Encryption - Information Management Today

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. The malware bypasses Chrome’s App-Bound Encryption by utilizing the IElevator service, a method that was disclosed in October 2024. Gen Digital observed phishing campaigns distributing the Glove Stealer.

Encryption

Encryption File names Phishing Passwords

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

JANUARY 15, 2025

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. The ransomware group Codefinger utilizes an AES-256 encryption key they generate and store locally.

Encryption

Encryption Ransomware Authentication Cloud

Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Security Affairs

JANUARY 3, 2025

Over 3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. ShadowServer researchers reported that around 3.3 We see around 3.3M It's time to retire those!

Encryption

Encryption Passwords Access Communications

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. Unlike modern ransomware it doesn’t rely on sophisticated encryption algorithms and modifies BitLocker configurations to encrypt a system’s drives.

Ransomware

Ransomware Encryption Passwords Authentication

The Modern Encryption Software Checklist: The Secret to Understanding Your Data Security Needs

The following checklist is built to help you evaluate the scope of services offered by various encryption solutions on the market and covers questions on the following topics: Encryption. Understanding your data security needs is tough enough, but what can be even more difficult is choosing the right software to fit your company.

Encryption

Australian Police Arrest Alleged Head of Ghost Encrypted App

Data Breach Today

SEPTEMBER 18, 2024

International Law Enforcement Dismantles End-to-End Encrypted Messaging Service An international law enforcement operation dismantled the Ghost encrypted messaging service in a takedown that resulted in the arrest of 51 suspects across three continents including alleged members of the Italian Mafia and motorcycle gangs.

Encryption

European Police Disrupt Matrix Encrypted Service

Data Breach Today

DECEMBER 4, 2024

Platform Used for Drugs, Arms Trafficking and Money Laundering French and Dutch police led the takedown of an encrypted messaging platform used in international drug and arms trafficking. Dutch police discovered the app, named Matrix, on the phone of a criminal convicted in 2021 of murdering a journalist.

Encryption

ISMG Editors: How Arrest of Telegram CEO Affects Encryption

Data Breach Today

SEPTEMBER 6, 2024

Also: AI's Role in Cybersecurity; New Fraud Prevention Rules In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments. (..)

Encryption

Encryption Artificial Intelligence Cybersecurity

European Police Disrupts Matrix Encrypted Service

Data Breach Today

DECEMBER 3, 2024

Platform Used for Drugs, Arms trafficking, and Money Laundering French and Dutch police led the takedown of an encrypted messaging platform used in international drug and arms trafficking. Dutch police discovered the app, named Matrix, on the phone of a criminal convicted in 2021 of murdering a journalist.

Encryption

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Trusted by millions of individuals and thousands of organizations, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging.

Passwords

Quantum Computing: A New Dawn for Encryption Vulnerabilities

Data Breach Today

MARCH 19, 2024

They highlight the need for proactive measures to protect digital assets from future breaches, deliver long-term data security and ensure the integrity of encryption. Expert Perspectives on Protecting Data and Developing Quantum-Safe Cryptography As quantum computing looms, experts emphasize the urgency of embracing quantum-safe strategies.

Encryption

Encryption Security

AMD fixed a flaw that allowed to load malicious microcode

Security Affairs

FEBRUARY 4, 2025

Researchers from Google disclosed an improper signature verification vulnerability, tracked asCVE-2024-56161 (CVSS score of 7.2), in AMD’s Secure Encrypted Virtualization (SEV). AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode.

Encryption

Encryption Security Access Information Security

If you're not working on quantum-safe encryption now, it's already too late

Collaboration 2.0

FEBRUARY 6, 2025

Quantum computers could soon break today's strongest encryption, putting sensitive data at risk. Let's dive deep into what this all means for telecommunications, security, AI, and our future.

Encryption

Encryption IT Risk Security

How to encrypt any email - in Outlook, Gmail, and other popular services

Collaboration 2.0

JANUARY 9, 2025

If you ever send emails that contain sensitive or private information, consider email encryption. Getting started is a lot easier than you'd expect.

Encryption

US Officials Recommend Using Encrypted Apps for Messaging

eSecurity Planet

FEBRUARY 26, 2025

Explore the risks of popular apps and why switching to encrypted alternatives is crucial. The post US Officials Recommend Using Encrypted Apps for Messaging appeared first on eSecurity Planet. Take control of your data and protect your privacy before its too late!

Encryption

Encryption Privacy Cybersecurity Risk

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Cybersecurity Access

Why Apple's RCS encryption move is a privacy game-changer for your texts

Collaboration 2.0

MARCH 14, 2025

Apple will add support for encrypted RCS messages in future updates to iOS, iPadOS, MacOS, and WatchOS.

Encryption

Encryption Privacy

Updated Qilin Ransomware Escalates Encryption and Evasion

Data Breach Today

OCTOBER 25, 2024

Rust-Based Ransomware Employs Aggressive Anti-Detection Tactics Operators of a Russian-speaking ransomware group launched a new encryptor with enhanced measures for defeating cyber defenders including wiping logs, disrupting backup systems and stopping decryption without insiders knowledge.

Ransomware

Ransomware Encryption

Why Apple's disabling of iCloud encryption in the UK is bad news for everyone

Collaboration 2.0

FEBRUARY 25, 2025

The UK's demand for an encryption backdoor in iCloud, and Apple's response, have repercussions that go far beyond national borders, threatening user privacy and security worldwide.

Encryption

Encryption Privacy Security

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

A version discovered by Check Point in September relied on Apple’s XProtect encryption algorithm for obfuscation, allowing it to evade antivirus detection until its source code leak in November. Elastic researchers noticed that regarding Safari, only the cookies are collected by the AppleScript script for the current version.

Archiving

Archiving Phishing Encryption Passwords

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 22, 2024

The security breach exposed low-sensitivity performance monitoring data, including customer usernames, account info, and encrypted internal credentials. A threat actor exploited a zero-day vulnerability in a non-Rackspace utility bundled with the ScienceLogic application. Rackspace helped ScienceLogic address this issue.

IT

IT Cybersecurity Encryption Cloud

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs

SEPTEMBER 2, 2024

ui : Displays real-time progress and statistics of the encryption process, such as the number of files encrypted. no_vm_ss : Encrypts files on ESXi hosts without shutting down running virtual machines, using the esxicli terminal and deleting snapshots. The ransomware uses a function called encrypt_file to handle file encryption.

Ransomware

Ransomware Encryption Libraries IT

J-magic malware campaign targets Juniper routers

Security Affairs

JANUARY 24, 2025

The reverse shell issued a challenge by sending an encrypted string using a hard-coded certificate. When a magic packet was detected, the agent spawned a reverse shell to the IP address and port specified by the packet. If the remote user returned the correct string, they were granted a command shell; otherwise, the connection was closed.

Encryption

Encryption Access Security IT

Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

Security Affairs

MAY 22, 2024

The authentication bypass vulnerability impacts GHES when using SAML single sign-on with encrypted assertions. “On instances that use SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, an attacker could forge a SAML response to provision and/or gain access to a user with administrator privileges.”

Authentication

Authentication Encryption IT Compliance

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware)

Ransomware

Ransomware Manufacturing Paper Archiving

The source code of Banshee Stealer leaked online

Security Affairs

NOVEMBER 26, 2024

The ZIP file is then XOR encrypted, base64 encoded, and sent via a POST request to a specified URL using the built-in cURL command. Banshee Stealer can also steal cryptocurrency from different wallets, including Exodus, Electrum, Coinomi, Guarda, Wasabi Wallet, Atomic and Ledger. concludes the report.

Archiving

Archiving Encryption Passwords IT

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware

Ransomware Encryption Metadata Manufacturing

Avast released a decryptor for DoNex Ransomware and its predecessors

Security Affairs

JULY 9, 2024

Upon execution, an encryption key is generated by CryptGenRandom() function. The malicious code uses the key to initialize ChaCha20 symmetric key and subsequently encrypt files. Once a file is encrypted, the symmetric file key is encrypted by RSA-4096 and appended to the end of the file.

Ransomware

Ransomware IT Encryption Passwords

Black Basta gang claims the hack of the UK water utility Southern Water

Security Affairs

JANUARY 23, 2024

In early January, independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor. The ransomware employs encryption based on a ChaCha keystream, which is utilized to perform XOR operations on 64-byte-long chunks of the file.

Encryption

Encryption Ransomware Blockchain Insurance

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

TIM.exe then loads a malicious launcher DLL libcurl.dll whichwilldecrypt and load the PLAYFULGHOST payload from an encrypted file named Debug.log.” . “Then, the LNK file launches QQLaunch.exe , a legitimate binary from Tencent QQ, which launches another legitimate binary TIM.exe which is a renamed version of the program CURL.

File names

File names Archiving Phishing Encryption

Researchers released a free decryptor for Black Basta ransomware

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware

Ransomware Encryption Blockchain Insurance

Linux variant of Cerber ransomware targets Atlassian servers

Security Affairs

APRIL 17, 2024

As such, the data the ransomware is able to encrypt is limited to files owned by the confluence user. It will of course succeed in encrypting the datastore for the Confluence application, which can store important information.” ” continues the report. 0” at startup and “/tmp/log.1”

Ransomware

Ransomware Encryption Access IT

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it. Earlier versions of the ransomware were written in C++ and the malware added the.akira extension to the encrypted files. “Akira threat actors utilize a sophisticated hybrid encryption scheme to lock data.

Ransomware

Ransomware Encryption Education Phishing

German BSI Forces Microsoft to Disclose Security Measures

Data Breach Today

JUNE 18, 2024

Company Publishes Information on Double Key Encryption Under Regulatory Pressure Following a legal intervention made by the German federal cybersecurity agency, Microsoft has disclosed additional information on encryption measures it adopted to secure its customer data.

Encryption

Encryption Security Paper Cybersecurity

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

NOVEMBER 12, 2024

The auto-reboot feature returns devices to a “Before First Unlock” restricting app access to encryption keys. The feature erases sensitive data from memory to prevent unauthorized extraction.

Encryption

Encryption Passwords Security Communications

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

The experts exploited the vulnerability to reconstruct encryption keys and developed a decryptor that allows victims of the Rhysida ransomware to recover their encrypted data for free. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware

Ransomware Encryption Paper Manufacturing

Russian Hackers Increase Attacks on Ukraine's Energy Sector

Data Breach Today

SEPTEMBER 30, 2024

Attackers Embrace Dating Sites and Encrypted Messaging Apps for Social Engineering Russian military and intelligence hacking teams continue to refine their Ukrainian targeting, lately shifting to online attacks designed to support and help Moscow's military operations succeed, including social engineering schemes launched via dating portals and encrypted (..)

Military

Military Encryption

A new Linux version of TargetCompany ransomware targets VMware ESXi environments

Security Affairs

JUNE 6, 2024

TargetCompany has been active since June 2021 , once encrypted a file it adds.mallox,exploit,architek, or.brg extension to the filenames of encrypted files. The malware then enters “VM mode” to encrypt files with specific extensions. TXT” in all folders containing encrypted files. The malware appends the “.locked”

Ransomware

Ransomware File names Encryption Communications

Apple created post-quantum cryptographic protocol PQ3 for iMessage

Security Affairs

FEBRUARY 24, 2024

Messaging services use classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. However, researchers believe that a sufficiently powerful quantum computer could compromise of end-to-end encrypted communications.

Encryption

Encryption Communications Authentication Security

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

Quantum computings ability to break todays encryption may still be years awaybut security leaders cant afford to wait. Related: Quantum standards come of age The real threat isnt just the eventual arrival of quantum decryptionits that nation-state actors are already stockpiling encrypted data in harvest now, decrypt later attacks.

Encryption

Encryption Financial Services Risk Libraries

Expert warns of Turtle macOS ransomware

Security Affairs

DECEMBER 1, 2023

The Turtle ransomware reads files into memory, encrypt them with AES (in CTR mode), rename the files, then overwrites the original contents of the files with the encrypted data. The malware adds the extension “ TURTLERANSv0 ” to the filenames of encrypted files. The binary also lacks of obfuscation.

Ransomware

Ransomware Encryption Archiving Cybersecurity

GitHub addressed a critical vulnerability in Enterprise Server

Security Affairs

OCTOBER 15, 2024

To exploit this vulnerability, the attacker needed GitHub Enterprise Server’s encrypted assertions feature enabled, direct network access, and a signed SAML response or metadata document. “Please note that encrypted assertions are not enabled by default. The flaw affects all versions of Enterprise Server prior to 3.15 and 3.14.2.

Metadata

Metadata Encryption Phishing Authentication

They Cracked the Code to a Locked USB Drive Worth $235 Million in Bitcoin. Then It Got Weird

WIRED Threat Level

OCTOBER 24, 2023

Stefan Thomas lost the password to an encrypted USB drive holding 7,002 bitcoins. One team of hackers believes they can unlock it—if they can get Thomas to let them.

Encryption

Encryption Passwords IT Blockchain

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Security Affairs

OCTOBER 3, 2023

Like all ransomware, this is a type of malware that, once introduced into an organization, encrypts the data and then requires the victim to pay a ransom in order to decrypt it. Encrypted file structure ransomware BlackCat / ALPHV: [ORIGINAL_FILENAME].[ORIGINAL_extension].specific/different Black The LockBit 3.0 ORIGINAL_extension].specific/different

Ransomware

Ransomware Encryption Access Cybersecurity

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Webinars

Trending Sources

Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Webinars

Bitdefender released a decryptor for the ShrinkLocker ransomware

The Modern Encryption Software Checklist: The Secret to Understanding Your Data Security Needs

Australian Police Arrest Alleged Head of Ghost Encrypted App

European Police Disrupt Matrix Encrypted Service

ISMG Editors: How Arrest of Telegram CEO Affects Encryption

European Police Disrupts Matrix Encrypted Service

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Quantum Computing: A New Dawn for Encryption Vulnerabilities

AMD fixed a flaw that allowed to load malicious microcode

If you're not working on quantum-safe encryption now, it's already too late

How to encrypt any email - in Outlook, Gmail, and other popular services

US Officials Recommend Using Encrypted Apps for Messaging

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Why Apple's RCS encryption move is a privacy game-changer for your texts

Updated Qilin Ransomware Escalates Encryption and Evasion

Why Apple's disabling of iCloud encryption in the UK is bad news for everyone

Banshee macOS stealer supports new evasion mechanisms

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

A new variant of Cicada ransomware targets VMware ESXi systems

J-magic malware campaign targets Juniper routers

Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

Cloak ransomware group hacked the Virginia Attorney General’s Office

The source code of Banshee Stealer leaked online

8Base ransomware operators use a new variant of the Phobos ransomware

Avast released a decryptor for DoNex Ransomware and its predecessors

Black Basta gang claims the hack of the UK water utility Southern Water

PLAYFULGHOST backdoor supports multiple information stealing features

Researchers released a free decryptor for Black Basta ransomware

Linux variant of Cerber ransomware targets Atlassian servers

Akira ransomware received $42M in ransom payments from over 250 victims

German BSI Forces Microsoft to Disclose Security Measures

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Researchers released a free decryption tool for the Rhysida Ransomware

Russian Hackers Increase Attacks on Ukraine's Energy Sector

A new Linux version of TargetCompany ransomware targets VMware ESXi environments

Apple created post-quantum cryptographic protocol PQ3 for iMessage

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

Expert warns of Turtle macOS ransomware

GitHub addressed a critical vulnerability in Enterprise Server

They Cracked the Code to a Locked USB Drive Worth $235 Million in Bitcoin. Then It Got Weird

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Stay Connected