Communications, Education and Government - Information Management Today

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

According to Microsoft, the campaign aimed at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

e-Discovery

e-Discovery Communications Ransomware Government

US SEC warns investors of ongoing fraudulent communications claiming from the SEC

Security Affairs

NOVEMBER 21, 2021

The Securities and Exchange Commission (SEC) warns investors of attacks impersonating its officials in government impersonator schemes. According to the alert issued by the SEC’s Office of Investor Education and Advocacy (OIEA), crooks are contacting investors via phone calls, voicemails, emails, and letters. Pierluigi Paganini.

Communications

Communications Financial Services Government Education

Information Governance – 3 Common Pitfalls and How to Avoid Them

AIIM

SEPTEMBER 7, 2021

What is Information Governance, and Why is it Important? There are many benefits to constructing an Information Governance program plan. How to Avoid Information Governance Pitfalls. How to Avoid/Overcome: Overcome this issue by addressing objections directly with good communication and contextual education.

Information governance

Information governance Government Communications Education

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

Security Affairs

MAY 26, 2021

The Federal Public Service Interior’s communications director, Olivier Maerens, confirmed that the attackers were not able to breach the server of the ministry, this means that threat actors did not steal any data. The websites of the Belgium government and police services were also unavailable.

IT

IT Education Government Communications

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

According to Microsoft, the campaign aimed at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

Communications

Communications Manufacturing Education Government

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. The government experts observed the use of PowerTool by Akira threat actors to exploit the Zemana AntiMalware driver and terminate antivirus-related processes.

Ransomware

Ransomware Encryption Education Phishing

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. The backdoor is written in.NET and leverages the domain name service (DNS) protocol to establish a covert communication channel with the command and control infrastructure.

Retail

Retail Education Communications Government

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

The group is very sophisticated and used zero-day exploits and complex malware to conduct targeted attacks against governments and organizations in almost every industry, including financial, energy, telecommunications, and education, aerospace. Then the DePriMon malware uses Schannel for the communication.

Communications

Communications Encryption Education Authentication

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Communications Military Access

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Security Affairs

MARCH 2, 2024

The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors. For communication purposes, Phobos actors employ diverse instant messaging applications such as ICQ, Jabber, and QQ.

Ransomware

Ransomware Education Phishing Government

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e.

Ransomware

Ransomware Phishing Government File names

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Security Affairs

JUNE 21, 2019

Turla (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ), has been active since at least 2007 targeting government organizations and private businesses. The three recent Turla campaigns targeted governments and international organizations worldwide.

Communications

Communications Government Data collection Education

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . Threat actors carried out a highly-sophisticated supply chain attack.

Military

Military Cybersecurity Communications Government

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. The Thrip group has been active since 2013, but this is the first time Symantec publicly shared details of its activities. ” concludes the report. . Pierluigi Paganini.

Military

Military Communications Government Education

‘Justice Blade’ Hackers are Targeting Saudi Arabia

Security Affairs

NOVEMBER 7, 2022

The group of threat actors calling themselves ‘Justice Blade’ published leaked data from Smart Link BPO Solutions, an outsourcing IT vendor working with major enterprises and government agencies in the Kingdom of Saudi Arabia and other countries in the GCC.

Communications

Communications Government Data breaches Education

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. European Commission has chosen the Signal app to secure its communications. The best news of the week with Security Affairs.

Security

Security Ransomware Military Data breaches

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” The activity will be completed in the coming months.

Government

Government Communications Risk Cybersecurity

China-linked APT Earth Baku targets Europe, the Middle East, and Africa

Security Affairs

AUGUST 14, 2024

The group targeted multiple industries, including media and communications, telecoms, technology, healthcare, and education and government entities. Trend Micro researchers observed the APT targeting countries like Italy, Germany, UAE, and Qatar, and the group is suspected to have targeted also entities in Georgia and Romania.

Encryption

Encryption Education Communications Access

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. Click to enlarge. PEACE HOSTING?

Cloud

Cloud Education Government Communications

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Yet, there’s still work to be done to make this path more accessible and known among the veteran and transitioning military community. Fundamentally, cybersecurity professionals identify weaknesses and design systems and processes to protect any organization — government agencies, private companies — from cyberattacks.

Cybersecurity

Cybersecurity Military Education Government

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

In recent years, the researchers observed the group expanding its operations to include financial institutions and government entities. PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications.

Communications

Communications Military Government Libraries

FritzFrog cryptocurrency P2P botnet targets Linux servers over SSH

Security Affairs

AUGUST 19, 2020

The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in government, education, and finance sectors. In this network with no single point-of-failure, peers constantly communicate with each other to keep the network alive, resilient and up-to-date.”

Encryption

Encryption Mining Communications Access

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report. .

Energy and Utilities

Energy and Utilities Military Government Phishing

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. Microsoft’s initial advisory about the Exchange flaws credited Reston, Va.

Cybersecurity

Cybersecurity Government Cleanup Cloud

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

MAY 14, 2021

“After that, you will be free to communicate with them wherever you want in any way you want,” the instructions read. The word ‘ransomware’ has been put on a par with a number of unpleasant phenomena, such as geopolitical tensions, extortion, and government-backed hacks. This word has become dangerous and toxic.”

Ransomware

Ransomware Education Communications Access

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

According to Microsoft, the campaign aims at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

Communications

Communications Manufacturing Access Archiving

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Targeted Sector Vulnerabilities: Financial Services, IT, Healthcare, Education, and Government sectors have emerged as primary targets, with attackers fine-tuning their strategies to exploit specific vulnerabilities within these industries. About the Author: Stefanie Shank.

Security

Security Phishing Communications Financial Services

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Communications Authentication Access

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

For instance, if you have employees in China and the EU, you’ll have to obtain Chinese government approval to provide data from China to EU authorities enforcing the GDPR. Government Monitoring. In some countries, government agencies may monitor your employees’ web activity. Slow Communication. Unsecured Wi-Fi.

Communications

Communications Cybersecurity GDPR Risk

Chinese APT Group Uses New Tradecraft to Live Off the Land

Data Breach Today

JUNE 26, 2023

Group Targeting Transportation, Construction, Government Agencies, CrowdStrike Says A Chinese state hacker is using novel tradecraft to gain initial access to victim systems, according to CrowdStrike.

Manufacturing

Manufacturing Education Communications Government

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes. We even tested them against the real thing!

Encryption

Encryption Military Education Communications

Seiko confirmed a data breach after BlackCat attack

Security Affairs

OCTOBER 26, 2023

“As part of our ongoing response, we temporarily blocked external communication with the affected servers and have installed EDR (Endpoint Detection and Response) systems on all servers and PCs to detect unauthorized activity. SII) were compromised.” ” reads the update published by Seiko.

Data breaches

Data breaches Ransomware Personal data Cybersecurity

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The operators have recently been observed using the Chisel tunneling tool for C2 communication.

Ransomware

Ransomware Encryption Cybersecurity Communications

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Hunton Privacy

JULY 5, 2022

On June 21, 2022, President Biden signed into law, the State and Local Government Cybersecurity Act of 2021 (S. 1097) (the “Cyber Workforce Program Act”), two bipartisan bills aimed at enhancing the cybersecurity postures of the federal, state and local governments.

Cybersecurity

Cybersecurity Government Education Communications

Mishing Is the New Phishing — And It’s More Dangerous

eSecurity Planet

FEBRUARY 26, 2025

As businesses rely more on mobile devices for authentication and communication, these evolving threats are slipping past conventional security defenses, putting corporate networks at greater risk. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing

Phishing Data breaches Education Risk

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

As a result, you will prevent unauthorized access or communication interception. As an example, we could use communications between systems that are not properly encrypted. Hackers or other malicious sources can intercept poorly encrypted communications on the web. Instead, you should change your credentials regularly.

IoT

IoT Cybersecurity Passwords Manufacturing

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. million to mitigate the May Royal ransomware attack appeared first on Security Affairs.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” concludes Microsoft.

IoT

IoT Military Access Education

Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

Security Affairs

MAY 15, 2023

The highly-targeted attacks aim at organizations in government, aviation, education, and telecom sectors. The instances of the Merdoor backdoor analyzed by the researchers only differ for the embedded and encrypted configuration, which includes C2 communication method, service details, and the installation directory.

Encryption

Encryption Phishing Communications Education

The Difference Between Human and Machine Identities

Security Affairs

MARCH 3, 2022

Along with this comes the need for secure communication as machines operate increasingly on behalf of humans. But instead of usernames and passwords, machines use keys and certificates that serve as machine identities so they can connect and communicate securely. About the author: Anastasios Arampatzis.

Digital transformation

Digital transformation IoT Passwords Cloud

FBI seized 48 domains linked to DDoS-for-Hire service platforms

Security Affairs

DECEMBER 15, 2022

The services were involved in attacks against millions of individuals and organizations in multiple industries, including educational institutions, government agencies, and gaming platforms. The suspects offered the services claiming they were legitimate “stresser” services that could used by organizations for network testing.

Education

Education Communications Government Access

China’s Volt Typhoon botnet has re-emerged

US SEC warns investors of ongoing fraudulent communications claiming from the SEC

Webinars

Trending Sources

Information Governance – 3 Common Pitfalls and How to Avoid Them

Webinars

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

China-linked APT Volt Typhoon linked to KV-Botnet

Akira ransomware received $42M in ransom payments from over 250 victims

New Agent Raccoon malware targets the Middle East, Africa and the US

DePriMon downloader uses a never seen installation technique

FBI chief says China is preparing to attack US critical infrastructure

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Symantec uncovered the link between China-Linked Thrip and Billbug groups

‘Justice Blade’ Hackers are Targeting Saudi Arabia

Security Affairs newsletter Round 253

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

China-linked APT Earth Baku targets Europe, the Middle East, and Africa

Stark Industries Solutions: An Iron Hammer in the Cloud

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

FritzFrog cryptocurrency P2P botnet targets Linux servers over SSH

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

China-linked APT Volt Typhoon targets critical infrastructure organizations

Unmasking 2024’s Email Security Landscape

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

Chinese APT Group Uses New Tradecraft to Live Off the Land

GCHQ implements World War II cipher machines in encryption app CyberChef

Seiko confirmed a data breach after BlackCat attack

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

The U.S. CISA and FBI warn of Royal ransomware operation

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Mishing Is the New Phishing — And It’s More Dangerous

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

The Difference Between Human and Machine Identities

FBI seized 48 domains linked to DDoS-for-Hire service platforms

Stay Connected