2022 and Security - Information Management Today

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. These penalties apply to all aspects of GDPR compliance, including inadequate data security, improper consent, and data breach failures.

GDPR

GDPR Security Compliance Data Privacy

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

” According to Heise security , the published data doesn’t appear to be linked to recently published vulnerabilities in the FortiOS appliance operating system. released in October 2022. ” reported Heise Security. ” reported Heise Security.

Passwords

Passwords Security IT Data breaches

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. The vulnerability CVE-2022-38028 was reported by the U.S.

Military

Military File names Education Phishing

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware

Ransomware Blockchain Insurance Data breaches

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

And despite your SaaS adoption offering many positives, there is now an exponential increase in IT, security, and business complexity. By focusing on SaaS security posture management, your team can finally accomplish the following: Discover both known and unknown SaaS apps.

Security

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. The Belgian federal prosecutor’s office is probing a possible security breach on its State Security Service (VSSE) by China-linked threat actors. ” reported Reuters.

Security

Security Access Government Cybersecurity

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Krebs on Security

MARCH 7, 2025

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

Passwords

Passwords Security

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Libraries

Libraries Communications Encryption IT

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass. cyber agencies warned.

Data collection

Data collection Authentication Access Cybersecurity

Recovering from a Cyber Attack

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

If your organization stores data and is connected to the Internet, it is not a matter of “if” a cyber-security incident will happen, but “when.” It takes an organizational mindset which realizes that data privacy and security is a continuous, evolving process, as opposed to a “fire-and-forget” set of steps.

Data breaches

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Security Affairs

DECEMBER 5, 2024

Security Operations Center (SOC) analyst burnout is a very real problem. Research published in Dark Reading in 2022 revealed that 70% experience burnout, and 65% said they were likely to change jobs in the next year. The two key problems are: Alert Overload Modern security environments generate an extraordinary number of alerts.

Cybersecurity

Cybersecurity Artificial Intelligence Risk Data collection

J-magic malware campaign targets Juniper routers

Security Affairs

JANUARY 24, 2025

Lumen experts also mentioned another variant of cd00r, codenamed SEASPY , that was used in a campaign targeting Barracuda Email Security Gateway (ESG) appliances that dates back in 2022. However, there is no evidence that the two campaigns are linked. ” concludes the report.

Encryption

Encryption Access Security IT

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

Data Security Posture Management (DSPM) helps organizations address evolving data security and privacy requirements by protecting and managing sensitive information. To add to the difficulty, the advent of Generative AI (GenAI) has brought unprecedented security and privacy risks. What is Data Security Posture Management?

Data Privacy

Data Privacy Privacy GDPR Compliance

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Risk IT

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

billion in 2022. In this exclusive webinar with industry visionaries, you'll learn: The value of Software Composition Analysis Regulations impacting both software producers and buyers What a Software Bill of Materials is and why you need one Software supply chain security best practices.and more! In the U.S. Register today!

Cybersecurity

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

e-Discovery

e-Discovery Communications Ransomware Government

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017.

Data breaches

Data breaches Cybersecurity Risk IT

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Education Cybersecurity Risk

Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs

Security Affairs

AUGUST 14, 2024

Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Microsoft products including Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Co-Pilot; Microsoft Dynamics; Teams; and Secure Boot and others, bringing the total to 102 when including third-party bugs.

Security

Security IT Information Security

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

On October 14, 2022, Tata Power, Indias largest power generation company, announced a cyber attack hit its infrastructure. The company confirmed that the security breach impacted some of its IT systems. The gang claims to have breached the corporate network on October 3rd, 2022. TB of data stored in over 730,000 files.

Ransomware

Ransomware Manufacturing IT Security

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Government

Government IT Access Information Security

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10

Security Affairs

SEPTEMBER 8, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security

Security Insurance Ransomware Government

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures. DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

Strategies for Securing Your Supply Chain

IT Governance

OCTOBER 23, 2024

What to do when your ‘supply chain’ is really a ‘supply loop’ When I asked Bridget Kenyon – CISO (chief information security officer) for SSCL, lead editor for ISO 27001:2022 and author of ISO 27001 Controls – what she’d like to cover in an interview, she suggested supply chain security. How can you secure a ‘supply loop’?

Security

Security Information Security Risk Access

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 million unfilled cyber security jobs, showing a big need for skilled professionals. million, up 15% in three years.

Security

Security Phishing IoT Ransomware

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms.

Ransomware

Ransomware Blockchain Retail Insurance

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

Security Affairs

APRIL 12, 2025

The cybersecurity firm revealed that attackers exploited known FortiGate flaws like CVE-2022-42475 , CVE-2023-27997 , and CVE-2024-21762 to gain persistent read-only access via a symlink in SSL-VPN language folders. “A threat actor used a known vulnerability to implement read-only access to vulnerable FortiGate devices.

Access

Access Cybersecurity IT Information Security

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). ” reads the advisory published by the company. High) CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Critical) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Critical) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Authentication

Authentication IT IoT Security

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Managing Cybersecurity in the Age of Artificial Intelligence Clearview AI Faces €30.5M

Security

Security Data breaches Artificial Intelligence Ransomware

Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Ransomware Cybersecurity

CISA adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JUNE 27, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. in April 2022. Technical details and PoC exploit code are publicly available since August 2022. Linux Kernel Flaw CVE-2022-2586 (CVSS score of 7.8)

IT

IT Cybersecurity Risk Security

Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

AUGUST 4, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Phishing Ransomware Sales

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The state-sponsored hackers exploited the CVE-2022-47966 RCE vulnerability in Zoho ManageEngine. reads the advisory.

Cybersecurity

Cybersecurity Access Security Encryption

Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

Security Affairs

MAY 23, 2024

Ivanti this week rolled out security patches to address multiple critical vulnerabilities in the Endpoint Manager (EPM). AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H The vulnerabilities impact 2022 SU5 and earlier versions. AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H The vulnerabilities impact 2022 SU5 and earlier versions.

Authentication

Authentication Security Information Security IT

Hackers obtained user data from Twilio-owned 2FA authentication app Authy

Security Affairs

JULY 4, 2024

The company confirmed it has already secured the vulnerable endpoint. We have taken action to secure this endpoint and no longer allow unauthenticated requests.” ” reads a security update published by the company. The company has more than 5,000 employees in 17 countries, and its revenues in 2021 are US$2.84

Authentication

Authentication Phishing Communications Access

CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 6, 2023

Cybersecurity and Infrastructure Security Agency (CISA) adds four Qualcomm vulnerabilities to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Qualcomm vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Cybersecurity Risk Security

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023. Urban, known online as “Sosa” and “King Bob,” is linked to the same group that hacked Twilio and other companies in 2022. In January 2024, U.S.

Phishing

Phishing Access Passwords Ransomware

CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

Security Affairs

JUNE 5, 2024

TikTok spokesperson Alex Haurek stated that their security team is aware of the exploit and has taken measures to stop the attack and prevent future incidents. “Our security team is aware of a potential exploit targeting a number of brand and celebrity accounts.

Access

Access Security IT Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. ” Orn advertising Araneida Scanner in Feb. 2023 on the forum Cracked.

IT

IT Data breaches Cloud Passwords

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

Law enforcement agencies from the United Kingdom, United States, and Ireland participated in the operation that began towards the end of 2022. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing

Marketing IT Information Security Security

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. is forum for $15,000.

Ransomware

Ransomware Cybersecurity Sales Security

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Phishing

Phishing Passwords Authentication Encryption

Electronic prescription provider MediSecure impacted by a ransomware attack

Security Affairs

MAY 16, 2024

MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. “MediSecure has identified a cyber security incident impacting the personal and health information of individuals. ” reads the statement published by the company.

Ransomware

Ransomware e-Delivery Data breaches Insurance

Australian government announced sanctions for Medibank hacker

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The man is responsible for the cyber attacks that in 2022 hit the Australian insurance provider Medibank. “ In November 2022, Medibank announced that personal data belonging to around 9.7M

Government

Government Insurance Ransomware Data breaches

Increased GDPR Enforcement Highlights the Need for Data Security

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Webinars

Trending Sources

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Webinars

Black Basta ransomware gang hit BT Group

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Recovering from a Cyber Attack

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

J-magic malware campaign targets Juniper routers

Why DSPM is Essential for Achieving Data Privacy in 2024

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Software Composition Analysis: The New Armor for Your Cybersecurity

China’s Volt Typhoon botnet has re-emerged

Brazil’s Polícia Federal arrested the notorious hacker USDoD

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

The Mask APT is back after 10 years of silence

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Strategies for Securing Your Supply Chain

26 Cyber Security Stats Every User Should Be Aware Of in 2024

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

CISA adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog

Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

Hackers obtained user data from Twilio-owned 2FA authentication app Authy

CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Electronic prescription provider MediSecure impacted by a ransomware attack

Australian government announced sanctions for Medibank hacker

Stay Connected