Access, Government and Libraries - Information Management Today

Foreign adversary hacked email communications of the Library of Congress says

Security Affairs

NOVEMBER 18, 2024

The Library of Congress discloses the compromise of some of its IT systems, an alleged foreign threat actor hacked their emails. Only email communications between congressional offices and some library staff, including the Congressional Research Service, from January to September, were affected. ” reported the NBC News.

Libraries

Libraries Communications Access Government

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. It is one of the largest libraries in the world. ” reads the announcement.

Libraries

Libraries Ransomware Manufacturing Education

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

MARCH 28, 2024

In 2023, the researchers observed a surge in zero-day vulnerabilities in third-party components and libraries that can impact all products that use them. The Chinese government made the headlines because government-linked APT groups exploited 12 zero-day vulnerabilities in 2023, which marks a notable increase from seven in 2022.

Government

Government Ransomware Libraries Access

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Invitation to tender: Future ready libraries

CILIP

JANUARY 31, 2025

Invitation to tender: Future ready libraries CILIP is inviting researchers to undertake a gap analysis and consultation with sector experts to create a comprehensive review of training provision for leadership in the public library workforce in England.

Libraries

Libraries Access Government

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Security Affairs

SEPTEMBER 6, 2023

Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. Storm-0558 threat actors focus on government agencies in Western Europe and were observed conducting cyberespionage, data theft, and credential access attacks.

Authentication

Authentication Libraries Access Government

Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Security Affairs

SEPTEMBER 3, 2024

Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and steal permissions. When an app requests access to a resource, a permission pop-up is triggered for user approval.

Libraries

Libraries Risk Access Security

Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access

Security Affairs

AUGUST 26, 2022

An Iran-linked Mercury APT group exploited the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations. The APT group was officially linked by the US government to Iran’s Ministry of Intelligence and Security. ” reads the report published by Microsoft. Pierluigi Paganini.

Access

Access Libraries Communications Government

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Communications Ransomware Manufacturing

Trust Libraries: 10 Pledges for libraries to a new Government

CILIP

JUNE 7, 2024

Trust Libraries: 10 Pledges for libraries to a new Government A General Election is just round the corner and its outcome will affect us all, with a new government and potentially hundreds of new MPs taking their seats in the House of Commons.

Libraries

Libraries Government Access IT

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

This issue arises because the GeoTools library API, which GeoServer uses, evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library, allowing arbitrary code execution. government entities in Belgium, and telecommunications companies in Thailand and Brazil.

Libraries

Libraries Encryption Cybersecurity Access

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Security Affairs

DECEMBER 12, 2021

Quebec shut down nearly 4,000 of its sites in response to the discovery of the Log4Shell flaw in the Apache Log4j Java-based logging library. Quebec shut down nearly 4,000 of its sites as a preventative measure after the disclosure of a PoC exploit for the Log4Shell flaw ( CVE-2021-44228 ) in the Apache Log4j Java-based logging library.

Libraries

Libraries Digital transformation Education Government

Iran-linked threat actors compromise US Federal Network

Security Affairs

NOVEMBER 16, 2022

. “CISA obtained four malicious files for analysis during an on-site incident response engagement at a Federal Civilian Executive Branch (FCEB) organization compromised by Iranian government sponsored advanced persistent threat (APT) actors.” Use best practices for identity and access management (IAM). reads the advisory.

Government

Government Mining Cybersecurity Libraries

Alleged APT implanted a backdoor in the network of a US federal agency

Security Affairs

DECEMBER 20, 2021

federal government commission associated with international rights. federal government commission associated with international rights. ” According to security firm Avast who discovered the attack, the backdoor was likely used as the initial vector in a multi-stage attack to penetrate the government network.

Government

Government Libraries Access Security

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

Recently, the Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Libraries

Threat actors continue to exploit Log4Shell in VMware Horizon Systems

Security Affairs

JUNE 24, 2022

The CVE-2021-44228 flaw made the headlines in December, after Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for the critical remote code execution zero-day vulnerability ( aka Log4Shell ) that affects the Apache Log4j Java-based logging library. ” reads the advisory. ” reads the joint alert.

Access

Access Libraries Cybersecurity Security

DinodasRAT Linux variant targets users worldwide

Security Affairs

MARCH 31, 2024

ESET researchers reported that a Windows version of DinodasRAT was used in attacks against government entities in Guyana. The campaign seems active since at least early 2022 and focuses primarily on government organizations. The library uses the Tiny Encryption Algorithm ( TEA ) in CBC mode to cipher and decipher the data.

Libraries

Libraries Encryption Communications Government

CILIP and school library organisations submit joint response to DfE’s Curriculum & Assessment Review

CILIP

DECEMBER 2, 2024

The Government review was launched in September 2024 and aims to ensure that the national curriculum appropriately balances ambition, excellence, relevance, flexibility, and inclusivity for all children and young people. If they are lost it will be incredibly hard to replace them and their skilled staff. We are still awaiting a response.

Libraries

Libraries Education Government Access

1.2 million CPR numbers for Danish citizen leaked through tax service

Security Affairs

FEBRUARY 10, 2020

” states the Government Agency. “Google Hosted Libraries have been designed to remove all information that allows identifying users before logging on. Peter Kruse, cyber security expert and founder of the CSIS group, explained that Google had access to 1.2 “Google has accessed 1.2

Encryption

Encryption Libraries Access Government

Halfway to Data Access Governance

Collibra

OCTOBER 4, 2022

If you’re a Collibra customer, chances are you’re already made significant progress in establishing an expansive data access governance program even if that wasn’t your original intent. The three components of a scalable data access governance foundation. Data classification for data access governance.

Government

Government Access Sales Risk

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs

JANUARY 17, 2022

“The SFile ransomware uses the Mbed TLS library, RSA-2048 and AES-256 algorithms for file encryption. The ransomware was involved in targeted attacks against corporate and government networks. The ransomware does not have its own portal; the attackers communicate with victims via email” reported ESET.

Ransomware

Ransomware Encryption Libraries Communications

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

Recently, the Rhysida ransomware gang added the British Library and China Energy Engineering Corporation to the list of victims on its Tor leak site. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The group also claimed the hack of the British Library and China Energy Engineering Corporation. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The Rhysida ransomware group has been active since May 2023.

Ransomware

Ransomware Manufacturing Education Libraries

DuneQuixote campaign targets the Middle East with a complex backdoor

Security Affairs

APRIL 21, 2024

Threat actors target government entities in the Middle East with a new backdoor dubbed CR4T as part of an operation tracked as DuneQuixote. The malware is developed in C/C++ without utilizing the Standard Template Library (STL), and certain segments are coded in pure Assembler.” ” reads the analysis published by Kaspersky.

Libraries

Libraries Communications IT Government

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Security Affairs

JUNE 26, 2023

China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon , using a novel tradecraft to gain initial access to target networks.

Cleanup

Cleanup Libraries Access Manufacturing

XDSpy APT remained undetected since at least 2011

Security Affairs

OCTOBER 2, 2020

The APT group, recently discovered by ESET, targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine, including militaries and Ministries of Foreign Affairs. The malware samples analyzed by the researchers are slightly obfuscated using string obfuscation and dynamic Windows API library loading.

Military

Military Phishing Passwords Government

[Podcast] Strategic Considerations for Information Governance Audits

AIIM

APRIL 17, 2020

Information governance audits, in particular, are used to ensure compliance with relevant information governance policies and procedures. On this episode of the AIIM on Air podcast , your host Kevin Craine explores Information Governance Audits with AIIM member Andrew du Fresne. Do they make compliance objectives more effective?

Information governance

Information governance Government Compliance Libraries

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Security Affairs

AUGUST 7, 2024

The group also claimed the hack of the British Library and China Energy Engineering Corporation. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The Rhysida ransomware group has been active since May 2023.

Ransomware

Ransomware Manufacturing Libraries Education

Cyber espionage campaign targets Asian countries since 2021

Security Affairs

SEPTEMBER 13, 2022

A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021.

Government

Government Access Libraries Education

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Archiving

Archiving Military Communications Phishing

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

Experts observed a 400% increase in the number of attacks, compared with October, that hit government organizations. PYSA ransomware operators focus on large or high-value finance, government and healthcare organisations. CERT-FR’s alert states that the Pysa ransomware code is based on public Python libraries.

Ransomware

Ransomware Encryption Government Retail

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

Government experts analyzed 10 samples of malware involved in FASTCash attacks, state-sponsored hackers used them to compromise payment “switch application servers” within the targeted banks to facilitate fraudulent transactions. ” states the report. ” continues the report.

Retail

Retail Libraries Government Phishing

A WhatsApp zero-day exploit can cost several million dollars

Security Affairs

OCTOBER 5, 2023

Someone was willing to pay these great payouts to remotely gain access to the messages of a target. “The document said the exploit worked for Android versions 9 to 11, which was released in 2020, and that it took advantage of a flaw in the “image rendering library.” and $8 million.

Marketing

Marketing Libraries Sales Government

A few binary plating 0-days for Windows

Security Affairs

MARCH 15, 2019

We contacted Microsoft, but they claimed that it was not a product vulnerability since security had been weakened by 3rd party applications that allowed overly permissive file access. This binary planting can be exploited when a program gives too much access (e.g. Tracking high-privileges libraries calls with DLL-based loggers.

Libraries

Libraries Authentication Access IT

China-linked LuminousMoth APT targets entities from Southeast Asia

Security Affairs

JULY 14, 2021

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. “The archive contains two malicious DLL libraries as well as two legitimate executables that sideload the DLL files. .

Archiving

Archiving File names Government Libraries

The worst cyber attacks of 2021

Security Affairs

JANUARY 3, 2022

CNA Financial (March 2021) – CNA Financial, one of the largest insurance companies in the US, reportedly paid a $40 ransom to restore access to its files following a ransomware attack that took place in March.

Ransomware

Ransomware Cybersecurity Access Insurance

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military

Military File names Government Libraries

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names

File names Financial Services Manufacturing Libraries

Defining responsible AI governance with UCLA Health

Collibra

JUNE 27, 2024

UCLA Health is at the forefront of AI innovation in healthcare and has partnered with Collibra to bring clear, accessible AI governance to all levels of its organization. Balancing governance and innovation To many developers, data governance is the opposite of innovation. But these efforts are still worth tracking.

Government

Government Artificial Intelligence Access Libraries

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

Symantec pointed out that the attacks against government organizations in Hong Kong remained undetected for a year in some cases. Like the sample analyzed by Cyberreason, the Spyder Loader sample analyzed by Symantec uses the CryptoPP C++ library. exe for the execution of the malware loader. ” continues the report.

File names

File names Encryption Manufacturing Libraries

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 18, 2024

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders U.S.

Security

Security Ransomware Data breaches Libraries

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

Security Affairs

AUGUST 26, 2021

According to coordinated reports published by FireEye and Pulse Secure in May, two hacking groups have exploited the zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. ” reads the MAR. Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Authentication Libraries Passwords

Security Affairs newsletter Round 402 by Pierluigi Paganini

Security Affairs

JANUARY 15, 2023

Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4

Security

Security Ransomware Libraries Phishing

Congratulations sent to new PM and Government

CILIP

JULY 8, 2024

Looking for opportunities CILIP Chief Executive Louis Coiffait-Gunn has written to new Prime Minister Sir Keir Starmer to outline how libraries and information professionals can support the new government.

Government

Government Libraries Access

Foreign adversary hacked email communications of the Library of Congress says

Rhysida ransomware gang is auctioning data stolen from the British Library

Webinars

Trending Sources

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Webinars

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Invitation to tender: Future ready libraries

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access

Raspberry Robin malware used in attacks against Telecom and Governments

Trust Libraries: 10 Pledges for libraries to a new Government

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Iran-linked threat actors compromise US Federal Network

Alleged APT implanted a backdoor in the network of a US federal agency

Rhysida ransomware gang claimed China Energy hack

Threat actors continue to exploit Log4Shell in VMware Horizon Systems

DinodasRAT Linux variant targets users worldwide

CILIP and school library organisations submit joint response to DfE’s Curriculum & Assessment Review

1.2 million CPR numbers for Danish citizen leaked through tax service

Halfway to Data Access Governance

Experts warn of attacks using a new Linux variant of SFile ransomware

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware group hacked Abdali Hospital in Jordan

DuneQuixote campaign targets the Middle East with a complex backdoor

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

XDSpy APT remained undetected since at least 2011

[Podcast] Strategic Considerations for Information Governance Audits

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Cyber espionage campaign targets Asian countries since 2021

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

PYSA ransomware gang is the most active group in November

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

A WhatsApp zero-day exploit can cost several million dollars

A few binary plating 0-days for Windows

China-linked LuminousMoth APT targets entities from Southeast Asia

The worst cyber attacks of 2021

New Gallmaker APT group eschews malware in cyber espionage campaigns

China-linked Budworm APT returns to target a US entity

Defining responsible AI governance with UCLA Health

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

Security Affairs newsletter Round 402 by Pierluigi Paganini

Congratulations sent to new PM and Government

Stay Connected