Encryption, Libraries and Security - Information Management Today

Google discloses a severe flaw in widely used Libgcrypt encryption library

Security Affairs

FEBRUARY 1, 2021

Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. It’s also the crypto library used by systemd for DNSSEC. The team recommends users to stop using the vulnerable version of the library. which we released last week.

Libraries

Libraries Encryption Privacy IT

Malware attack took down 600 computers at Volusia County Public Library

Security Affairs

JANUARY 22, 2020

System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. 600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches in Daytona Beach, Florida, following a cyberattack.

Libraries

Libraries Ransomware Encryption Access

New Hive ransomware variant is written in Rust and use improved encryption method

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The most important change in the latest Hive variant is the encryption mechanism it adopts. ” reads the post published by Microsoft. ” continues Microsoft. .

Encryption

Encryption Ransomware Blockchain Libraries

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Google expert disclosed details of an unpatched flaw in SymCrypt library

Security Affairs

JUNE 12, 2019

Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft’s operating system. The flaw could be exploited by malicious programs trigger a denial of service condition by interrupting the encryption service for other programs. Pierluigi Paganini.

Libraries

Libraries Encryption Security IT

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

Security Affairs

MAY 29, 2023

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and.rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials.

Encryption

Encryption Phishing Authentication Libraries

New EvilQuest ransomware targets macOS users

Security Affairs

JULY 1, 2020

Security experts have uncovered a new piece of ransomware dubbed EvilQuest designed to encrypt macOS systems, it is also able to install additional payloads and potentially take over the infected machine. Once encrypted the file on the infected host, a popup is displayed to the victim, informing it that its files have been encrypted.

Ransomware

Ransomware Libraries Encryption Communications

OpenSSL version 3.0.5 fixes a flaw that could potentially lead to RCE

Security Affairs

JULY 7, 2022

The development team behind the OpenSSL project fixed a high-severity bug in the library that could potentially lead to remote code execution. The maintainers of the OpenSSL project fixed a high-severity heap memory corruption issue , tracked as CVE-2022-2274 , affecting the popular library. SecurityAffairs – hacking, encryption).

Libraries

Libraries Encryption Communications Security

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs

JANUARY 17, 2022

Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. Recently, the Chinese security firm Rising detected a Linux variant of the SFile ransomware that uses the RSA+AES algorithm mode. as the suffix name. .” ” reported The Record. . Pierluigi Paganini.

Ransomware

Ransomware Encryption Libraries Communications

Security Affairs newsletter Round 347

Security Affairs

JANUARY 2, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 347 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security

Security Ransomware Libraries Data breaches

Ransomware Toolkit Cryptonite turning into an accidental wiper

Security Affairs

DECEMBER 6, 2022

The encryption and decryption are not robust and the ransomware lack features like Windows Shadow Copy removal, File unlocking for a more thorough impact, Anti-analysis, and Defensive evasion (AMSI bypass, disabling event logging, etc.). At this point in this ransomware, the encryption process has already finished. Pierluigi Paganini.

Ransomware

Ransomware Encryption Libraries IT

Apple Mail stores parts of encrypted emails in plaintext DB

Security Affairs

NOVEMBER 10, 2019

The Apple Mail app available on macOS stores leave s a portion of users encrypted emails in plaintext in a database called snippets. The Apple expert Bob Gendler discovered that the Apple Mail app available on macOS stores leaves a portion of users encrypted emails in plaintext in a database called snippets. ” continues the post.

Encryption

Encryption Libraries Data collection Privacy

Hertzbleed Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips

Security Affairs

JUNE 15, 2022

Hertzbleed attack: Researchers discovered a new vulnerability in modern Intel and AMD chips that could allow attackers to steal encryption keys. In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure.” Is there a workaround?

Encryption

Encryption Libraries Security Cybersecurity

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

Quantum computings ability to break todays encryption may still be years awaybut security leaders cant afford to wait. Forresters The Future of Quantum Security makes it clear: the transition to quantum-safe cryptography must start now. So where should security leaders focus? Why is that a dangerous mindset?

Encryption

Encryption Financial Services Risk Libraries

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Security Affairs

JUNE 17, 2022

Experts discovered a feature in Microsoft 365 suite that could be abused to encrypt files stored on SharePoint and OneDrive and target cloud infrastructure. Researchers from Proofpoint reported that a feature in the in Microsoft 365 suite could be abused to encrypt files stored on SharePoint and OneDrive. ” continues the report.

Libraries

Libraries Encryption Ransomware Cloud

Security Affairs newsletter Round 300

Security Affairs

FEBRUARY 7, 2021

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 300 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the international press subscribe here.

Security

Security Ransomware Encryption Libraries

OpenSSL fixed two high-severity vulnerabilities

Security Affairs

NOVEMBER 2, 2022

The OpenSSL project fixed two high-severity flaws in its cryptography library that can trigger a DoS condition or achieve remote code execution. The OpenSSL project has issued security updates to address a couple of high-severity vulnerabilities, tracked as CVE-2022-3602 and CVE-2022-3786 , in its cryptography library.

Libraries

Libraries Encryption Authentication Communications

Security Affairs newsletter Round 343

Security Affairs

DECEMBER 5, 2021

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 343 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security

Security Healthcare Ransomware Libraries

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

This issue arises because the GeoTools library API, which GeoServer uses, evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library, allowing arbitrary code execution. GeoServer versions prior to 2.23.6, The vulnerability has been addressed in versions 2.23.6,

Libraries

Libraries Encryption Cybersecurity Access

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 18, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Libraries

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. The malware also downloads the Command-and-control (C2) URLs, C2 communication is encrypted using Base64, RC4, and Curve25519. . ” concludes the report.

Financial Services

Financial Services Libraries Encryption Authentication

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs

SEPTEMBER 2, 2024

These parameters, managed via the clap::args library, include options like: sleep : Delays execution of the ransomware by a specified number of seconds. ui : Displays real-time progress and statistics of the encryption process, such as the number of files encrypted. ” reported Truesec.

Ransomware

Ransomware Encryption Libraries IT

Security Affairs newsletter Round 370 by Pierluigi Paganini

Security Affairs

JUNE 20, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Pierluigi Paganini.

Security

Security Ransomware Libraries Encryption

EastWind campaign targets Russian organizations with sophisticated backdoors

Security Affairs

AUGUST 12, 2024

. “Attackers use the classic DLL sideloading technique: when the desktop.exe file is launched, the malicious VERSION.dll library is loaded into the corresponding process” reads the report published by Kaspersky. “This library is a backdoor packed with the VMProtect tool. It also bears similarities to PlugX.”

Libraries

Libraries Encryption Cloud Archiving

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. trendmrcio[.]com,

Ransomware

Ransomware Libraries File names Encryption

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware

Ransomware Encryption Paper Manufacturing

Message Decryption Key for Signal Desktop application stored in plain text

Security Affairs

OCTOBER 23, 2018

The flaw affects the process implemented by the Signal Desktop application to encrypt locally stored messages. Signal Desktop application leverages an encrypted SQLite database called db.sqlite to store the user’s messages. The encryption key is used each time Signal Desktop application accessed the database.

Encryption

Encryption Passwords Libraries Cybersecurity

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. ” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. newversion file extension instead of.

Ransomware

Ransomware Government Encryption Passwords

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Security Affairs

MAY 6, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Libraries Data breaches Ransomware

New PyLocky Ransomware stands out for anti-machine learning capability

Security Affairs

SEPTEMBER 12, 2018

Security experts from Trend Micro have spotted a new strain of ransomware involved in attacks in July and August, the malicious code was posing as the Locky ransomware. exe will drop malware components — several C++ and Python libraries and the Python 2.7 When successfully run, the Facture_23100.31.07.2018.exe Pierluigi Paganini.

Ransomware

Ransomware Libraries Encryption Archiving

Strong Encryption Explained: 6 Encryption Best Practices

eSecurity Planet

JANUARY 5, 2024

Strong encryption protects data securely from unauthorized access, but the specific algorithms that qualify as strong encryption change over time as computing power increases and researchers develop new ways to break encryption. What Makes an Encryption Algorithm Strong?

Encryption

Encryption Passwords Libraries Security

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

This Linux version is 64-bit and also uses the Boost library, it uses the Crypto++ library instead of Windows CryptoAPI. “During the run, the ransomware generates a symmetric encryption key using CryptGenRandom() , which is the random number generator implemented by Windows CryptoAPI. . Bernstein’s implementation ).”

Ransomware

Ransomware Encryption Libraries Education

1.2 million CPR numbers for Danish citizen leaked through tax service

Security Affairs

FEBRUARY 10, 2020

The good news is that according to the Agency, data was encrypted, it also added that Google and Adobe were not able to see the CP R numbers. “Google Hosted Libraries have been designed to remove all information that allows identifying users before logging on. ” states the Government Agency. “Google has accessed 1.2

Encryption

Encryption Libraries Access Government

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

Security researchers at Cylance discovered that the OceanLotus APT (also known as APT32 or Cobalt Kitty , group is using a loader leveraging steganography to deliver a version of Denes backdoor and an updated version of Remy backdoor. ” reads the report published by the experts.

Libraries

Libraries Encryption Communications Manufacturing

macOS: Bashed Apples of Shlayer and Bundlore

Security Affairs

JULY 14, 2021

These malware are the most predominant malware in macOS, also with a history of evading and bypassing the built-in Xprotect, Gatekeeper, Notarization and File Quarantine security features of macOS. Though the abused binaries and behavior is the same, the shell scripts come in different forms and variations to evade security scanners.

Encryption

Encryption Passwords Libraries Security

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Security Affairs

DECEMBER 31, 2021

CVE-2021-45732 : Configuration Manipulation via Hardcoded Encryption Routines. Researchers discovered multiple instances of known vulnerable jQuery libraries (such as jquery 1.4.2), for this reason, they are urging to update them to the latest available versions. CVE-2021-23147 : Insufficient UART Protection Mechanisms.

Communications

Communications Libraries Encryption Passwords

Telegram flaw could have allowed access to users secret chats

Security Affairs

FEBRUARY 16, 2021

Researchers at cyber security firm Shielder discovered a critical flaw affecting iOS, Android, and macOS versions of the instant messaging app Telegram. The “ rlottie ” folder caught their attention, it was the folder used for the Samsung native library for playing Lottie animations, originally created by Airbnb.

Access

Access Libraries Encryption Security

Security Affairs newsletter Round 188 – News of the week

Security Affairs

NOVEMBER 11, 2018

The best news of the week with Security Affairs. Apple T2 security chip in new MacBooks disconnects Microphone when lid is closed. Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain. Apache Struts users have to update FileUpload library to fix years-old flaws. 20% discount. Kindle Edition.

Security

Security IoT Insurance Libraries

New enhanced Joker Malware samples appear in the threat landscape

Security Affairs

JULY 16, 2021

Since 2019 experts found many Joker apps on Google Play store, in September 2019 security experts at Google removed from the store 24 apps. The developers are embedding Joker as a payload that can be encrypted in different ways, either a.dex file xored or encrypted with a number, or through the same. dex file as before.

Encryption

Encryption Libraries Cloud Security

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

The Mac version uses the same AES key and IV as the Linux variant to encrypt and decrypt the config file. Like the Linux variant, the backdoor communicates with the C&C using a TLS connection and encrypts data using the RC4 algorithm. “Both Mac and Linux variants use the WolfSSL library for SSL communications.

Libraries

Libraries Communications Encryption Authentication

Victims of Pylocky ransomware can decrypt their files for free

Security Affairs

JANUARY 11, 2019

Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. The good news is that security researcher Mike Bautista at Cisco Talos group released a decryption tool that allows them to decrypt their files for free. Pierluigi Paganini.

Ransomware

Ransomware Encryption Passwords Libraries

Microsoft Patch Tuesday security updates for June 2019 fix 88 flaws

Security Affairs

JUNE 12, 2019

Microsoft releases Patch Tuesday security updates for June 2019 that address 88 vulnerabilities in Windows OS and other products. ” reads the security advisory. Experts pointed out that Microsoft failed to address a flaw in SymCrypt , a core cryptographic function library currently used by Windows. Pierluigi Paganini.

Security

Security Authentication Libraries Encryption

A flaw in OpenSSH forwarded ssh-agent allows remote code execution

Security Affairs

JULY 24, 2023

OpenSSH (Open Secure Shell) is a set of open-source tools and utilities that provide secure encrypted communication over a network. Qualys security researchers have been able to independently verify the vulnerability, develop a PoC exploit on installations of Ubuntu Desktop 22.04 ” reads the advisory.

Libraries

Libraries Authentication Encryption Security

Wslink, a previously undescribed loader for Windows binaries

Security Affairs

OCTOBER 28, 2021

. “Accepting a connection is followed by an RSA handshake with a hardcoded 2048-bit public key to securely exchange both the key and IV to be used for 256-bit AES in CBC mode. The encrypted module is subsequently received with a unique identifier – signature – and an additional key for its decryption.” Pierluigi Paganini.

Encryption

Encryption Libraries Communications Security

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

In March 2020, CERT France cyber-security agency warned about a new wave of ransomware attack that was targeting the networks of local government authorities. According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. ” continues the alert.

Education

Education Ransomware Encryption Government

Google discloses a severe flaw in widely used Libgcrypt encryption library

Malware attack took down 600 computers at Volusia County Public Library

Webinars

Trending Sources

New Hive ransomware variant is written in Rust and use improved encryption method

Webinars

Google expert disclosed details of an unpatched flaw in SymCrypt library

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

New EvilQuest ransomware targets macOS users

OpenSSL version 3.0.5 fixes a flaw that could potentially lead to RCE

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs newsletter Round 347

Ransomware Toolkit Cryptonite turning into an accidental wiper

Apple Mail stores parts of encrypted emails in plaintext DB

Hertzbleed Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Security Affairs newsletter Round 300

OpenSSL fixed two high-severity vulnerabilities

Security Affairs newsletter Round 343

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

EventBot, a new Android mobile targets financial institutions across Europe

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs newsletter Round 370 by Pierluigi Paganini

EastWind campaign targets Russian organizations with sophisticated backdoors

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Researchers released a free decryption tool for the Rhysida Ransomware

Message Decryption Key for Signal Desktop application stored in plain text

CERT France – Pysa ransomware is targeting local governments

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

New PyLocky Ransomware stands out for anti-machine learning capability

Strong Encryption Explained: 6 Encryption Best Practices

Avast released a free decryptor for the Windows version of the Akira ransomware

1.2 million CPR numbers for Danish citizen leaked through tax service

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

macOS: Bashed Apples of Shlayer and Bundlore

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Telegram flaw could have allowed access to users secret chats

Security Affairs newsletter Round 188 – News of the week

New enhanced Joker Malware samples appear in the threat landscape

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Victims of Pylocky ransomware can decrypt their files for free

Microsoft Patch Tuesday security updates for June 2019 fix 88 flaws

A flaw in OpenSSH forwarded ssh-agent allows remote code execution

Wslink, a previously undescribed loader for Windows binaries

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Stay Connected