Events, Government and Security - Information Management Today

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

TopSec was founded in 1995, it offers cybersecurity services such as Endpoint Detection and Response (EDR) and vulnerability scanning, along with “boutique” solutions to align with government initiatives and intelligence requirements. The company provided monitoring services to a state-owned enterprise facing a corruption scandal.

Cybersecurity

Cybersecurity Government Cloud Security

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Security Affairs

DECEMBER 28, 2023

On Christmas Eve, Resecurity protecting Fortune 100 and government agencies globally, observed multiple actors on the Dark Web releasing substantial data leaks. This widespread geographical distribution of “Free Leaksmas” event highlights the extensive global reach and severe impact of these cybercriminal activities.

Data breaches

Data breaches Personal data Government IT

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds. The federal securities laws prohibit half-truths, and there is no exception for statements in risk-factor disclosures.”

Cybersecurity

Cybersecurity Risk Access Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. The Belgian federal prosecutor’s office is probing a possible security breach on its State Security Service (VSSE) by China-linked threat actors. ” reported Reuters.

Security

Security Access Government Cybersecurity

Microsoft: Iranian Hackers Targeted Security Experts

Data Breach Today

OCTOBER 29, 2020

Spear-Phishing Campaign Aimed at Potential Attendees at 2 Upcoming Events A hacking group linked to Iran's government targeted over 100 security and policy experts who are potentially attending two upcoming security conferences with phishing emails designed to steal credentials and gather intelligence, according to Microsoft.

Security

Security Phishing Government

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. A security incident is often an indication of poor investment in security programs, rather than personal characeteriziation of the security leader.

Cybersecurity

Cybersecurity Risk Government Compliance

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. million unfilled cyber security jobs, showing a big need for skilled professionals. Market Growth: AI cyber security technology is projected to grow by 23.6% The US topped the list at $5.09

Security

Security Phishing IoT Ransomware

ZAGG disclosed a data breach that exposed its customers’ credit card data

Security Affairs

DECEMBER 29, 2024

The company has not disclosed the number of impacted customers were impacted by this security breach. “We promptly took steps to secure ZAGG.com and initiated an investigation to determine what happened and identify what information was affected. is a consumer electronics accessories company based in the United States.

Data breaches

Data breaches IT Computer and Electronics Access

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

e-Discovery

e-Discovery Communications Ransomware Government

China-linked APT groups targets orgs via Pulse Secure VPN devices

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

Security

Security Passwords Cybersecurity Government

ProtonMail denies that it spies on users for government agencies

Security Affairs

JUNE 2, 2019

The company clarified that it does not agree with the interpretation taken by some branches of the Swiss government. If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” Thank you. 174 of the Swiss Criminal Code.

Government

Government IT Metadata Privacy

Ransomware attacks hit 105 US local governments in 2022

Security Affairs

JANUARY 2, 2023

In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. Below are the attacks reported by Emsisoft: 105 local governments. ” The ransomware attack against local governments resulted in data theft in at least 27 of the 105 incidents (26 percent). .

Ransomware

Ransomware Government Education Encryption

Chinese hackers compromised emails of U.S. Government agencies

Security Affairs

JULY 13, 2023

Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) on July 12, 2023 have published a joint advisory to warn organizations and allow them to enhance organizational cybersecurity posture and position organizations to detect similar malicious activity via implementing the listed logging recommendations.

Government

Government Authentication Cloud Access

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. The vulnerability, tracked as CVE-2023-2868 , resides in the module for email attachment screening, the issue was discovered on May 19 and the company fixed it with the release of two security patches on May 20 and 21.

Government

Government Access Security Cybersecurity

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

Spanish Police arrested an unnamed hacker who allegedly breached tens of government institutions in Spain and the US. Spanish National Police arrested a hacker responsible for multiple cyberattacks on government institutions in Spain and the U.S. Targe including the U.S. Army, UN, NATO, and other agencies.

Data breaches

Data breaches Information Security Government Access

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 31, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Artificial Intelligence Cybersecurity

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security

Security Phishing Information Security Communications

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JULY 7, 2024

Every week the best security articles from Security Affairs are free in your email box. GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches

Data breaches Security Mining Education

Vietnam Post exposes 1.2TB of data, including email addresses

Security Affairs

NOVEMBER 16, 2023

Vietnam Post Corporation, a Vietnamese government-owned postal service, exposed security logs and employee email addresses to external cyber threats Vietnam Post Corporation, a Vietnamese government-owned postal service, left its security logs and employee email addresses accessible to outside cyber snoopers, Cybernews researchers have discovered.

Access

Access IoT Analytics Government

Texas Department of Transportation (TxDOT) hit by a ransomware attack

Security Affairs

MAY 18, 2020

A new ransomware attack hit the Texas government, the malware this time infected systems at the state’s Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. All @txcourts websites are down.

Ransomware

Ransomware Government Access IT

European Commission has chosen the Signal app to secure its communications

Security Affairs

FEBRUARY 25, 2020

“The European Commission has told its staff to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications.” There is no doubt, Signal is the first choice for hackers and security experts … and not only them. SecurityAffairs – security, Signal).

Communications

Communications IT Security Encryption

North Korea-linked campaign targets security experts via social media

Security Affairs

JANUARY 26, 2021

Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. ” reads the TAG’s report. ” reads the TAG’s report.

Security

Security Communications Cybersecurity Government

Security Affairs newsletter Round 353

Security Affairs

FEBRUARY 13, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 353 appeared first on Security Affairs. US seizes $3.6 US seizes $3.6 Pierluigi Paganini.

Security

Security Ransomware Data breaches Education

Information Governance Pressure Points – 3 Common Areas of Failure

AIIM

JUNE 3, 2020

Back in the day, when work was centralized in locations and on devices “within” the enterprise, it was reasonable to assume that control could most effectively be maintained by managing security at the firewall. Information security was largely a function of “keeping the bad guys out.”. The Solution: Automate the Governance Process.

Information governance

Information governance Government ROT Digital transformation

Security breach suffered by credit bureau Equifax has cost $1.4 Billion

Security Affairs

MAY 12, 2019

Equifax revealed its earnings release related to the security breach suffered in 2017, the incident has cost about $1.4 Equifax revealed this week its earnings release related to the security breach suffered by the credit bureau back in 2017, the incident has cost about $1.4 Million identities were involved in the security incident.

Security

Security Data breaches Cybersecurity Government

Security Affairs newsletter Round 383

Security Affairs

SEPTEMBER 11, 2022

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 383 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security

Security Ransomware Phishing Authentication

UK Home Office is ignoring the risk of ‘catastrophic ransomware attacks,’ report warns

Security Affairs

DECEMBER 13, 2023

A Joint Committee on the National Security Strategy (JCNSS) warns of the high risk of a catastrophic ransomware attack on the UK government. The British government is accused of failing to mitigate the risk of ransomware attacks. said Dame Margaret Beckett, the chair of the JCNSS. Beckett added.

Ransomware

Ransomware Risk Government Security

Apr 10 – Apr 16 Ukraine – Russia the silent cyber conflict

Security Affairs

APRIL 18, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion that occurred in the previous weeks: April 16 – The unceasing action of Anonymous against Russia. Pierluigi Paganini.

Ransomware

Ransomware Phishing Government Cybersecurity

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Security Affairs

APRIL 15, 2025

“Hertz immediately began analyzing the data to determine the scope of the event and to identify individuals whose personal information may have been impacted.” Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2024-50623 (CVSS score 8.8),which In December 2024, the U.S.

Data breaches

Data breaches Ransomware Cybersecurity Government

Security Affairs newsletter Round 364 by Pierluigi Paganini

Security Affairs

MAY 8, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 364 by Pierluigi Paganini appeared first on Security Affairs. To nominate, please visit:? Pierluigi Paganini.

Security

Security IoT Ransomware Libraries

Texas Tech University data breach impacted 1.4 million individuals

Security Affairs

DECEMBER 17, 2024

The security breach exposed the personal, health, and financial data from its health sciences centers, the Health Sciences Center and Health Sciences Center El Paso. ” reads the notice of security breach published by the HSCs. Texas Tech University reports a data breach affecting 1.4 million individuals following a cyber attack.

Data breaches

Data breaches Ransomware Insurance Access

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

Bank of Seychelles hit by a ransomware attack

Security Affairs

SEPTEMBER 12, 2020

DBS is a joint venture by the Seychelles government and some shareholders including Bank, Caisse Francaise de Cooperation, European Investment Bank, DEG, Standard Chartered Bank, and Barclays Bank. . DBS bought back Barclays’ share and Government purchased the shares of DEG, hence, increasing its shareholding to 60.50%.

Ransomware

Ransomware Communications Government Encryption

BlackLock Ransomware Targeted by Cybersecurity Firm

Security Affairs

MARCH 26, 2025

Victims included organizations from different segments, including electronics, academia, religious organizations, defense, healthcare, technology, IT/MSP vendors, and government agencies. Notably, another prominent ransomware group DragonForce took the lead capitalizing on these events.

Ransomware

Ransomware Cybersecurity Government IT

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. PuTTY.exe Rhysida actors have been observed creating Secure Shell (SSH) PuTTy connections for lateral movement. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Passwords

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs

JUNE 1, 2021

Just recently, the group has published a stolen data allegedly belonging to the Mexican Government which still remains available for sale today, and possibly becoming the first cybercriminal group that has touched a major state in Latin America on such a level. Mexican Government data is published for sale. Pierluigi Paganini.

Ransomware

Ransomware Sales Government GDPR

Saudi Future Investment Initiative website defaced by the hackers

Security Affairs

OCTOBER 22, 2018

Hackers also leaked through the defaced homepage, names and phone numbers of several Saudi individuals, including government employees and employees in state-backed companies. No one has claimed responsibility for the defacement of the website of the event, also called as “Davos in the desert.” Pierluigi Paganini.

Government

Government Security IT

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. national security secrets. national security secrets.

Security

Security Risk Military Government

CISA Releases CHIRP, a Tool to Detect SolarWinds Malicious Activity

Security Affairs

MARCH 21, 2021

government agencies, critical infrastructure entities, and private network organizations. Both alerts are related to SolarWinds attacks against government agencies, critical infrastructure, and private sector organizations. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Cloud

Cloud Government Security IT

US CISA published a guide to better use the MITRE ATT&CK framework

Security Affairs

JUNE 5, 2021

Cybersecurity and Infrastructure Security Agency (CISA) this week released a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. The post US CISA published a guide to better use the MITRE ATT&CK framework appeared first on Security Affairs. ” reads one of the studies. .

Cybersecurity

Cybersecurity Cloud Government Security

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? Also, in September 2020, it was reported that Russian hackers targeted government agencies in NATO member countries, and nations who cooperate with NATO -> Link.” Pierluigi Paganini.

Military

Military Manufacturing Phishing Government

NSA warns of cloud attacks on authentication mechanisms

Security Affairs

DECEMBER 19, 2020

The US National Security Agency (NSA) warns of two techniques abused by threat actors for escalating attacks from local networks to cloud infrastructure. The US National Security Agency has published a security advisory that describes two techniques abused in recent attacks against cloud infrastructure. Pierluigi Paganini.

Authentication

Authentication Cloud Access Security

Holy Ghost ransomware operation is linked to North Korea

Security Affairs

JULY 15, 2022

The list of victims includes manufacturing organizations, banks, schools, and event and meeting planning companies. The first possibility is that the North Korean government sponsors this activity.” Because of this, it is equally possible that the North Korean government is not enabling or supporting these ransomware attacks.

Ransomware

Ransomware Encryption Government Manufacturing

Pro-Russia hackers target critical infrastructure in North America and Europe

Security Affairs

MAY 2, 2024

The government agencies urge OT operators in critical infrastructure sectors to implement a set of mitigations provided in the advisory. Some victims experienced minor tank overflow events; however, most victims reverted to manual controls in the immediate aftermath and quickly restored operations.”

Agriculture

Agriculture Passwords Government Authentication

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Webinars

Trending Sources

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Webinars

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Microsoft: Iranian Hackers Targeted Security Experts

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

26 Cyber Security Stats Every User Should Be Aware Of in 2024

ZAGG disclosed a data breach that exposed its customers’ credit card data

China’s Volt Typhoon botnet has re-emerged

China-linked APT groups targets orgs via Pulse Secure VPN devices

ProtonMail denies that it spies on users for government agencies

Ransomware attacks hit 105 US local governments in 2022

Chinese hackers compromised emails of U.S. Government agencies

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Vietnam Post exposes 1.2TB of data, including email addresses

Texas Department of Transportation (TxDOT) hit by a ransomware attack

European Commission has chosen the Signal app to secure its communications

North Korea-linked campaign targets security experts via social media

Security Affairs newsletter Round 353

Information Governance Pressure Points – 3 Common Areas of Failure

Security breach suffered by credit bureau Equifax has cost $1.4 Billion

Security Affairs newsletter Round 383

UK Home Office is ignoring the risk of ‘catastrophic ransomware attacks,’ report warns

Apr 10 – Apr 16 Ukraine – Russia the silent cyber conflict

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Security Affairs newsletter Round 364 by Pierluigi Paganini

Texas Tech University data breach impacted 1.4 million individuals

The Netherlands declares war on ransomware operations

Bank of Seychelles hit by a ransomware attack

BlackLock Ransomware Targeted by Cybersecurity Firm

FBI and CISA warn of attacks by Rhysida ransomware gang

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Saudi Future Investment Initiative website defaced by the hackers

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

CISA Releases CHIRP, a Tool to Detect SolarWinds Malicious Activity

US CISA published a guide to better use the MITRE ATT&CK framework

Researchers found alleged sensitive documents of NATO and Turkey

NSA warns of cloud attacks on authentication mechanisms

Holy Ghost ransomware operation is linked to North Korea

Pro-Russia hackers target critical infrastructure in North America and Europe

Stay Connected