2017 and Government - Information Management Today

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. commercial and government interests.

Military

Military Phishing Government Sales

US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw

Security Affairs

JULY 2, 2019

US Cyber Command posted on Twitter an alert about cyber attacks exploiting the CVE-2017-11774 vulnerability in Outlook. Yesterday I was using Twitter when I noticed the following alert issued by the account managed by the US Cyber Command : USCYBERCOM has discovered active malicious use of CVE-2017-11774 and recommends immediate #patching.

Energy and Utilities

Energy and Utilities Phishing Government Passwords

The British government aims at improving its offensive cyber capability

Security Affairs

OCTOBER 13, 2020

Intelligence experts pointed out that the British government already conducted offensive hacking operations, including the one that targeted the ISIS in 2017. The post The British government aims at improving its offensive cyber capability appeared first on Security Affairs. ” reported The Guardian. . Pierluigi Paganini.

Government

Government Military IT Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Singapore Government will run its third bug bounty program

Security Affairs

JULY 1, 2019

Singapore has announced the third bug bounty program aimed at assessing the security of government systems exposed online. The government of Singapore has announced its third bug bounty program aimed at assessing the level of security implemented for government systems exposed online. ” reads the press release.

Government

Government IT Communications Cybersecurity

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Military Phishing Access

Ransomware infected systems at state government of Louisiana

Security Affairs

NOVEMBER 19, 2019

Another ransomware attack made the headlines, the victim is the state government of Louisiana, numerous services have been impacted. The incident forced the state of government of Louisiana to shut down several numerous web sites of the state as well as email and Internet services. Pierluigi Paganini.

Ransomware

Ransomware Government Cybersecurity Security

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. According to Motherboard, the Android surveillance malware on the Google Play store that was sold to the Italian government by a company that sells surveillance cameras. on November 6, 2017.”

Government

Government Marketing Compliance Communications

China-linked APT Sharp Panda targets government entities in Southeast Asia

Security Affairs

MARCH 8, 2023

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia.

Government

Government Communications Phishing IT

US and UK details a new Python backdoor used by MuddyWater APT group

Security Affairs

FEBRUARY 24, 2022

The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East. The group’s victims are mainly in the telecommunications, government (IT services), and oil sectors. The group evolved over the years by adding new attack techniques to its arsenal.

Government

Government Cybersecurity Security IT

US agencies offer $2M in reward for Ukrainian hackers that breached the SEC

Security Affairs

JULY 22, 2020

In the second half of 2017, the United States Securities and Exchange Commission (SEC) disclosed it was the victim of a cyber-attack in 2016. ” Radchenko and Ieremenko were charged in January 2019 for their participation in a scheme to profit from information stolen from hacked from a government database.

Government

Government Security Access IT

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Security Affairs

AUGUST 4, 2022

Taiwan government websites were temporarily forced offline by cyber attacks during the visit to Taipei of US House Speaker Nancy Pelosi. Major Taiwan government websites were temporarily forced offline by distributed denial of service (DDoS) attacks attacks during the visit to Taipei of US House Speaker Nancy Pelosi.

Government

Government Cloud Cybersecurity Security

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

OCTOBER 7, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to experts from Symantec, the group is now actively conducting cyber espionage campaigns against government and military organizations in Europe and South America. Governments in Europe.

Military

Military Government Phishing Security

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The KONNI RAT was first discovered in May 2017 by researchers from the Cisco Talos team after it was employed in attacks aimed at organizations linked to North Korea. The KONNI malware also employed in at least two campaigns in 2017. Upon enabling the macros, the code will fetch and install the KONNI malware.

Phishing

Phishing Cybersecurity Access Security

Russia-linked APT Turla used a new malware toolset named Crutch

Security Affairs

DECEMBER 2, 2020

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. ” reads the report published by ESET.

Archiving

Archiving Communications Government Access

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

Security Affairs

SEPTEMBER 30, 2018

Estonian sues Gemalto for 152 million euros following the security flaws in the citizen ID cards issued by the company that caused their recall in 2017. Estonian authorities sue the security firm Gemalto for 152 million euros following the security flaws in the citizen ID cards issued by the company that caused their recall in 2017.

Manufacturing

Manufacturing Government Security Risk

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

JUNE 19, 2020

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. but also all other versions up to v3.0.0. of the driver. .

Security

Security Government IT Information Security

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The researchers believe that the Turkey-linked APT Sea Turtle has been active since at least 2017. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. The Sea Turtle APT group focuses primarily on targeting organizations in Europe and the Middle East.

IT

IT Passwords Government Archiving

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Security Affairs

FEBRUARY 10, 2020

Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. Malaysia’s Computer Emergency Response Team (MyCERT) warns of a cyber espionage campaign carried out by the China-linked APT40 group aimed at Malaysian government officials.

Government

Government Military Phishing Security

Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthday

Security Affairs

OCTOBER 7, 2024

A Ukrainian government source told Reuters that Kyiv’s hackers are behind the cyber attack that disrupted operations at the Russian state media company VGTRK on Putin’s birthday. Russian government officials have yet to publicly attribute the cyber attack to Ukraine.

Government

Government Communications IT Information Security

Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016

Security Affairs

JULY 9, 2019

Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. USCYBERCOM has discovered active malicious use of CVE-2017-11774 and recommends immediate #patching. ” reads a report published by Kaspersky.

Phishing

Phishing Government Cybersecurity Security

Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks

Security Affairs

JUNE 28, 2020

Recently, Australia ‘s prime minister Scott Morrison revealed that a “state-based actor” is targeting government, public services, and businesses. In many cases, attackers targeted unpatched versions of Telerik user interface (UI) by exploiting CVE-2019-18935 , CVE-2017-9248 , CVE-2017-11317 , CVE-2017-11357 vulnerabilities.

Risk

Risk Phishing Government Security

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

Before, you likely had to manually provide this info to lenders, creditors or government agencies. Equifax’s 2017 megabreach that exposed the personal and financial details of 145.5 . “Your employees may need to verify their income and employment info when applying for things like loans, credit, or public aid.

Financial Services

Financial Services Government Authentication IT

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

It seems that the huge trove of data was the result of a data breach that took place in 2017, the oldest entries are dated back as 2013. – Database apparently got hacked in 2017. Actor leaks Mobilink's (now @jazzpk ) database – Pakistan's leading telecom service.

Sales

Sales Data breaches Authentication Personal data

Feds Offer $10 Million Reward for Russia's Sandworm Hackers

Data Breach Today

APRIL 27, 2022

government on Tuesday announced a reward of up to $10 million for information pertaining to six alleged Russian military hackers tied to the 2017 NotPetya destructive malware campaign. 6 Russian Military Intelligence Agents Charged With Launching NotPetya Destruction The U.S.

Military

Military Government

Mercedes-Benz data breach impacted roughly 1000 individuals

Security Affairs

JUNE 26, 2021

Data belongs to individuals that provided their information to Mercedez-Benz and dealer websites between 2014 and 2017. “It is our understanding the information was entered by customers and interested buyers on dealer and Mercedes-Benz websites between January 1, 2014 and June 19, 2017. The incident exposed approximately 1.6

Data breaches

Data breaches Cloud Security Government

MuddyWater has been spotted targeting two Israeli entities

Security Affairs

NOVEMBER 3, 2023

The document describes what to do in case a government worker expresses opinions against the Israeli state on social networks. ” The first MuddyWater campaign was observed in late 2017, when the APT group targeted entities in the Middle East. .” continues the report. ” concludes the report.

Archiving

Archiving Phishing Government IT

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. Jumper , and Leviathan ), apparently linked to the Chinese government, is focused on targeting countries important to the country’s Belt and Road Initiative (i.e.

Phishing

Phishing Passwords Government Manufacturing

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

According to the firm, the US cyber spies are targeting various industry sectors and government agencies. The Qihoo 360 experts claim that a CIA hacking unit tracked as APT-C-39 has hacked organizations in the aviation, scientific research, oil, technology industries, it also targeted government agencies.

Military

Military Government Security IT

USCYBERCOM shares five new North Korea-linked malware samples

Security Affairs

MAY 13, 2020

. “On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) released three Malware Analysis Reports (MARs) on malware variants used by the North Korean government.” ” reads the DHS CISA’s advisory.

Analytics

Analytics Government Cybersecurity Authentication

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since at least 2011. In 2017, Symantec speculated that at least 40 targets in 16 countries have been compromised by the threat actors. The targets were all located in the Middle East, Europe, Asia, and Africa.

Communications

Communications Encryption Education Authentication

Operators behind Dark Caracal are still alive and operational

Security Affairs

NOVEMBER 29, 2020

The Bandook was spotted last time in 2015 and 2017 campaigns, dubbed “ Operation Manul ” and “ Dark Caracal “, respectively attributed to Kazakh and the Lebanese governments. Samples from the Dark Caracal campaign (2017) utilized around 100 commands, compared to the current 120 command version we analyzed.

Energy and Utilities

Energy and Utilities Government Archiving Education

Ex-Equifax CIO Gets 4-Month Prison Term for Insider Trading

Data Breach Today

JUNE 28, 2019

Prosecutors Say Jun Ying Sold Stock Before Data Breach Was Made Public A former Equifax CIO who sold his stock in the company after learning about its 2017 data breach several months before the public and government agencies were informed has been sentenced to four months in prison for insider trading.

Data breaches

Data breaches Government IT

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

A new shocking revelation comes from the disputed from NSO Group and Facebook, NSO CEO claims Facebook tried to buy an Apple spying software in 2017. The researchers also spotted other attacks against a Mexican journalist who reported to the public a story of the corruption in the Mexican government. ”the court filing reads.

Government

Government Privacy IT Security

Canadian Man Arrested in Snowflake Data Extortions

Krebs on Security

NOVEMBER 5, 2024

government agencies and first responders. Special Operations Command (PDF), demanding that the government turn over information collected about him and seeking restitution for his alleged kidnapping at the hands of the CIA. put him on a terror watch list after he traveled to Syria in 2017. since 2017.

Sales

Sales Communications Phishing Access

UK 'Failed' to Probe Threat of Russian Election Interference

Data Breach Today

JULY 21, 2020

Parliament Panel's Report Slams Government for Not Investigating Russian Activities The British government was underprepared for Russia's alleged attempts to influence the outcomes of the Brexit referendum in 2016 and the 2017 general election and failed to conduct adequate investigations, according to a report by the U.K.

Government

Government Security

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The attack targeted industrial plants, design bureaus and research institutes, government agencies, ministries and departments in several East European countries (Belarus, Russia, and Ukraine), as well as Afghanistan.” The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability.

Encryption

Encryption Military Archiving Phishing

French court indicted Nexa Technologies for complicity in acts of torture

Security Affairs

NOVEMBER 28, 2021

The cybersurveillance equipment was used by the Egyptian government to track down opponents. The investigation began in 2017 following a complaint by FIDH and LDH filed with the support of the Cairo Institute for Human Rights Studies (CIHRS). A weapon of choice for authoritarian governments.” ” continues Télérama.

Sales

Sales Government Encryption Communications

Booter Boss Busted By Bacon Pizza Buy

Krebs on Security

FEBRUARY 4, 2020

The government says Quantum Stresser had more than 80,000 customer subscriptions, and that during 2018 the service was used to conduct approximately 50,000 actual or attempted attacks targeting people and networks worldwide. The landing page for the Quantum Stresser attack-for-hire service. Attorney Adam Alexander.

Government

Government IT Security

Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack

Security Affairs

JANUARY 17, 2022

Ukrainian government attributes the recent attacks against tens of Ukrainian government websites to Belarusian APT group UNC1151. The government of Kyiv attributes the defacement of tens of Ukrainian government websites to Belarusian APT group UNC1151 , the Reuters agency reported in exclusive.

CMS

CMS Government Encryption Personal data

Chinese SharpPanda APT developed a new backdoor in the last 3 years

Security Affairs

JUNE 6, 2021

Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy on Asian governments. . The spear-phishing messages impersonate departments of the targeted governments. . In some cases, the emails are spoofed to look like they were from other government-related entities.

Phishing

Phishing Encryption Government Access

Buckeye APT group used Equation Group tools prior to ShadowBrokers leak

Security Affairs

MAY 7, 2019

The APT3 cyberespionage group had been active since at least 2009 and its last operation was uncovered in mid-2017. Since then, APT3 has been actively penetrating corporations and governments in the US, UK and most recently Hong Kong. Doublepulsar ), a backdoor that was subsequently released by the Shadow Brokers in 2017.

Access

Access Security IT Cybersecurity

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

SEPTEMBER 21, 2020

The IoT Cybersecurity Improvement Act First was first introduced in 2017, and later in 2019, a new version was introduced. Once the bill will be signed, federal government agencies would only purchase products compliant with those recommendations. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Cybersecurity Manufacturing Government

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw

Webinars

Trending Sources

The British government aims at improving its offensive cyber capability

Webinars

US indicted 4 Russian government employees for attacks on critical infrastructure

Singapore Government will run its third bug bounty program

Russian APT groups target European governments ahead of May Elections

Ransomware infected systems at state government of Louisiana

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Exodus, a government malware that infected innocent victims

China-linked APT Sharp Panda targets government entities in Southeast Asia

US and UK details a new Python backdoor used by MuddyWater APT group

US agencies offer $2M in reward for Ukrainian hackers that breached the SEC

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

APT28 group return to covert intelligence gathering ops in Europe and South America.

CISA warns of phishing attacks delivering KONNI RAT

Russia-linked APT Turla used a new malware toolset named Crutch

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthday

Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016

Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Data belonging 44 Million Pakistani mobile users leaked online

Feds Offer $10 Million Reward for Russia's Sandworm Hackers

Mercedes-Benz data breach impacted roughly 1000 individuals

MuddyWater has been spotted targeting two Israeli entities

APT40 cyberespionage group supporting growth of China’s naval sector

CIA Hacking unit APT-C-39 hit China since 2008

USCYBERCOM shares five new North Korea-linked malware samples

DePriMon downloader uses a never seen installation technique

Operators behind Dark Caracal are still alive and operational

Ex-Equifax CIO Gets 4-Month Prison Term for Insider Trading

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Canadian Man Arrested in Snowflake Data Extortions

UK 'Failed' to Probe Threat of Russian Election Interference

Chinese actors behind attacks on industrial enterprises and public institutions

French court indicted Nexa Technologies for complicity in acts of torture

Booter Boss Busted By Bacon Pizza Buy

Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack

Chinese SharpPanda APT developed a new backdoor in the last 3 years

Buckeye APT group used Equation Group tools prior to ShadowBrokers leak

US House Passes IoT Cybersecurity Improvement Act

Stay Connected