2020 and Government - Information Management Today

Government contractor Conduent disclosed a data breach

Security Affairs

APRIL 16, 2025

Conduent suffered another security breach in 2020 by the Maze ransomware gang, which stole corporate data. The company holds cyber insurance and informed federal authorities. The company did not disclose technical details about the attack, but experts believe it was the victim of a ransomware attack.

Data breaches

Data breaches Government Business Services Personal data

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. Phishing and Malware Q2 2020.

Phishing

Phishing Data collection Retail Security awareness

French Government Investigates Suspected Chinese Espionage

Data Breach Today

JULY 26, 2024

National Police Probe Botnet Campaign That Infected 3,000 Machines The French government has launched an investigation into a suspected Chinese espionage campaign that infected thousands of networks in France. The botnet campaign pushed out the PlugX remote access Trojan that has infected 3,000 machines in France since 2020.

Government

Government Access

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Threat Report Portugal: Q4 2020

Security Affairs

JANUARY 26, 2021

Threat Report Portugal Q4 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Threat Report Portugal: Q4 2020 compiles data collected on the malicious campaigns that occurred from October to December, Q4, of 2020. Phishing and Malware Q4 2020. Malware by Numbers.

Phishing

Phishing Retail Security awareness Data collection

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

SEPTEMBER 23, 2020

Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The post Samba addresses the CVE-2020-1472 Zerologon Vulnerability appeared first on Security Affairs.

Authentication

Authentication Passwords Security Government

Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Education

Education Government Passwords Authentication

Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others

Security Affairs

NOVEMBER 9, 2020

TFC 2020 has come to the end, all these excellent offensive researchers and their burning 0days makes #TFC 2020 a success! pic.twitter.com/MwJLc5M0B4 — TianfuCup (@TianfuCup) November 8, 2020. — TianfuCup (@TianfuCup) November 8, 2020. Thank you all for participating and following! Pierluigi Paganini.

Security

Security Government Information Security IT

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. .

Government

Government Authentication Access Risk

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. . This joint advisory provides information on Russia-linked APT actor activity targeting various U.S.

Government

Government Passwords Access Cybersecurity

Brazilian citizen charged for threatening to release data stolen from a company in 2020

Security Affairs

DECEMBER 27, 2024

charges for allegedly threatening to release data stolen from a company in a March 2020 security breach. government has charged the Brazilian citizen Junior Barros De Oliveira, 29, with allegedly threatening to release data stolen from a company during a March 2020 security breach. A Brazilian citizen faces U.S.

Communications

Communications Access Government Security

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

The Agency identified 1,785 cyber incidents in 2020, including brute-force attacks, email-related attacks, impersonation attacks, improper usage of the systems, loss/theft of equipment, and web-based attacks. In 2020, most of the incidents were improper usage issues, followed by loss/theft of equipment and web-based attacks.

Information Security

Information Security Cybersecurity Access Risk

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

APT31 is also believed to be behind an attack on the Parliament of Finland that took place in 2020, according to the government experts , the hackers breached some parliament email accounts in December 2020. The post Norway blames China-linked APT31 for 2018 government hack appeared first on Security Affairs.

Government

Government Access Passwords Cloud

Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool

Security Affairs

MAY 27, 2021

Fujitsu confirmed the security breach and revealed that the attackers have also stolen some customer data belonging to multiple government entities. Data exfiltrated by the hackers included government employees’ records and contractors’ data stored in the platform. The Cabinet Cyber ??Security Pierluigi Paganini.

Government

Government Data breaches Access Security

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

Government

Government Mining Archiving Encryption

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023.

Government

Government Manufacturing Education Access

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

FEBRUARY 19, 2024

The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. “TAG70 has demonstrated a high level of sophistication in its attack methods.

Military

Military Government Access Risk

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

MARCH 28, 2024

In 2023, the researchers attributed a combined total of 48 out of 58 zero-day vulnerabilities to commercial surveillance vendors (CSVs) and government espionage actors, while 10 zero-day flaws were attributed to financially motivated actors. The researchers also tracked at least four ransomware groups exploiting four zero-day vulnerabilities.

Government

Government Ransomware Libraries Access

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

Privacy Shield framework in 2020. Privacy Shield in 2020, Meta continued transferring data under a framework that was deemed insufficient to protect European citizens from U.S. government surveillance. The company faced allegations of improperly transferring sensitive data about European drivers to the U.S. Billion ($1.4

GDPR

GDPR Security Compliance Data Privacy

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The charges result from an investigation conducted by the US government into public companies potentially impacted by the supply chain attack on SolarWinds’ Orion software. The SEC charged Unisys with additional violations and fined Unisys $4M, Avaya $1M, Check Point $995K, and Mimecast $990K in civil penalties to settle the charges.

Cybersecurity

Cybersecurity Risk Access Government

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The APT group was discovered in June 2022 by Kaspersky which linked it to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. Is it linked to ToddyCat APT?

Government

Government IT Encryption Libraries

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors.

Ransomware

Ransomware Education Sales Government

Texas Department of Transportation (TxDOT) hit by a ransomware attack

Security Affairs

MAY 18, 2020

A new ransomware attack hit the Texas government, the malware this time infected systems at the state’s Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. All @txcourts websites are down.

Ransomware

Ransomware Government Access IT

Canada is going to ban TikTok on government mobile devices

Security Affairs

MARCH 1, 2023

The Canadian government announced it will ban the video app TikTok from all government-issued devices over security concerns. The app will be removed from government devices this week. “While the risks of using this application are clear, we have no evidence at this point that government information has been compromised.”

Government

Government Privacy Risk Data collection

Feds Fine Mental Health Clinic $100K in 2020 HIPAA Case

Data Breach Today

NOVEMBER 20, 2024

government's 51st HIPAA patient right-of-access enforcement action. LA County Clinic Delayed Access to Patient's Medical Records During Pandemic Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic.

Access

Access Government

Ransomware Is Headed Down a Dire Path

WIRED Threat Level

DECEMBER 29, 2020

2020 was a great year for ransomware gangs. For hospitals, schools, municipal governments, and everyone else, it’s going to get worse before it gets better.

Ransomware

Ransomware Government IT Security

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

The US Census Bureau is the largest US federal government statistical agency responsible dedicated to providing current facts and figures about America’s people, places, and economy. Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year.

Government

Government Data collection Access Communications

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Security Affairs

SEPTEMBER 6, 2024

The FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. The government expert pointed out that Unit 29155 operates independently from other GRU-affiliated groups like Unit 26165 and Unit 74455. These operations include espionage, sabotage, and reputational damage.

Financial Services

Financial Services Government IoT Communications

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

CVE-2020-5902 F5 Big-IP CVE-2020-14882 Oracle WebLogic CVE-2021-26855 Microsoft Exchange (Note: this vulnerability is frequently observed used in conjunction with CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065). Some of the hacking campaigns that were publicly attributed to Russian state-sponsored APT actors by U.S.

Cybersecurity

Cybersecurity Risk Phishing Government

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. ” Microsoft strongly encourages administrators of enterprise Windows Servers to install the August 2020 Patch Tuesday as soon as possible to protect their systems from Zerologon attack that exploits the CVE-2020-1472. .”

Authentication

Authentication Passwords Security Government

Bank of Seychelles hit by a ransomware attack

Security Affairs

SEPTEMBER 12, 2020

DBS is a joint venture by the Seychelles government and some shareholders including Bank, Caisse Francaise de Cooperation, European Investment Bank, DEG, Standard Chartered Bank, and Barclays Bank. . DBS bought back Barclays’ share and Government purchased the shares of DEG, hence, increasing its shareholding to 60.50%.

Ransomware

Ransomware Communications Government Encryption

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The CISA agency is warning of a surge in Emotet attacks targeting multiple state and local governments in the US since August. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. since August.

Government

Government Libraries Cybersecurity Phishing

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

and foreign government organizations. and foreign government organizations. “As of June 2020, the FBI has received notifications of Netwalker ransomware attacks on U.S. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.”

Ransomware

Ransomware Encryption Passwords Government

Researchers shared the lists of victims of SolarWinds hack

Security Affairs

DECEMBER 22, 2020

By decoding the #DGA domain names, we discovered nearly a hundred domains suspected to be attacked by #UNC2452 #SolarWinds , including universities, governments and high tech companies such as @Intel and @Cisco. link] pic.twitter.com/40VfXuR6JI — RedDrip Team (@RedDrip7) December 16, 2020. NetBios HTTP Backdoor 2020-07-03 barrie.ca

Communications

Communications Manufacturing Financial Services Security

Mandiant links Ghostwriter operations to Belarus

Security Affairs

NOVEMBER 16, 2021

Security researchers at the Mandiant Threat Intelligence team believe that Ghostwriter APT group is linked to the government of Belarus. Mandiant Threat Intelligence researchers believe that the Ghostwriter disinformation campaign (aka UNC1151) was linked to the government of Belarus. ” reads the report published by Mandiant.

Military

Military CMS Government Security

Canon publicly confirms August ransomware attack and data breach

Security Affairs

NOVEMBER 27, 2020

The image.canon site suffered an outage on July 30th, 2020, that lasted for six days, until August 4th. The hackers accessed company file servers that contained information about current and former employees from 2005 to 2020 and their beneficiaries and dependents. Source BleepingComputer. ” reads the statement.

Data breaches

Data breaches Ransomware Archiving Access

Breach Roundup: Russian Organizations Losing Microsoft Cloud

Data Breach Today

MARCH 28, 2024

Also: Hackers Target Apple Password Reset Flaw This week, Russian organizations are losing Microsoft Cloud, hackers targeted an Apple flaw, Germany warned of critical flaws in Microsoft Exchange, an info stealer targeted Indian government agencies and the energy sector, and Finland confirmed APT31's role in a 2020 breach of Parliament.

Cloud

Cloud Passwords Government

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

“In July and August 2020, government operatives used NSO Group ’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 ” reads the report published by the researchers.

Government

Government Security awareness Education Sales

XDSpy APT remained undetected since at least 2011

Security Affairs

OCTOBER 2, 2020

The APT group, recently discovered by ESET, targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine, including militaries and Ministries of Foreign Affairs. Unusually, our research shows that this campaign has been active since at least 2011 with next to no changes in TTPs.”

Military

Military Phishing Passwords Government

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

link] — Bank Security (@Bank_Security) November 20, 2020. The list includes devices belonging to big enterprises, financial institutions, and government organizations across the world. CISA and FBI have recently observed attacks carried out by APT actors that combined two the CVE-2018-13379 and CVE-2020-1472 flaws.

Government

Government Ransomware Access Cybersecurity

Russia-linked APT29 group changes TTPs following April advisories

Security Affairs

MAY 7, 2021

The NCSC, NSA, CISA, and CSE have previously issued a joint report regarding the group’s campaigns aimed at organizations involved in COVID-19 vaccine development throughout 2020 using WellMess and WellMail malware. The news joint repost, speculate the SVR has reacted to the report by changing their TTPs. ” states the report.

Cybersecurity

Cybersecurity Risk Government Security

SolarWinds confirmes 18,000 customers may have been impacted

Security Affairs

DECEMBER 14, 2020

“On December 13, 2020, SolarWinds delivered a communication to approximately 33,000 Orion product customers that were active maintenance customers during and after the Relevant Period. According to the experts, the campaign may have begun as early as Spring 2020 and is still ongoing. ” reads the SEC filing.

Military

Military Government Communications Security

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

We’re seeing more activity leveraging the CVE-2020-1472 exploit (ZeroLogon). — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. The CVE-2020-1472 Zerologon flaw is an elevation of privilege that resides in the Netlogon.

Authentication

Authentication Retail Passwords Security

North Korea-linked APT37 targets South with RokRat Trojan

Security Affairs

JANUARY 7, 2021

Experts spotted the RokRat Trojan being used by North Korea-linked threat actors in attacks aimed at the South Korean government. On December 7 2020 researchers from Malwarebytes uncovered a campaign targeting the South Korean government with a variant of the RokRat RAT. ” reads the post published by Malwarebytes.

Phishing

Phishing Government Encryption Access

Government contractor Conduent disclosed a data breach

Threat Report Portugal: Q2 2020

Webinars

Trending Sources

French Government Investigates Suspected Chinese Espionage

Webinars

Threat Report Portugal: Q4 2020

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw

Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Brazilian citizen charged for threatening to release data stolen from a company in 2020

NASA identified 1,785 cyber incidents in 2020

Norway blames China-linked APT31 for 2018 government hack

Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool

APT hacked a US municipal government via an unpatched Fortinet VPN

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Increased GDPR Enforcement Highlights the Need for Data Security

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Russian Phobos ransomware operator faces cybercrime charges

Texas Department of Transportation (TxDOT) hit by a ransomware attack

Canada is going to ban TikTok on government mobile devices

Feds Fine Mental Health Clinic $100K in 2020 HIPAA Case

Ransomware Is Headed Down a Dire Path

Hackers targeted the US Census Bureau network, DHS report warns

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Russia-linked threat actors targets critical infrastructure, US authorities warn

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Bank of Seychelles hit by a ransomware attack

CISA alert warns of Emotet attacks on US govt entities

FBI issued a flash alert about Netwalker ransomware attacks

Researchers shared the lists of victims of SolarWinds hack

Mandiant links Ghostwriter operations to Belarus

Canon publicly confirms August ransomware attack and data breach

Breach Roundup: Russian Organizations Losing Microsoft Cloud

Zero-day exploit used to hack iPhones of Al Jazeera employees

XDSpy APT remained undetected since at least 2011

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Russia-linked APT29 group changes TTPs following April advisories

SolarWinds confirmes 18,000 customers may have been impacted

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

North Korea-linked APT37 targets South with RokRat Trojan

Stay Connected