Document - Information Management Today

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” reads the alert.

Passwords

Passwords Ransomware Personal data Risk

Selecting an Intelligent Document Processing Solution

AIIM

NOVEMBER 14, 2024

Intelligent document processing (IDP) solutions are emerging that combine AI with IDP to revolutionize client and document onboarding and processing.

Financial Services

Financial Services Insurance Artificial Intelligence

How Intelligent Document Processing is Revolutionizing Document Management

AIIM

OCTOBER 31, 2024

One such technology is intelligent document processing (IDP), powered by artificial intelligence (AI). In this blog post, I’ll define intelligent document processing (IDP) and outline some key benefits of IDP. Forward-thinking organizations seek technologies that streamline operations, reduce errors and improve productivity.

Artificial Intelligence

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Chinese Hacking Contractor iSoon Leaks Internal Documents

Data Breach Today

FEBRUARY 20, 2024

Company Mainly Hacked for the Ministry of Public Security An apparent leak of internal documents from a Chinese hacking contractor paints a picture of a disaffected, poorly paid workforce that nonetheless penetrated multiple regional governments and possibly NATO.

Information Security

Information Security Government Security

Best Practices for Modern Records Management and Retention

Speaker: Sean Baird, Director of Product Marketing at Nuxeo

Documents are at the heart of many business processes. Exploding volumes of new documents, growing and changing regulatory requirements, and inconsistencies with manual, labor-intensive classification requirements prevent organizations from consistent retention practices.

Records Management

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption

Encryption Military Phishing Communications

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

NOVEMBER 12, 2024

Law enforcement warned that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. Three iPhones running iOS 18.0

Encryption

Encryption Passwords Security Communications

Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia

Security Affairs

MAY 1, 2024

NSA employee has been sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia. Dalke pleaded guilty to six counts of attempting to transmit classified documents to a foreign agent while he was working at the NSA. A former U.S.

Encryption

Encryption Government Security Access

Unlock the Future of Document Management: How AI is Revolutionizing Intelligent Document Processing

AIIM

NOVEMBER 7, 2024

In this blog post, I want to share how AI is having a dramatic impact on intelligent document processing (IDP). I will share three use cases that demonstrate the impact AI is having.

Artificial Intelligence

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Security Affairs

NOVEMBER 8, 2024

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. Below is the hypothesis reported in the document.

Communications

Communications Passwords Security IT

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure. DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Cisco’s technologies.

Data breaches

Data breaches Access Cloud Security

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Allegedly, invoice receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality pic.twitter.com/Tad7LeOcsk — HackManac (@H4ckManac) December 6, 2024 According to the announcement published by the group on its Tor leak site, stolen data includes: Invoice Receipts (..)

Ransomware

Ransomware Personal data Security IT

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

“In at least two cases Amnesty International documented, the Cellebrite UFED product and associated exploits were used to covertly bypass phone security features, enabling Serbian authorities to infect the devices with NoviSpy spyware. . ” reported the Associated Press. ” concludes the report.

Personal data

Personal data Encryption Security Privacy

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The RAR archive analyzed by the Ukrainian CERT-UA contains the document Algorithm_LegalAid.xlsm.Upon opening the document and enabling the macro, a PowerShell command will be executed. The script will download and run the.NET bootloader MSCommondll.exe,which in turn will download and run the malware DarkCrystal RAT.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

The group claimed to have stolen 500GB of data including Finacial data, Organisation data, Users data and personal documents, NDA’s, Confidential data, and more. As proof of the data breach, the group published multiple screenshots, including pictures of passports and other documents.

Ransomware

Ransomware Blockchain Insurance Data breaches

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. European, and Asian entities. systems. .”

Government

Government Cybersecurity Access IT

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

Some documents detail the use of web content monitoring services to enforce censorship for public and private sector customers. ” The leaked documents show that TopSec worked on projects for China’s Ministry of Public Security in Dandong, Songjiang, and Pudong, including a Cloud Monitoring Service Project in Shanghai. .

Cybersecurity

Cybersecurity Government Cloud Security

Why Information Management Practitioners Should Care about Document Capture Standards

AIIM

DECEMBER 5, 2024

As an advocate for advanced imaging technologies and standards, I'm often asked why information management practitioners should care about imaging standards like those developed by the TWAIN Working Group. The answer is simple yet profound: these standards are crucial for efficient, accurate, and secure information acquisition and management.

Security

Ukraine’s GUR hacked the Russian Ministry of Defense

Security Affairs

MARCH 4, 2024

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. software used by the Russian Ministry of Defense to encrypt and protect its data.

Military

Military Data breaches Encryption Government

Fidelity Investments suffered a second data breach this year

Security Affairs

OCTOBER 14, 2024

Fidelity Investments has informed attorney generals in various states that the attacker had created two customer accounts, which they used to obtain images of documents pertaining to Fidelity customers from an internal database. The company confirmed that financial data was not exposed and Fidelity customer accounts were not hacked.

Data breaches

Data breaches Financial Services Access Security

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Security Affairs

JANUARY 8, 2024

Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web after the US security company Ultra Intelligence & Communications suffered a data breach. ” reported the SwissInfo website.

Communications

Communications Ransomware Data breaches Manufacturing

Tor Project responded to claims that law enforcement can de-anonymize Tor users

Security Affairs

SEPTEMBER 20, 2024

Reporters uncovered documents showing four successful timing analyses in a single investigation, marking the first documented cases of this technique being used in the Tor network. “Reporters from Panorama and STRG_F were able to view documents that show four successful measures in just one investigation.

Privacy

Privacy Data collection Encryption Access

NATO is investigating a new cyber attack claimed by the SiegedSec group

Security Affairs

OCTOBER 5, 2023

NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. NATO announced it is investigating claims that a politically motivated threat actor called SiegedSec has breached its systems and leaked unclassified documents online. organizations, especially U.S.

Military

Military Security IT Access

INC RANSOM ransomware gang claims to have breached Xerox Corp

Security Affairs

DECEMBER 30, 2023

Xerox Corp provides document management solutions worldwide. The ransomware group published the images of eight documents, including emails and an invoice, as proof of the hack. The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp.

Ransomware

Ransomware Data breaches Communications IT

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Stolen data include contracts, financial and business documents, engineering projects, and employees personally identifiable information (PII), including Aadhar card numbers. A few days later, the ransomware gang Hive leaked the alleged stolen files on its Tor leak site. Who is Hunters International?

Ransomware

Ransomware Manufacturing IT Security

North Korea-linked Kimsuky APT attack targets victims via Messenger

Security Affairs

MAY 17, 2024

The attack chain starts with the theft of the identity of a real person in South Korea, then the victims were contacted via Facebook Messenger. Threat actors pretended to share private documents they had written with the victims. “The initial individual approach is similar to an email-based spear phishing attack strategy.

File names

File names Phishing Communications Security

SideWinder phishing campaign targets maritime facilities in multiple countries

Security Affairs

JULY 30, 2024

The domains and documents employed in the campaign as part of the first stage of the attack suggest threat actors are targeting of Pakistan, Egypt and Sri Lanka. In recent campaign, the threat actors used meticulously crafted documents that appear to be legitimate and familiar to the target.

Phishing

Phishing Military Access IT

GitLab addressed critical auth bypass flaws in CE and EE

Security Affairs

MARCH 13, 2025

. “On GitLab CE/EE instances using SAML authentication, under certain circumstances, an attacker with access to a valid signed SAML document from the IdP could authenticate as another valid user within the environment’s SAML IdP.” ” reads a technical analysis of the two critical flaws.

Authentication

Authentication Libraries Data breaches Security

VMware fixed five vulnerabilities in Aria Operations product

Security Affairs

NOVEMBER 27, 2024

Below is the response matrix published by VMware: Product Version Running On CVE CVSSv3 Severity Fixed versions Workaround Additional Documents VMware Aria Operations 8.x x Any CVE-2024-38830, CVE-2024-38831, CVE-2024-38832,CVE-2024-38833, CVE-2024-38834 7.8 , 7.8 , 7.1 , 6.8 , 6.5 Important 8.18.2 Important 8.18.2 Important 8.18.2

Cloud

Cloud Access IT Security

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records

WIRED Threat Level

NOVEMBER 20, 2023

A WIRED analysis of leaked police documents verifies that a secretive government program is allowing federal, state, and local law enforcement to access phone records of Americans who are not suspected of a crime.

Access

Access Government Privacy Security

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Security Affairs

JANUARY 18, 2024

Recently, TAG has observed COLDRIVER delivering custom malware via phishing campaigns using PDFs as lure documents. In November 2022, TAG spotted COLDRIVER sending targets benign PDF documents from impersonation accounts. “Once executed, SPICA decodes an embedded PDF, writes it to disk, and opens it as a decoy for the user.

Phishing

Phishing Encryption Military Archiving

A phishing campaign targets Ukrainian military entities with drone manual lures

Security Affairs

SEPTEMBER 25, 2023

Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. Upon opening the document, a malicious JavaScript embedded inside one of the HTML pages is executed. The lure file (“Інфо про навчання по БПЛА для військових.v2.2.chm”

Military

Military Phishing Communications IT

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

On February 16th, an account linked to that email uploaded a batch of files including marketing documents, images, screenshots, and a substantial collection of WeChat messages exchanged between I-SOON employees and clients. The alleged data breach revealed the capabilities of the China-linked hacking contractor.

Government

Government IoT Marketing Data breaches

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Security Affairs

MARCH 8, 2024

million files, and 65,000 documents were classified by NCSC as data relevant to the Federal Administration. 278 Federal Administration’s files contained technical information, encompassing documentation on IT systems, software requirement documents, or architectural descriptions. Threat actors stole and leaked roughly 1.3

Ransomware

Ransomware Data breaches Unstructured data Personal data

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

Codify Findings and Recommendations Finally, you’ll need to document your findings – including identified vulnerabilities, potential risks, and areas for improvement – and offer recommendations for enhancing your DLP strategy based on those findings. Automated testing resources such as DLPtest.com are invaluable for this process.

Risk

Risk Cybersecurity Cloud Compliance

Real estate agency exposes details of 690k customers

Security Affairs

DECEMBER 21, 2023

Businesses employ MongoDB to organize and store large swaths of document-oriented information. The exposed database hosted over 100K links with scanned documents hosted on a Goyzer domain. The data was leaked via a publicly exposed and passwordless MongoDB database, which has since been closed.

Archiving

Archiving Phishing Cybersecurity Risk

Iranian crypto exchange Bit24.cash leaks user passports and IDs

Security Affairs

JANUARY 7, 2024

During the KYC process, which aims to curb criminal activity, users are required to confirm their identity by uploading official documents. Considering the sensitive nature of these documents shared with exchanges, users rightfully expect organizations to safeguard them securely.

Access

Access Marketing Cloud Security

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

. “Subsequently, and using up to three different pseudonyms, he attacked international bodies and government-type organisations by accessing databases with personal information of employees and clients, as well as internal documents that were subsequently sold or freely published on forums.” ” concludes the statement.

Data breaches

Data breaches Information Security Government Access

Even Nvidia's CEO is obsessed with Google's NotebookLM AI tool

Collaboration 2.0

NOVEMBER 21, 2024

Nvidia CEO Jensen Huang spends a lot of time stuffing documents into Google's impressive AI tool. Here's why.

Is AI Making Banking Safer or Just More Complicated?

Data Breach Today

AUGUST 23, 2024

As Banks Combat Fraud, Customers Feel the Strain of Overly Cautious Measures In today’s AI-driven world, banks are becoming increasingly vigilant, often freezing accounts or demanding extensive documentation at the slightest hint of suspicious activity. Sending money, once a straightforward task, is now fraught with complexity.

The street lights in Leicester City cannot be turned off due to a cyber attack

Security Affairs

APRIL 23, 2024

A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all day and severely impacted the council’s operations The Leicester City Council suffered a cyber attack that severely impacted the authority’s services in March and led to the leak of confidential documents.

Ransomware

Ransomware IT Information Security Security

October ransomware attack on Dallas County impacted over 200,000 people

Security Affairs

JULY 11, 2024

In October 2023 the Play ransomware group hit Dallas County, Texas, and added the city to its Tor leak site claiming the theft of sensitive documents from multiple departments. Dallas refused to pay the ransom and the extortion group leaked the stolen documents in November 2023.

Ransomware

Ransomware Data breaches Cybersecurity Insurance

El Salvador suffered a massive leak of biometric data

Security Affairs

MAY 6, 2024

The threat actor, going by the alias ‘CiberinteligenciaSV,’ posted the 144 GB data dump to Breach Forums, writing that the leak included 5,129,518 high-definition photos, each labeled with the corresponding Salvadorian’s document identification (DUI) number.

Data breaches

Data breaches Cloud Risk Government

Ransomware Groups' Data Leak Blogs Lie: Stop Trusting Them

Data Breach Today

MARCH 15, 2024

That's not what data leak sites actually document.

Ransomware

FBI warns of malicious free online document converters spreading malware

Selecting an Intelligent Document Processing Solution

Webinars

Trending Sources

How Intelligent Document Processing is Revolutionizing Document Management

Webinars

Chinese Hacking Contractor iSoon Leaks Internal Documents

Best Practices for Modern Records Management and Retention

North Korea-linked Konni APT uses Russian-language weaponized documents

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia

Unlock the Future of Document Management: How AI is Revolutionizing Intelligent Document Processing

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

8Base ransomware group hacked Croatia’s Port of Rijeka

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Black Basta ransomware gang hit BT Group

FBI deleted China-linked PlugX malware from over 4,200 US computers

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Why Information Management Practitioners Should Care about Document Capture Standards

Ukraine’s GUR hacked the Russian Ministry of Defense

Fidelity Investments suffered a second data breach this year

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Tor Project responded to claims that law enforcement can de-anonymize Tor users

NATO is investigating a new cyber attack claimed by the SiegedSec group

INC RANSOM ransomware gang claims to have breached Xerox Corp

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

North Korea-linked Kimsuky APT attack targets victims via Messenger

SideWinder phishing campaign targets maritime facilities in multiple countries

GitLab addressed critical auth bypass flaws in CE and EE

VMware fixed five vulnerabilities in Aria Operations product

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

A phishing campaign targets Ukrainian military entities with drone manual lures

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

From Risk Assessment to Action: Improving Your DLP Response

Real estate agency exposes details of 690k customers

Iranian crypto exchange Bit24.cash leaks user passports and IDs

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Even Nvidia's CEO is obsessed with Google's NotebookLM AI tool

Is AI Making Banking Safer or Just More Complicated?

The street lights in Leicester City cannot be turned off due to a cyber attack

October ransomware attack on Dallas County impacted over 200,000 people

El Salvador suffered a massive leak of biometric data

Ransomware Groups' Data Leak Blogs Lie: Stop Trusting Them

Stay Connected