep dive on this sticky legal issue. “Attachment A” beginning on page 15 outlines the government’s case against Hutchins and an alleged co-conspirator. The plea agreement is here (PDF).

Government

Government Manufacturing Communications Ransomware

IRS To Ditch Biometric Requirement for Online Access

Krebs on Security

FEBRUARY 7, 2022

government online. The IRS will also continue to work with its cross-government partners to develop authentication methods that protect taxpayer data and ensure broad access to online tools.” Wyden and others have urged the IRS to use Login.gov, a single sign-on service that Congress required federal agencies to use in 2015.

Access

Access Authentication Insurance Personal data

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Government refers to this team as BeagleBoyz, who represent a subset of HIDDEN COBRA activity.” The BeagleBoyz have attempted to steal nearly $2 billion since at least 2015, according to public estimates.

Government

Government Access Ransomware Cybersecurity

GUEST ESSAY: Pentagon’s security flaws highlighted in GAO audit — and recent data breach

The Last Watchdog

OCTOBER 17, 2018

Government Accountability Office audit last week found that the defense department is playing catch up when it comes to securing weapons systems from cyberattacks. Don’t be surprised if the number of victims climbs higher, as we learned from the 2015 hack of 21.5 military and civilian personnel were compromised. Supply chain gaps.

Data breaches

Data breaches Security Military Government

Russian watchdog fines Twitter, Facebook for not moving user data to local servers

Security Affairs

FEBRUARY 14, 2020

Roskomnadzor is attempting to oblige the IT giants, including Facebook, Twitter, and Google to move data related to Russian citizens to servers in Russia allowing the Government to monitor them., The Russian government could also ban IT companies that will not comply with the same law. .” reported the Associated Press.

Personal data

Personal data Government Security IT

Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

Security Affairs

MARCH 7, 2021

Jauniskis explained that the Russian government is using military and economic means to carry out its operation, including disinformation campaigns. In December 2016, Lithuania blamed Russia for cyber attacks that hit government networks over the previous two years. Follow me on Twitter: @securityaffairs and Facebook.

Military

Military Government Security IT

T-Mobile Investigating Claims of Massive Data Breach

Krebs on Security

AUGUST 16, 2021

In 2015, a computer breach at big three credit bureau Experian exposed the Social Security numbers and other data on 15 million people who applied for financing from T-Mobile. There’s also a database that includes credit card numbers with six digits of the cards obfuscated.”

Data breaches

Data breaches Access Retail Sales

Texas Department of Transportation (TxDOT) hit by a ransomware attack

Security Affairs

MAY 18, 2020

A new ransomware attack hit the Texas government, the malware this time infected systems at the state’s Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. All @txcourts websites are down.

Ransomware

Ransomware Government Access IT

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

which suffered a data breach in 2015 affecting 78.8 Anthem reported revenues of around $80 billion in 2015. According to the HIPAA Journal, the biggest penalty imposed to date for a HIPPA violation was the paltry $16 million fine against the insurer Anthem Inc. million individuals. Image: Darkbeast, ke-la.com.

Insurance

Insurance Ransomware Data breaches Computer and Electronics

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Security Affairs

FEBRUARY 10, 2020

Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. Malaysia’s Computer Emergency Response Team (MyCERT) warns of a cyber espionage campaign carried out by the China-linked APT40 group aimed at Malaysian government officials.

Government

Government Military Phishing Security

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

The Last Watchdog

NOVEMBER 14, 2023

Threat intelligence sharing has come a long way since Valentine’s Day 2015. As cyber threats continue to evolve and scale up, the urgency for companies and government agencies to do much more of this is intensifying. This strengthens the overall Windows ecosystem, Budd noted.

Ransomware

Ransomware Military Security Government

A Serial Tech Investment Scammer Takes Up Coding?

Krebs on Security

APRIL 3, 2023

John Clifton Davies , a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. that was part of John Davies’ 2015 fraud conviction.

Communications

Communications Security Marketing Insurance

New Guidance Posted

National Archives Records Express

OCTOBER 5, 2020

This Bulletin supersedes NARA Bulletin 2015-01. In 2015, NARA issued guidance for scheduling permanent records with retention periods less than 15 years. Using plain language, the FAQ answers questions such as why NARA doesn’t keep all records created by the federal government, what scheduling is, and how appraisal works.

Records Management

Records Management Government

Bank of Seychelles hit by a ransomware attack

Security Affairs

SEPTEMBER 12, 2020

DBS is a joint venture by the Seychelles government and some shareholders including Bank, Caisse Francaise de Cooperation, European Investment Bank, DEG, Standard Chartered Bank, and Barclays Bank. . DBS bought back Barclays’ share and Government purchased the shares of DEG, hence, increasing its shareholding to 60.50%.

Ransomware

Ransomware Communications Government Encryption

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013. The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement.

Military

Military Phishing File names Archiving

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. In 2017, U.S. According to cybersecurity firm Constella Intelligence , the address polkas@bk.ru

Marketing

Marketing Passwords Government Military

New Charges Derail COVID Release for Hacker Who Aided ISIS

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Trending Sources

Is the Belarusian government behind the surveillance Android app banned by Google?

The Australian government wants to respond to attacks on critical infrastructure

Slovak police found wiretapping devices connected to the Govnet government network

The British government aims at improving its offensive cyber capability

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Proposed government Coronavirus contact tracing app leaked data

Is Your Computer Part of ‘The Largest Botnet Ever?’

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

CERT France – Pysa ransomware is targeting local governments

Ex Twitter employee found guilty of spying for Saudi Arabian government

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

RaidForums Gets Raided, Alleged Admin Arrested

Actions Target Russian Govt. Botnet, Hydra Dark Market

Here’s Why Credit Card Fraud is Still a Thing

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Canada Charges Its “Most Prolific Cybercriminal”

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Hackers targeted the US Census Bureau network, DHS report warns

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

IRS To Ditch Biometric Requirement for Online Access

North Korea-linked APT group BeagleBoyz targets banks

GUEST ESSAY: Pentagon’s security flaws highlighted in GAO audit — and recent data breach

Russian watchdog fines Twitter, Facebook for not moving user data to local servers

Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

T-Mobile Investigating Claims of Massive Data Breach

Texas Department of Transportation (TxDOT) hit by a ransomware attack

Change Healthcare Breach Hits 100M Americans

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

A Serial Tech Investment Scammer Takes Up Coding?

New Guidance Posted

Bank of Seychelles hit by a ransomware attack

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

$10M Is Yours If You Can Get This Guy to Leave Russia

Stay Connected