Document, Government, Information Security and Libraries

How Do You Mitigate Information Security Risk?

IT Governance

SEPTEMBER 5, 2024

Risk management is fundamental to information security and the international standard for information security management, ISO 27001. Previously , our head of GRC (governance, risk and compliance) consultancy, Damian Garcia, explained where to start with cyber security risk management: establishing a common vocabulary.

Information Security

Information Security Risk Security Compliance

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

MARCH 28, 2024

Out of the eight in-the-wild zero-day issues targeting Chrome in 2023, none of the vulnerabilities impacted the Document Object Model (DOM) and there were use-after-free issues. In 2023, the researchers observed a surge in zero-day vulnerabilities in third-party components and libraries that can impact all products that use them.

Government

Government Ransomware Libraries Access

Information Governance and the Records Lifecycle

The Texas Record

JUNE 28, 2021

In a nutshell, this is information governance. ARMA defines “information governance” as “the overarching and coordinating strategy for all organizational information. But how is information governance any different than records management? ” That sounds great! Extra Phases.

Information governance

Information governance Government Records Management e-Discovery

Webinars

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

MORE WEBINARS

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. ” reads the issued by French CERT. Pierluigi Paganini.

Ransomware

Ransomware Government Encryption Passwords

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Security Affairs

SEPTEMBER 6, 2023

Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. Storm-0558 threat actors focus on government agencies in Western Europe and were observed conducting cyberespionage, data theft, and credential access attacks.

Authentication

Authentication Libraries Access Government

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

IT Governance

NOVEMBER 6, 2023

Library branches remain open, Wi-Fi is still available and materials can still be borrowed. Records breached: According to the library’s 4 November update , there is “no evidence that the personal information of our staff or customers has been compromised”. However, public computers and printing services are unavailable.

Data Privacy

Data Privacy Privacy Security Libraries

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The CISA agency is warning of a surge in Emotet attacks targeting multiple state and local governments in the US since August. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. since August.

Government

Government Libraries Cybersecurity Phishing

New Emotet attacks use a new template urging recipients to upgrade Microsoft Word

Security Affairs

OCTOBER 25, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. doc) attachments or include links to download the bait document. since August.

Ransomware

Ransomware Libraries Cybersecurity Government

Iran-linked threat actors compromise US Federal Network

Security Affairs

NOVEMBER 16, 2022

. “CISA obtained four malicious files for analysis during an on-site incident response engagement at a Federal Civilian Executive Branch (FCEB) organization compromised by Iranian government sponsored advanced persistent threat (APT) actors.” ” reads the Malware Analysis Report (AR22-320A) published by CISA.

Mining

Mining Government Cybersecurity Libraries

Russia-linked APT29 abuses EU information exchange systems in recent attacks

Security Affairs

MARCH 15, 2023

Russia-linked APT29 group abused the legitimate information exchange systems used by European countries to target government entities. The attack chain commences with a spear-phishing email containing a weaponized document, which contains a link leading to the download of an HTML file.

Metadata

Metadata Government Libraries Phishing

The Emotet botnet is back and hits 100K recipients per day

Security Affairs

DECEMBER 26, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. since August.

Ransomware

Ransomware Libraries Cybersecurity IT

Malicious file analysis – Example 01

Security Affairs

AUGUST 9, 2022

Microsoft Office Documents. Microsoft Office Documents. From a security point of view files of the types DOC, DOCX, XLS, XLSX, and XLSM, have a common issue, they can contain macros which are embedded scripts that are executed inside the file. olevba is a script to parse OLE and OpenXML files such as MS Office documents (e.g.

Libraries

Libraries Metadata Education Security

US disrupts Russia-linked Snake implant’s network

Security Affairs

MAY 10, 2023

The US government announced to have disrupted the peer-to-peer (P2P) network of computers compromised by the Snake malware. The malware has been designed and used by Center 16 of Russia’s Federal Security Service (FSB) in cyber espionage operations on sensitive targets. . ” reads the press release published by DoJ.

Government

Government Libraries Cybersecurity Security

China-linked LuminousMoth APT targets entities from Southeast Asia

Security Affairs

JULY 14, 2021

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. The Dropbox link leads to a RAR archive that masquerades as a Word document by setting the “file_subpath” parameter to point to a filename with a.DOCX extension.

Archiving

Archiving File names Government Libraries

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

Security Affairs

DECEMBER 31, 2020

The malicious emails sent by the NVSC’s infected computers were received by the representatives of the Government of the Republic of Lithuania, ministries, as well as researchers that were contacted by the national center during epidemiological diagnostics. since August.

Passwords

Passwords Archiving Libraries Government

How to write an ISO 27001-compliant risk assessment procedure

IT Governance

NOVEMBER 15, 2019

As part of your ISO 27001 certification project, your organisation will need to prove its compliance with appropriate documentation. ISO 27001 says that you must document your information security risk assessment process. Key elements of the ISO 27001 risk assessment procedure. Clause 6.1.2 Identify risks. Analyse risks.

Risk

Risk Information Security Libraries Compliance

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

Patch your TeamCity instance to avoid server hack Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Artificial Intelligence

Artificial Intelligence Security Ransomware Data breaches

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Archiving

Archiving Military Communications Phishing

Threat actors continue to exploit Log4Shell in VMware Horizon Systems

Security Affairs

JUNE 24, 2022

The CVE-2021-44228 flaw made the headlines in December, after Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for the critical remote code execution zero-day vulnerability ( aka Log4Shell ) that affects the Apache Log4j Java-based logging library.

Access

Access Libraries Cybersecurity Security

Serpent backdoor targets French entities with high-evasive attack chain

Security Affairs

MARCH 21, 2022

The campaign targeted French entities in the construction, real estate, and government industries. The phishing messages uses a weaponized Microsoft Word document masquerading as information relating to the “règlement général sur la protection des données (RGPD)” or the European Union’s General Data Protection Regulations (GDPR).

Libraries

Libraries GDPR Phishing Government

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. doc) attachments or include links to download the bait document. since August.

File names

File names Libraries Ransomware Security

Zeus Sphinx continues to be used in Coronavirus-themed attacks

Security Affairs

MAY 12, 2020

The Zeus Sphinx malware was first observed on August 2015, a few days after a new variant of the popular Zeus banking trojan was offered for sale on hacker forums, At the end of March, experts from IBM X-Force uncovered a hacking campaign employing the Zeus Sphinx malware that focused on government relief payment.

Libraries

Libraries Sales Government IT

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

Security Affairs

AUGUST 26, 2021

According to coordinated reports published by FireEye and Pulse Secure in May, two hacking groups have exploited the zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. SecurityAffairs – hacking, Pulse Secure).

Security

Security Authentication Libraries Passwords

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

Article 28 lays out the obligation requirements that govern the relationship between data controllers and processors. Third party processor agreements need to be reviewed in the context of GDPR compliance obligations, particularly, compliance accountability, data transfer provisions and data security requirements.

GDPR

GDPR Compliance Privacy Data Privacy

Weekly podcast: Australian Cabinet Files, Matt Hancock MP’s app and Monero mining

IT Governance

FEBRUARY 1, 2018

This week, we discuss the Australian government’s loss of thousands of classified documents, DCMS Secretary of State Matt Hancock’s buggy new app and the growing trend of cybercriminals using cryptocurrency miners. Hello and welcome to the IT Governance podcast for Friday, 2 February 2018.

Mining

Mining Blockchain Government Libraries

What is ISO 20614, and why does it matter?

Everteam

OCTOBER 22, 2019

The search to ensure the privacy and protection of digital and physical information is an ongoing one. While physical information security has been practiced for centuries, most people view digital information security as a new concern. Library of Congress, Online Privacy Law.

Archiving

Archiving IT Privacy GDPR

APT10 is back with two new loaders and new versions of known payloads

Security Affairs

MAY 27, 2019

The APT10 group has added two new malware loaders to its arsenal and used in attacks aimed at government and private organizations in Southeast Asia. In April 2019, China-linked cyber-espionage group tracked as APT10 has added two new loaders to its arsenal and used it against government and private organizations in Southeast Asia.

Libraries

Libraries Phishing Government Cloud

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

We noticed that the TTP of the group is almost the same leveraging a weaponized document with a fake certificate of request of an Indian public fund. Static information about the malicious macro. The document presents itself as a request for a DSOP FUND (Defence Services Officers Provident Fund ). Technical Analysis.

Military

Military Communications Encryption IT

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. Hello and welcome to the final IT Governance podcast of 2018. For more information on each story, simply follow the links in the transcript on our blog.

Data breaches

Data breaches Personal data Access GDPR

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Establishing Records Management at Brandeis—The First Eighteen Months

Brandeis Records Manager

MAY 27, 2015

We made early acquaintances with Legal and Information Security leaders. Our initial client service engagements—managed offsite storage and retrieval, secure document shredding, digitization, and, recently, electronic redaction—began in March of 2014. We were proactive with offers to present on the program at any venue.

Records Management

Records Management Communications Paper Mining

A WhatsApp zero-day exploit can cost several million dollars

Security Affairs

OCTOBER 5, 2023

TechCrunch reported that a zero-day exploits for popular applications like WhatsApp “are now worth millions of dollars” TechCrunch obtained leaked documents that demonstrate that, as of 2021, a zero-click, zero-day exploit for the Android version of WhatsApp had a bounty between $1.7 and $8 million.

Marketing

Marketing Libraries Sales Government

A new trojan Lampion targets Portugal

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. To get details about the library inside the 0.zip

Passwords

Passwords e-Discovery IT Cleanup

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The group also claimed the hack of the British Library and China Energy Engineering Corporation. Rhysida has allegedly breached more critical infrastructure. reads the joint advisory.

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

GossiTheDog @SOSIntel @UK_Daniel_Card @LisaForteUK pic.twitter.com/L7A3XNNxU7 — Dominic Alvieri (@AlvieriD) November 29, 2023 The group published images of stolen documents as proof of the hack. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware. “Unique files are presented to your attention!

Ransomware

Ransomware Manufacturing Education Libraries

The Evolution of Aggah: From Roma225 to the RG Campaign

Security Affairs

AUGUST 6, 2019

The attack attribution is still unclear but the large scale of the malicious activities has also been confirmed by Unit42, who reported attack attempt against government verticals too. . Table 1: Information about the RevengeRAT malicious macro dropper. Figure 7: Static information about payload described in table 2.

Libraries

Libraries IT Education Security

e-Records 2017: “Teacher Retirement System of Texas: The Information Governance Journey”

The Texas Record

DECEMBER 18, 2017

Information Governance: Take Control and Succeed. The Public Information Act and Updates from 85th Legislative Session. Establishing Information Governance for Local Governments in Microsoft SharePoint and Office 365. Data Protection and Information Governance across Data Silos.

Information governance

Information governance Government Records Management Computer and Electronics

Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

Security Affairs

AUGUST 3, 2023

The researchers pointed out that they haven’t found online documented data purge processes for device decommissioning. The Alaris security team explained that the documentation is only accessible to customers that have a support contract with Becton, Dickinson and Company (BD). ” continues the analysis.

Marketing

Marketing Authentication Communications Manufacturing

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Security Affairs

JULY 7, 2020

Lampion was first documented in December 2019 , and it was distributed in Portugal via phishing emails using templates based on the Portuguese Government Finance & Tax. The text is written in Portuguese, and just the logo at the end of the document was changed between May and July malware versions.

Communications

Communications Cloud Phishing Encryption

The Hacker Mind Podcast: Hacking Charity

ForAllSecure

JULY 28, 2021

I've met people that have library skills, and you would wonder well how is that going to apply to hacking and then they get a job in an InfoSec role, you know, keeping all of the compliance documentation together whatever right, wherever your skills are you can probably apply them here.

Computer and Electronics

Computer and Electronics Communications Education IT

A Practical Guide to Cyber Incident Response

IT Governance

MAY 24, 2024

You also want systems that log system activity and forward them to a centralised SIEM solution or SOC [security information and event management, security operations centre]. These types of technological solutions are essential to process huge amounts of information [security events like access logs].

Security

Security Risk Ransomware Phishing

EP 49: LoL

ForAllSecure

JUNE 21, 2022

Sometimes it can be really complex DLLs and they call that hijacking or DLL hijacking and what they'll do is they'll use a legitimate program that depends on a library, bring their malicious library with them and it gets sometimes side loaded. Kyle was doing this for the government, doing this for the good of a nation.

Ransomware

Ransomware Marketing IT Libraries

Top Risk Management Software Vendors

eSecurity Planet

APRIL 2, 2021

You can create unlimited, customizable dashboards, which makes this a powerful tool for small, medium and large enterprises that need to monitor and resolve risk, as well as maintain governance, risk and compliance (GRC). . Netwrix Auditor is a cloud-based risk visibility and governance platform. Third-party risk assessment.

Risk

Risk Compliance Artificial Intelligence Cloud

Is APT27 Abusing COVID-19 To Attack People ?!

Security Affairs

MARCH 19, 2020

Governments are doing their best to mitigate such a virus while people are stuck home working remotely using their own equipment. XSL StyleSheet Document MiZl5xsDRylf0W.tmp. The executable DLL must be in the same path of Wordcnvpxy.exe and it needs to have such a filename (imposed by Stage 2 and hardcoded into the library).

Computer and Electronics

Computer and Electronics IT Encryption Security

How Do You Mitigate Information Security Risk?

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Webinars

Trending Sources

Information Governance and the Records Lifecycle

Webinars

CERT France – Pysa ransomware is targeting local governments

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

CISA alert warns of Emotet attacks on US govt entities

New Emotet attacks use a new template urging recipients to upgrade Microsoft Word

Iran-linked threat actors compromise US Federal Network

Russia-linked APT29 abuses EU information exchange systems in recent attacks

The Emotet botnet is back and hits 100K recipients per day

Malicious file analysis – Example 01

US disrupts Russia-linked Snake implant’s network

China-linked LuminousMoth APT targets entities from Southeast Asia

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

How to write an ISO 27001-compliant risk assessment procedure

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Threat actors continue to exploit Log4Shell in VMware Horizon Systems

Serpent backdoor targets French entities with high-evasive attack chain

Emotet operators are running Halloween-themed campaigns

Zeus Sphinx continues to be used in Coronavirus-themed attacks

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

Weekly podcast: Australian Cabinet Files, Matt Hancock MP’s app and Monero mining

What is ISO 20614, and why does it matter?

APT10 is back with two new loaders and new versions of known payloads

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Weekly podcast: 2018 end-of-year roundup

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Establishing Records Management at Brandeis—The First Eighteen Months

A WhatsApp zero-day exploit can cost several million dollars

A new trojan Lampion targets Portugal

Rhysida ransomware group hacked Abdali Hospital in Jordan

Rhysida ransomware group hacked King Edward VII’s Hospital in London

The Evolution of Aggah: From Roma225 to the RG Campaign

e-Records 2017: “Teacher Retirement System of Texas: The Information Governance Journey”

Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

The Hacker Mind Podcast: Hacking Charity

A Practical Guide to Cyber Incident Response

EP 49: LoL

Top Risk Management Software Vendors

Is APT27 Abusing COVID-19 To Attack People ?!

Stay Connected