Data Breach Today

JANUARY 23, 2024

Governments Accuse Aleksandr Ermakov and REvil of Being Medibank Hackers The United States, Australia and the United Kingdom sanctioned a Russian man the governments say was behind the October 2022 hacking of Medibank, Australia's largest private health insurer.

Insurance 296

Insurance Data breaches Government 296

Krebs on Security

MARCH 14, 2023

Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S.

Government 302

Government Communications Access Security 302

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. Gelsemium is a group focused on cyberespionage that has been active since at least 2014.

Government 336

Government Manufacturing Education Access 336

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 342

Data collection Authentication Access Cybersecurity 342

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Government 287

Government IT Access Information Security 287

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government 352

Government Authentication Phishing IT 352

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and its subsidiary Mandiant reported that in 2023 97 zero-day vulnerabilities were exploited in attacks, while in 2022 the actively exploited zero-day flaws were 62. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 349

Government Ransomware Libraries Access 349

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Government 327

Government Phishing Archiving Cybersecurity 327

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. According to local media, US federal prosecutors believe that North Korea’s government considers cryptocurrency a long-term investment and it is amassing crypto funds through illegal activities. trillion won ($1.2 Pierluigi Paganini.

Military 352

Military Government Ransomware Security 352

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022.

e-Discovery 308

e-Discovery Communications Ransomware Government 308

Security Affairs

JUNE 6, 2022

Following the attacks of the Killnet Collective, the group responsible for the attacks against major government resources and law enforcement, a new group has been identified called “Cyber Spetsnaz”. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Government 363

Government Cybersecurity IoT Security 363

Security Affairs

SEPTEMBER 10, 2022

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks researchers reported that China-linked APT group BRONZE PRESIDENT conducted a new campaign aimed at government officials in Europe, the Middle East, and South America with the PlugX malware.

Government 324

Government Archiving Metadata Encryption 324

Security Affairs

MAY 18, 2022

The Conti ransomware gang is threatening to ‘overthrow’ the new government of Costa Rica after last month’s attack. Last month, the Conti ransomware gang claimed responsibility for the attack on Costa Rica government infrastructure after that the government refused to pay a ransom. ” reads the message.

Government 308

Government Ransomware Military Encryption 308

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The post Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Phishing 327

Phishing e-Delivery Government Passwords 327

Security Affairs

JUNE 27, 2022

The government of Lithuania announced on Monday that it had been hit by an “intense” cyberattack, likely launched from Moscow, days after the Russian government protested restrictions Vilnius imposed on the rail transit of certain goods to Kaliningrad. which was one of the 1st targets of the new campaign.

Government 345

Government IT IoT Cybersecurity 345

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government 267

Government Phishing Access Passwords 267

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The APT group was discovered in June 2022 by Kaspersky which linked it to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. Is it linked to ToddyCat APT?

Government 329

Government IT Encryption Libraries 329

Security Affairs

MAY 14, 2022

.” The list of the targeted websites was shared on the Telegram channel of the Pro-Russian hacker collective known as The Legion which focuses on attacks against Western organizations and governments, including NATO countries and the Ukraine. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Government 300

Government Military Data breaches Cybersecurity 300

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. As per the vendor’s statement, the flaw has been exploited in real-world scenarios, with incidents dating back to October 2022 at the very least. reads the report published by Mandiant. At the end of July, the U.S.

Government 315

Government Access Security Cybersecurity 315

Security Affairs

MARCH 20, 2025

The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. In March 2025, threat actors distributed archived messages through Signal. The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ).

Computer and Electronics 270

Computer and Electronics Archiving Passwords Government 270

Security Affairs

APRIL 25, 2024

CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

IT 353

IT Education Cybersecurity Risk 353

Security Affairs

MARCH 17, 2022

The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. link] — Anonymous (@YourAnonNews) March 15, 2022. Stay tuned!

Military 364

Military Communications Government Access 364

Security Affairs

FEBRUARY 27, 2025

. “The timing of the attack was especially unfortunate, as we were in the midst of a major recruitment drive following the previous government’s decision to almost double our workforce,” an anonymous intelligence source told Le Soir. Earliest identified evidence of exploitation of CVE-2023-2868 is currently October 2022.

Security 179

Security Access Government Cybersecurity 179

Security Affairs

MARCH 5, 2022

Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. FckPutin #FreeUkraine pic.twitter.com/NJZiLx5c0d — Anonymous TV (@YourAnonTV) March 3, 2022.

Passwords 363

Passwords Government Military Authentication 363

Security Affairs

SEPTEMBER 25, 2022

The authorities claimed Amini died of natural causes after suffering heart failure while it was at the police station, but citizens don’t believe this is the truth and moved the protests to the streets (September 2022 Iranian protests). OpIran pic.twitter.com/FuFbl5tuy7 — hadieh.poorhosseini (@hadiehp) September 25, 2022.

Government 356

Government Security IT Information Security 356

Security Affairs

MARCH 25, 2022

pic.twitter.com/0VUhqVmo89 — Anonymous (@LatestAnonPress) March 23, 2022. MESSAGE FROM #ANONYMOUS RABBIT: "People shouldn't be afraid of their government, governments should be afraid of their people." Ukraine #OpRussia [link] — Anonymous TV (@YourAnonTV) March 25, 2022.

Government 352

Government Authentication Cloud Access 352

Security Affairs

JUNE 4, 2022

pic.twitter.com/nZ8zk7bWV9 — Anonymous TV (@YourAnonTV) June 3, 2022. OpRussia #FreeUkraine pic.twitter.com/5lEUYliGgH — Anonymous TV (@YourAnonTV) June 1, 2022. OpRussia #FreeUkraine pic.twitter.com/5lEUYliGgH — Anonymous TV (@YourAnonTV) June 1, 2022. All their biggest government websites are #Offline.

Archiving 363

Archiving Government Passwords Security 363

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. Starting from the end of July 2022, the FBI infiltrated Hive’s computer networks. According to the announcement, the group targeted organizations in over 80 countries.

Ransomware 342

Ransomware Blockchain Manufacturing Analytics 342

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. The prices page for 911 S5, circa July 2022. $28

Cloud 344

Cloud Government Insurance IT 344

Security Affairs

FEBRUARY 28, 2022

Anonymous and numerous hacker groups linked to the popular collective continue to launch cyber attacks against Russian and Belarussian government organizations and private businesses. In the last few days massive DDoS attacks have taken offline numerous websites of Russian government entities, including the Duma and Ministry of Defense.

Government 360

Government Security IT Information Security 360

Security Affairs

AUGUST 19, 2022

e-Estonia refers to a movement by the government of Estonia to facilitate citizen interactions with the state through the use of electronic solutions. 1/4) @e_estonia — Luukas Ilves (@luukasilves) August 18, 2022. 3/4) — Luukas Ilves (@luukasilves) August 18, 2022. E-Estonia services were not disrupted.

Computer and Electronics 354

Computer and Electronics Digital transformation Government IT 354

Security Affairs

APRIL 12, 2022

The initial compromise took place no later than February 2022. It is interesting to note that the disconnection of electrical substations and the decommissioning of the company’s infrastructure was scheduled for Friday evening, April 8, 2022.

Cybersecurity 358

Cybersecurity Government Security IT 358

Security Affairs

MARCH 24, 2022

Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. pic.twitter.com/0VUhqVmo89 — Anonymous (@LatestAnonPress) March 23, 2022. Anonymous #OpRussia pic.twitter.com/7HO9UzeBoc — Anonymous TV (@YourAnonTV) March 20, 2022.

Government 324

Government Passwords IT Access 324

Security Affairs

OCTOBER 21, 2023

government seized 17 website domains used by North Korean IT workers in a fraudulent scheme to defraud businesses worldwide. government announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of a fraudulent scheme illicit scheme to defraud businesses worldwide.

IT 349

IT Government Access Security 349

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement. . ” reads the announcement. trillion won ($1.2

Government 246

Government Military Financial Services Security 246

Data Breach Today

FEBRUARY 14, 2023

The Tonto Team Used Spear-Phishing Emails to Target Group-IB Employees Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Malwarebytes says the group has ramped up spying against Russian government agencies.

Phishing 334

Phishing Government IT 334