2019, Government and Security - Information Management Today

US Government Sites Give Bad Security Advice

Krebs on Security

MARCH 25, 2020

government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Census Bureau website [link] carries a message that reads, “An official Web site of the United States government.

Government

Government Security Phishing Encryption

CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerability

Security Affairs

FEBRUARY 18, 2020

A security expert found a flaw in SharePoint that could be exploited to remotely execute arbitrary code by sending a specially crafted SharePoint application package. Summary: A few days ago I saw a post from Alienvault which says attackers are still exploiting SharePoint vulnerability to attack Middle East government organization.

Government

Government Security IT Information Security

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Security Affairs

MARCH 27, 2020

Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019.

Phishing

Phishing Passwords Risk Personal data

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Nation-state actors target Australia, Government warns

Security Affairs

JUNE 19, 2020

A state-based actor is launching cyber attacks against government, public services and businesses, Australia ‘s prime minister said. Australia ‘s prime minister Scott Morrison said that a “state-based actor” is targeting government, public services, and businesses.

Government

Government Risk Education Passwords

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Security Affairs

FEBRUARY 20, 2020

Britain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019.

Military

Military IT Government Encryption

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. The malicious code appended the extension. Pierluigi Paganini.

Ransomware

Ransomware Government Encryption Passwords

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. ” reads the report. ” continues the alert. .” ” continues the alert.

Government

Government Authentication Access Risk

DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h

Security Affairs

JULY 17, 2020

US DHS CISA urges government agencies to patch SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being exploited. on the CVSS scale and affects Windows Server versions 2003 to 2019. The bug affects the DNS server component that ships with all Windows Server versions from 2003 to 2019.

Government

Government Security Cybersecurity IT

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. In March 2018, the Department of Homeland Security and Federal Bureau of Investigation issued a joint technical alert to warn of attacks on US critical infrastructure powered by Russian threat actors.

Government

Government Passwords Access Cybersecurity

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

Government

Government Mining Archiving Encryption

Ex Twitter employee found guilty of spying for Saudi Arabian government

Security Affairs

AUGUST 10, 2022

In November 2019, the former Twitter employees Abouammo and the Saudi citizen Ali Alzabarah have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government. Of course, he was also able to unmask the identities of some users on behalf of the Saudi Arabian Government.

Government

Government Marketing Access IT

Most of the attacks on Telecom Sector in 2019 were carried out by China-linked hackers

Security Affairs

MARCH 5, 2020

China-linked cyber espionage groups increasingly targeted organizations in the telecommunications industry in 2019. According to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. ” reads the report published by CrowdStrike. Pierluigi Paganini.

Military

Military Government IT Security

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum. According to Bank Security , all the Pulse Secure VPN servers included in the list were vulnerable to the CVE-2019-11510 flaw.

Passwords

Passwords Security Ransomware Military

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

JANUARY 26, 2020

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. The post A new piece of Ryuk Stealer targets government, military and finance sectors appeared first on Security Affairs. Anyone remember this "Ryuk Stealer"?

Military

Military Government Ransomware Privacy

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. SecurityAffairs – hacking, Taiwan Government).

Government

Government Military Information Security Security

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Government

Government IT Access Information Security

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. The vulnerability is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 A vulnerability was discovered under Pulse Connect Secure (PCS).

Security

Security Cybersecurity Authentication Government

Welcome Bureau of Cyberspace Security and Emerging Technologies (CSET)

Security Affairs

JANUARY 8, 2021

United States Department of State approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET). The United States Secretary of State Mike Pompeo approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET) that was first announced in 2019. Pierluigi Paganini.

Security

Security Cybersecurity Government IT

Security Affairs newsletter Round 241

Security Affairs

NOVEMBER 24, 2019

The best news of the week with Security Affairs. Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365. Tianfu Cup 2019 – 11 teams earned a total of 545,000 for their Zero-Day Exploits. CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance. Pierluigi Paganini.

Security

Security Data breaches Ransomware Government

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

FEBRUARY 23, 2020

Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. . ” Cisco Talos also discovered a link between ObliqueRAT and another campaign from December 2019 distributing CrimsonRAT sharing similar maldocs and macros.”

Government

Government File names Passwords Phishing

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

The best news of the week with Security Affairs. ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. European Commission has chosen the Signal app to secure its communications. Lampion malware v2 February 2020.

Security

Security Ransomware Military Data breaches

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

In January, the company disclosed a security breach that might have exposed personal and confidential corporate data, at the time, it claimed that attackers did not obtain sensitive information about defense contracts. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Security

Security Military Manufacturing Personal data

US FCC bans China Unicom Americas telecom over national security risks

Security Affairs

JANUARY 29, 2022

The Federal Communications Commission (FCC) revoked the license for the China Unicom Americas over serious national security concerns. The Federal Communications Commission (FCC) has revoked the license for China Unicom Americas over “serious national security concerns.” ” reads the order. Pierluigi Paganini.

Risk

Risk Security Communications Government

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “A vulnerability was discovered under Pulse Connect Secure (PCS).

Security

Security Authentication Government Access

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Security Affairs

JULY 22, 2021

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products.

e-Discovery

e-Discovery Security Passwords Access

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint alert to warn critical infrastructure operators about threats from Russian state-sponsored hackers. ” reads the joint alert. Pierluigi Paganini.

Cybersecurity

Cybersecurity Risk Government Phishing

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

According to the indictment, Ptitsyn facilitated the worldwide use of a dangerous ransomware strain to target corporations and various organizations, including government agencies, healthcare facilities, educational institutions, and critical infrastructure. Barron for the District of Maryland.

Ransomware

Ransomware Education Sales Government

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Security Affairs

FEBRUARY 4, 2022

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government

Government Military Phishing Information Security

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

Passwords

Passwords Access Insurance Government

NSA and ASD issue a report warning of web shells deployments

Security Affairs

APRIL 24, 2020

National Security Agency (NSA) and the Australian Signals Directorate (ASD) is warning of bad actors increasingly exploiting vulnerable web servers to deploy web shells. The document provides valuable information on how to detect and prevent web shells from infecting the servers of the Department of Defense and other government agencies.

Cybersecurity

Cybersecurity Access Authentication Communications

Travel leisure company Carnival Corporation discloses data breach

Security Affairs

MARCH 6, 2020

Carnival Corporation, the world’s largest travel leisure company, discloses a data breach that took place in 2019. The company launched an investigation immediately after it discovered an anomalous activity on its network in May 2019. “In late May 2019, we identified suspicious activity on our network. .

Data breaches

Data breaches Access Privacy Cybersecurity

Russia-linked APT29 group changes TTPs following April advisories

Security Affairs

MAY 7, 2021

Today, UK NCSC and CISA-FBI-NSA cybersecurity agencies published a joint security advisory that warns organizations to patch systems immediately to mitigate the risk of attacks conducted by Russia-linked SVR group (aka APT29 , Cozy Bear , and The Dukes )). ” states the report. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Risk Government Security

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. In August 2020, the FBI has issued a security alert about Netwalker ransomware attacks targeting U.S.

Government

Government Ransomware Security IT

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

The N etBlocks internet observatory, which tracks disruptions and shutdowns, observed yesterday (February 8, 2019) a massive outage of the country’s connectivity to the Internet. The post Massive DDoS attack brought down 25% Iranian Internet connectivity appeared first on Security Affairs. Pierluigi Paganini.

Government

Government Access Cybersecurity Security

European Commission has chosen the Signal app to secure its communications

Security Affairs

FEBRUARY 25, 2020

“The European Commission has told its staff to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications.” There is no doubt, Signal is the first choice for hackers and security experts … and not only them. SecurityAffairs – security, Signal).

Communications

Communications IT Security Encryption

Russia-Linked Turla APT uses new malware in watering hole attacks

Security Affairs

MARCH 13, 2020

The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. com / wp -includes/data_from_db_top [. ]

Archiving

Archiving Government Communications IT

Schneider Electric published a security advisory on Drovorub Linux Malware

Security Affairs

NOVEMBER 14, 2020

Schneider Electric published a security bulletin to warn customers of the Drovorub Linux malware , the malware was analyzed in a joint alert published in August by NSA and the FBI. The government agencies recommend that US organizations update any Linux system to a version running kernel version 3.7 ” concludes the advisory.

Security

Security Communications IoT Risk

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. ” continues the report. Pierluigi Paganini.

Access

Access Financial Services Retail Insurance

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. ransomware. . Pierluigi Paganini.

Ransomware

Ransomware Security Retail Manufacturing

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

According to security researchers from Trend Micro, the Russia-linked APT28 cyberespionage group has been scanning vulnerable email servers for more than a year. The cyberespionage group continues to target members of defense companies, embassies, governments, and the military. ” continues the report. Pierluigi Paganini.

Phishing

Phishing Military Government Passwords

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. and foreign government organizations. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. and foreign government organizations. ” reads the alert. public health organization.

Ransomware

Ransomware Encryption Passwords Government

CISA published 2021 Top 15 most exploited software vulnerabilities

Security Affairs

APRIL 28, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities. Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Security Risk Government

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. In May 2019, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

IT

IT Government Security Information Security

US Government Sites Give Bad Security Advice

CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerability

Webinars

Trending Sources

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Webinars

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Nation-state actors target Australia, Government warns

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

CERT France – Pysa ransomware is targeting local governments

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

APT hacked a US municipal government via an unpatched Fortinet VPN

Ex Twitter employee found guilty of spying for Saudi Arabian government

Most of the attacks on Telecom Sector in 2019 were carried out by China-linked hackers

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

A new piece of Ryuk Stealer targets government, military and finance sectors

Taiwan Government faces 5 Million hacking attempts daily

The Mask APT is back after 10 years of silence

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Welcome Bureau of Cyberspace Security and Emerging Technologies (CSET)

Security Affairs newsletter Round 241

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs newsletter Round 253

Japan suspects HGV missile data leak in Mitsubishi security breach

US FCC bans China Unicom Americas telecom over national security risks

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Russia-linked threat actors targets critical infrastructure, US authorities warn

Russian Phobos ransomware operator faces cybercrime charges

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Hackers Were Inside Citrix for Five Months

NSA and ASD issue a report warning of web shells deployments

Travel leisure company Carnival Corporation discloses data breach

Russia-linked APT29 group changes TTPs following April advisories

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

Massive DDoS attack brought down 25% Iranian Internet connectivity

European Commission has chosen the Signal app to secure its communications

Russia-Linked Turla APT uses new malware in watering hole attacks

Schneider Electric published a security advisory on Drovorub Linux Malware

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Russia-linked APT28 has been scanning vulnerable email servers in the last year

FBI issued a flash alert about Netwalker ransomware attacks

CISA published 2021 Top 15 most exploited software vulnerabilities

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Stay Connected