2023 and Government - Information Management Today

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government

Government Ransomware Libraries Access

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

WIRED Threat Level

NOVEMBER 7, 2023

The Government Surveillance Reform Act of 2023 pulls from past privacy bills to overhaul how police and the feds access Americans’ data and communications.

Government

Government Communications Privacy Access

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Zimbra zero-day exploited to steal government emails by four groups

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. Zimbra addressed the vulnerability CVE-2023-37580 in July 2023. A second threat actor exploited the vulnerability since July 11 before the official patch became available on July 25.

Government

Government Authentication Phishing IT

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

He will also dive into topic definitions, governance structures, and framework components for success. July 20th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST Register today!

Risk

Hackers stole OpenAI secrets in a 2023 security breach

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. ” The executives believed the threat actor was a lone hacker with no link to a foreign government.

Security

Security Artificial Intelligence Risk Access

WS_FTP flaw CVE-2023-40044 actively exploited in the wild

Security Affairs

OCTOBER 2, 2023

Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed flaw in Progress Software’s WS_FTP products. Most of these online assets belong to large enterprises, governments and educational institutions.” “From our analysis of WS_FTP, we found that there are about 2.9k

Authentication

Authentication Cybersecurity Education Government

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Government

Government Privacy Risk Data collection

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately

Security Affairs

OCTOBER 25, 2023

Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances. Citrix is urging administrators to secure all NetScaler ADC and Gateway appliances against the CVE-2023-4966 vulnerability, which is actively exploited in attacks. reported Citrix. reported Citrix. NetScaler ADC 13.1-FIPS

Authentication

Authentication Access Communications Cloud

Customer Experience Management: Optimizing Your Strategy for Financial Success

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

October 19th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST Register today!

Customer Experience

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

e-Discovery

e-Discovery Communications Ransomware Government

Russian cyber spies stole data and emails from UK government systems

Security Affairs

AUGUST 8, 2024

Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media. Earlier this year, Russia’s foreign intelligence service stole internal emails and data on individuals from the UK government. ” reported The Record Media. .

Government

Government Data breaches Access IT

Stanford University announced that 27,000 individuals were impacted in the 2023 ransomware attack

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. 27, 2023. . Stanford was breached last year by Clop Ransomware.

Ransomware

Ransomware Data breaches Passwords Access

ISMG Editors: Call for Cooperation at Black Hat Europe 2023

Data Breach Today

DECEMBER 8, 2023

Highlights From the Conference on Improving Public-Private Sector Collaboration In this special edition at Black Hat Europe 2023 in London, three ISMG editors cover the highlights of the conference, including a resounding call for better collaboration between government agencies and the private sector, regulatory trends, and the cautionary tale of (..)

Government

LLMOps for Your Data: Best Practices to Ensure Safety, Quality, and Cost

Speaker: Shreya Rajpal, Co-Founder and CEO at Guardrails AI & Travis Addair, Co-Founder and CTO at Predibase

However, productionizing LLMs comes with a unique set of challenges such as model brittleness, total cost of ownership, data governance and privacy, and the need for consistent, accurate outputs. January 18th, 2023 at 9:30am PST, 12:30pm EST, 5:30pm GMT

Privacy

Government of Bermuda blames Russian threat actors for the cyber attack

Security Affairs

SEPTEMBER 23, 2023

The Government of Bermuda believes that the recent cyberattack against its IT infrastructure was launched by Russian threat actors. This week a cyber attack hit the Government of Bermuda causing the interruption of internet/email and phone services. The attack impacted all the government departments. ” said Burt.

Government

Government IT Security Information Security

Yearly Intel Trend Review: The 2023 RedSense report

Security Affairs

JANUARY 25, 2024

The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and discoveries, and include references to case studies that were reported on by RedSense throughout the year.

Ransomware

Ransomware Data breaches Phishing Cybersecurity

Canadian government impacted by data breaches of two of its contractors

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. Data belonging to current and former Government of Canada employees, members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel have been also exposed. Both contractors suffered a security breach in October.

Data breaches

Data breaches Government IT Ransomware

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. Gelsemium is a group focused on cyberespionage that has been active since at least 2014.

Government

Government Manufacturing Education Access

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

Security Affairs

OCTOBER 18, 2023

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. ” reported Citrix.

Authentication

Authentication Access Cloud Risk

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection

Data collection Authentication Access Cybersecurity

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

FEBRUARY 19, 2024

The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. “TAG70 has demonstrated a high level of sophistication in its attack methods.

Military

Military Government Access Risk

Russia-linked APT28 targets government Polish institutions

Security Affairs

MAY 10, 2024

CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked APT28 group. ” reads the alert.

Government

Government Military Libraries Archiving

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. European, and Asian entities. systems. .”

Government

Government Cybersecurity Access IT

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. The vulnerability, tracked as CVE-2023-2868 , resides in the module for email attachment screening, the issue was discovered on May 19 and the company fixed it with the release of two security patches on May 20 and 21.

Government

Government Access Security Cybersecurity

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor.

Government

Government Authentication Communications Access

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. Chinese hackers gained access to the VSSE’s email server between 2021 and May 2023, stealing 10% of staff incoming and outgoing emails. ” reported Reuters.

Security

Security Access Government Cybersecurity

MITRE December 2023 attack: Threat actors created rogue VMs to evade detection

Security Affairs

MAY 25, 2024

The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks.

Communications

Communications Risk Access Security

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

TopSec was founded in 1995, it offers cybersecurity services such as Endpoint Detection and Response (EDR) and vulnerability scanning, along with “boutique” solutions to align with government initiatives and intelligence requirements. ” reads the report published by SentinelLabs. ” concludes the report.”The

Cybersecurity

Cybersecurity Government Cloud Security

Record-Breaking Ransomware Profits Surpassed $1B in 2023

Data Breach Today

FEBRUARY 7, 2024

Their increasingly sophisticated attacks targeted "high-profile institutions and critical infrastructure, including hospitals, schools and government," reported Chainalysis. Ongoing Innovation and Sophistication Drive Unparalleled Profits Attackers wielding ransomware collectively earned over $1 billion last year - breaking previous records.

Ransomware

Ransomware Government

Microsoft Patch Tuesday for August 2023 fixed 2 actively exploited flaws

Security Affairs

AUGUST 8, 2023

Microsoft Patch Tuesday security updates for August 2023 addressed 74 vulnerabilities, including two actively exploited flaws. Microsoft has released an Office Defense in Depth update ( ADV230003 ) to address a patch bypass of the actively exploited RCE vulnerability CVE-2023-36884. reads the post.

Phishing

Phishing Security Government IT

Earth Krahang APT breached tens of government organizations worldwide

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government

Government Phishing Access Passwords

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns. “Microsoft assesses that a threat actor located in China established and maintains this network.

Passwords

Passwords Access Cloud Government

Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw

Security Affairs

DECEMBER 5, 2023

CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies. Cybersecurity and Infrastructure Security Agency (CISA) is warning about threat actors actively exploiting a critical vulnerability ( CVE-2023-26360 ) in Adobe ColdFusion to breach government agencies.

Government

Government Cybersecurity Security Access

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The Rhysida ransomware group has been active since May 2023. The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack.

Data breaches

Data breaches Ransomware Manufacturing Education

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Palo Alto Networks’ Unit 42 reported that the Russia-linked APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) group exploited the CVE-2023-23397 vulnerability in attacks aimed at European NATO members. The first occurred between March-December 2022 and the second occurred in March 2023.”

Military

Military Government Phishing Authentication

U.S. Medical billing provider Medusind suffered a sata breach

Security Affairs

JANUARY 9, 2025

Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. The company disclosed a data breach discovered on December 29, 2023, that impacted 360,934 individuals. “On December 29, 2023, Medusind discovered suspicious activity within its IT network.

Data breaches

Data breaches Insurance Ransomware Information governance

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

Sanders spent most of 2023 in Ukraine, traveling with Ukrainian soldiers while mapping the shifting landscape of Russian crypto exchanges that are laundering money for narcotics networks operating in the region. — shows an entity by that name incorporated at a mail drop in London in December 2023.

Blockchain

Blockchain Mining Marketing IT

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. In March 2023, Microsoft published guidance for investigating attacks exploiting the patched Outlook vulnerability tracked as CVE-2023-23397.

Military

Military Government Access Phishing

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. However, from August 2023 onwards, certain Akira attacks began utilizing Megazord, which employs Rust-based code and encrypts files with a.powerranges extension.

Ransomware

Ransomware Encryption Education Phishing

The Rhysida ransomware group hit the Kuwait Ministry of Finance

Security Affairs

SEPTEMBER 26, 2023

Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat. Government officials shut off affected systems to prevent the threat from spreading.

Ransomware

Ransomware Government Cybersecurity IT

Cisco Fixes Firewall 0-Days After Likely Nation-State Hack

Data Breach Today

APRIL 24, 2024

Networking Giant Dubs Campaign Against Government Customers 'Arcane Door' Probable nation-state hackers targeted Cisco firewall appliances in a campaign dating to late 2023, the networking giant disclosed Wednesday while releasing three patches, two of them rated critical. Cisco doesn't connect the hackers with a specific country.

Government

Government IT

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

The advisory updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released on April 19, 2022 and on December 19, 2023. “From mid-December 2023 onward, the healthcare sector has emerged as the most frequently targeted among the approximately 70 disclosed victims.” ” reads the joint advisory.

Ransomware

Ransomware Government Insurance Manufacturing

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

Billion), 2023 Meta’s record-breaking fine stems from its failure to safeguard data transfers between the EU and the U.S. government surveillance. Automated Data Governance : Leverage advanced data security platforms that provide real-time visibility and automated compliance checks. Billion ($1.4

GDPR

GDPR Security Compliance Data Privacy

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

Webinars

Trending Sources

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Webinars

Zimbra zero-day exploited to steal government emails by four groups

ERM Program Fundamentals for Success in the Banking Industry

Hackers stole OpenAI secrets in a 2023 security breach

WS_FTP flaw CVE-2023-40044 actively exploited in the wild

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately

Customer Experience Management: Optimizing Your Strategy for Financial Success

China’s Volt Typhoon botnet has re-emerged

Russian cyber spies stole data and emails from UK government systems

Stanford University announced that 27,000 individuals were impacted in the 2023 ransomware attack

ISMG Editors: Call for Cooperation at Black Hat Europe 2023

LLMOps for Your Data: Best Practices to Ensure Safety, Quality, and Cost

Government of Bermuda blames Russian threat actors for the cyber attack

Yearly Intel Trend Review: The 2023 RedSense report

Canadian government impacted by data breaches of two of its contractors

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Russia-linked APT28 targets government Polish institutions

FBI deleted China-linked PlugX malware from over 4,200 US computers

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

MITRE December 2023 attack: Threat actors created rogue VMs to evade detection

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Record-Breaking Ransomware Profits Surpassed $1B in 2023

Microsoft Patch Tuesday for August 2023 fixed 2 actively exploited flaws

Earth Krahang APT breached tens of government organizations worldwide

Chinese threat actors use Quad7 botnet in password-spray attacks

Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw

Port of Seattle ‘s August data breach impacted 90,000 people

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

U.S. Medical billing provider Medusind suffered a sata breach

How Cryptocurrency Turns to Cash in Russian Banks

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Akira ransomware received $42M in ransom payments from over 250 victims

The Rhysida ransomware group hit the Kuwait Ministry of Finance

Cisco Fixes Firewall 0-Days After Likely Nation-State Hack

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Increased GDPR Enforcement Highlights the Need for Data Security

Stay Connected