2018, Government and Security - Information Management Today

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018.

Government

Government Access Passwords Cloud

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. The General Data Protection Regulation ( GDPR ), enacted in 2018, has set a new standard for data privacy across the European Union (EU). government surveillance.

GDPR

GDPR Security Compliance Data Privacy

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. ” reads the report. ” continues the alert. .” ” continues the alert.

Government

Government Authentication Access Risk

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Chinese hackers have gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. Pierluigi Paganini.

Government

Government Military IT Access

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. In March 2018, the Department of Homeland Security and Federal Bureau of Investigation issued a joint technical alert to warn of attacks on US critical infrastructure powered by Russian threat actors.

Government

Government Passwords Access Cybersecurity

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

Government

Government Mining Archiving Encryption

Federal Communications Commission has cut off government funding for equipment from Chinese firms

Security Affairs

NOVEMBER 25, 2019

Federal Communications Commission has cut off government funding for equipment from Huawei and ZTE due to security concerns. Federal Communications Commission has cut off government funding for equipment from the Chinese companies Huawei and ZTE due to security concerns. “The FCC voted unanimously Friday to bar U.S.

Communications

Communications Government Libraries Risk

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus is a surveillance malware developed by the Israeli surveillance NSO Group that could infect both iPhones and Android devices, it is sold exclusively to the governments and law enforcement agencies. The evidence demonstrates that governments used Pegasus to intimidate journalists and critical media. Pierluigi Paganini.

Government

Government Privacy IT Security

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. SecurityAffairs – hacking, Taiwan Government).

Government

Government Military Information Security Security

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor.

Government

Government Authentication Communications Access

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” continues the DoJ.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Then he requested help from Amnesty Internationals Security Lab fearing to be the target of surveillance software like other journalists in Serbia. Evidence, including the spywares installation during BIA interviews, attributes these surveillance campaigns with high confidence to the BIA and Serbian government.

Personal data

Personal data Encryption Security Privacy

At least 23 Texas local governments targeted by coordinated ransomware attacks

Security Affairs

AUGUST 18, 2019

At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. At the time the name of impacted organizations was not disclosed due to security concerns.

Ransomware

Ransomware Government Military Security

Russia-linked Turla APT hacked European government organization

Security Affairs

OCTOBER 29, 2020

Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization.

Government

Government Encryption Communications IT

Ransomware infected systems at state government of Louisiana

Security Affairs

NOVEMBER 19, 2019

Another ransomware attack made the headlines, the victim is the state government of Louisiana, numerous services have been impacted. The incident forced the state of government of Louisiana to shut down several numerous web sites of the state as well as email and Internet services. Pierluigi Paganini.

Ransomware

Ransomware Government Cybersecurity Security

Chinese APT FunnyDream targets a South East Asian government

Security Affairs

NOVEMBER 17, 2020

Security experts at BitDefender have uncovered a new China-linked cyber espionage group, tracked as FunnyDream that has already infected more than 200 systems across Southeast Asia over the past two years. Most of the victims were in Vietnam, the group focuses on foreign government organizations of countries in Southeast Asia. .

Government

Government File names Communications Access

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. ” reads one of the alerts.

Government

Government Computer and Electronics Archiving Phishing

The U.S. FCC considers Huawei and ZTE as national security threats

Security Affairs

JULY 1, 2020

Federal Communications Commission (FCC) announced that Chinese telecommunications giants Huawei and ZTE are considered as national security threats. Last week China accused the US government of “oppressing Chinese companies” after U.S. regulators declared Huawei and ZTE to be national security threats. In November 2019, the U.S.

Communications

Communications Security Government Military

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

Researchers from Bank Security first reported the availability of the list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379. link] — Bank Security (@Bank_Security) November 20, 2020. link] — Bank Security (@Bank_Security) November 20, 2020. Pierluigi Paganini. Pierluigi Paganini.

Government

Government Ransomware Access Cybersecurity

European Commission has chosen the Signal app to secure its communications

Security Affairs

FEBRUARY 25, 2020

“The European Commission has told its staff to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications.” There is no doubt, Signal is the first choice for hackers and security experts … and not only them. SecurityAffairs – security, Signal).

Communications

Communications IT Security Encryption

Karkoff 2020: a new APT34 espionage operation involves Lebanon Government

Security Affairs

MARCH 2, 2020

In November 2018, researchers from Cisco Talos tracked and detailed a “ DNSEspionage ” campaign against targets in Lebanon and UAE. At the time of the report, the threat actor carried out a cyber espionage campaign by redirecting DNS traffic from domains owned by the Lebanon government to target entities in the country. Introduction.

Government

Government Communications IT Security

Security Affairs newsletter Round 286

Security Affairs

OCTOBER 18, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 286 appeared first on Security Affairs. The post Security Affairs newsletter Round 286 appeared first on Security Affairs. Pierluigi Paganini.

Security

Security Ransomware Encryption IoT

USCYBERCOM shares five new North Korea-linked malware samples

Security Affairs

MAY 13, 2020

“On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) released three Malware Analysis Reports (MARs) on malware variants used by the North Korean government.” Department of Homeland Security, the U.S.

Analytics

Analytics Government Cybersecurity Authentication

Security breach suffered by credit bureau Equifax has cost $1.4 Billion

Security Affairs

MAY 12, 2019

Equifax revealed its earnings release related to the security breach suffered in 2017, the incident has cost about $1.4 Equifax revealed this week its earnings release related to the security breach suffered by the credit bureau back in 2017, the incident has cost about $1.4 Million identities were involved in the security incident.

Security

Security Data breaches Cybersecurity Government

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. ransomware. . Pierluigi Paganini.

Ransomware

Ransomware Security Retail Manufacturing

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Security Affairs

FEBRUARY 20, 2020

Britain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. ” said the Foreign Secretary Dominic Raab.

Military

Military IT Government Encryption

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. ” The full report is available here.

Phishing

Phishing Manufacturing Government Security

US Indicts 4 Chinese Nationals for Lengthy Hacking Campaign

Data Breach Today

JULY 19, 2021

All Aligned With China's Ministry of State Security The U.S.

Government

Government Security

Chinese SharpPanda APT developed a new backdoor in the last 3 years

Security Affairs

JUNE 6, 2021

Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy on Asian governments. . The spear-phishing messages impersonate departments of the targeted governments. . In some cases, the emails are spoofed to look like they were from other government-related entities.

Phishing

Phishing Encryption Government IT

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint alert to warn critical infrastructure operators about threats from Russian state-sponsored hackers. ” reads the joint alert. Pierluigi Paganini.

Cybersecurity

Cybersecurity Risk Government Phishing

Information of Air Canada employees exposed in recent cyberattack

Security Affairs

SEPTEMBER 22, 2023

The carrier confirmed that its systems are fully operational, it also announced it has implemented further security measures with the help of leading global cyber security experts. The Canadian Centre for Cyber Security published an alert warning of a Distributed Denial of Service campaign targeting multiple Canadian sectors.

Data breaches

Data breaches Access Government Security

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Security Affairs

MARCH 27, 2020

The number of alerts decreased by 25% when compared to 2018, possible reasons for this drop could be the increased efficiency of defense measures implemented by Google, but we cannot underestimate the risk of an increased level of sophistication of the attacks that allowed nation-state actors to fly under the radar. Pierluigi Paganini.

Phishing

Phishing Passwords Risk Personal data

India Calls for Stricter Actions Against Cybercriminals

Data Breach Today

JULY 12, 2022

Home Affairs Minister Seeks to Tackle Financial Fraud, Boost Security Stance Indian Home Affairs Minister Amit Shah called for stricter action against cybercriminals, vowing that the central and state governments will collaborate on a strategy to tamp down financial fraud.

Government

Government Security

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

Security

Security Honeypots Military Access

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

Passwords

Passwords Access Insurance Government

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

In 2018, the Group managed 2.5 billion specific purpose payment transactions in 2018, primarily carried out via mobile applications, online platforms and cards, and representing nearly €30 billion in business volume. The company is reporting the incident to government regulators and authorities. “ Edenred S.A.

Cybersecurity

Cybersecurity Government IT Security

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

The FBI, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) has issued a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. Ryuk first appeared in the threat landscape in August 2018 as a derivative of the Hermes 2.1

Ransomware

Ransomware IoT Sales Communications

Czech intelligence report warns of Russian and Chinese activity in the country

Security Affairs

NOVEMBER 26, 2019

A Czech intelligence report states that Russian and Chinese cyberspies carried out several attacks against the country during 2018. Cezch intelligence believe s that agents of all the Russian intelligence services were secretly operating on the Czech soil in 2018. The Czech experts discovered the security breach in early January 2017.

Information Security

Information Security Government Security Risk

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

The US Department of Homeland Security revealed that unknown threat actors have targeted the network of the US Census Bureau during the last year. The US Census Bureau is the largest US federal government statistical agency responsible dedicated to providing current facts and figures about America’s people, places, and economy.

Government

Government Data collection Access Communications

CISA published 2021 Top 15 most exploited software vulnerabilities

Security Affairs

APRIL 28, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities. Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Security Risk Government

Norway blames China-linked APT31 for 2018 government hack

Increased GDPR Enforcement Highlights the Need for Data Security

Webinars

Trending Sources

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Webinars

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

APT hacked a US municipal government via an unpatched Fortinet VPN

Federal Communications Commission has cut off government funding for equipment from Chinese firms

Pegasus Project – how governments use Pegasus spyware against journalists

Taiwan Government faces 5 Million hacking attempts daily

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

US indicted 4 Russian government employees for attacks on critical infrastructure

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

At least 23 Texas local governments targeted by coordinated ransomware attacks

Russia-linked Turla APT hacked European government organization

Ransomware infected systems at state government of Louisiana

Chinese APT FunnyDream targets a South East Asian government

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Croatia government agencies targeted with news SilentTrinity malware

The U.S. FCC considers Huawei and ZTE as national security threats

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

European Commission has chosen the Signal app to secure its communications

Karkoff 2020: a new APT34 espionage operation involves Lebanon Government

Security Affairs newsletter Round 286

USCYBERCOM shares five new North Korea-linked malware samples

Security breach suffered by credit bureau Equifax has cost $1.4 Billion

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

APT32 state hackers target human rights defenders with spyware

US Indicts 4 Chinese Nationals for Lengthy Hacking Campaign

Chinese SharpPanda APT developed a new backdoor in the last 3 years

Russia-linked threat actors targets critical infrastructure, US authorities warn

Information of Air Canada employees exposed in recent cyberattack

Google issued 40,000 alerts of State-Sponsored attacks in 2019

India Calls for Stricter Actions Against Cybercriminals

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Hackers Were Inside Citrix for Five Months

Payment solutions giant Edenred announces malware infection

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Czech intelligence report warns of Russian and Chinese activity in the country

Hackers targeted the US Census Bureau network, DHS report warns

CISA published 2021 Top 15 most exploited software vulnerabilities

Stay Connected