Government and Groups - Information Management Today

Turning Information Into Outcomes: What Governance Really is About

Weissman's World

JANUARY 14, 2025

For years, youve heard me exhort you to implement information governance because you collected all that information for a reason, right? and infogov is how you get value from it. And while thats true, Im not sure I ever completely brought that sentiment to ground. So let me now close that gap.

Government

Government Information governance IT Records Management

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. The government agencies warn that the Russian APT29 group has the capability and intent to exploit more CVEs for initial access, remote code execution, and privilege escalation.

Data collection

Data collection Authentication Access Cybersecurity

Good Governance is About the “Why”

Weissman's World

JANUARY 30, 2025

I get inquiries all the time from people seeking support as they ready to tackle what sound like fairly specific records and information governance issues.

Government

Government Information governance Paper Cloud

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. ” In September, the Wall Street Journal reported that China-linked APT group Salt Typhoon (also known as FamousSparrow and GhostEmperor ) breached U.S. reported the WSJ.

Government

Government Communications Access Risk

Partner Webinar: A Framework for Building Data Mesh Architecture

Speaker: Jeremiah Morrow, Nicolò Bidotti, and Achille Barbieri

In this webinar, learn how Enel Group worked with Agile Lab to implement Dremio as a data mesh solution for providing broad access to a unified view of their data, and how they use that architecture to enable a multitude of use cases. Leveraging Dremio for data governance and multi-cloud with Arrow Flight.

Government

Zimbra zero-day exploited to steal government emails by four groups

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” reads the advisory published by Google TAG.

Government

Government Authentication Phishing IT

Awaken Likho APT group targets Russian government with a new implant

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises. Experts believe the group remains active and is enhancing its operations with new implants.

Government

Government Archiving Phishing Access

Massive cyberattacks hit French government agencies

Security Affairs

MARCH 11, 2024

A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. “Several “intense” cyberattacks targeted multiple French government agencies since Sunday night, as disclosed by the prime minister’s office.” ” reported the French newspaper Le Monde.

Government

Government Information Security Access Security

Unknown Cyberespionage Group Targeted Taiwan

Data Breach Today

OCTOBER 10, 2023

Threat Actor Likely Operates From A Region With A Strategic Interest In Taiwan A previously undetected cyberespionage group spied against Taiwanese government agencies and the island-country's manufacturing sector, say cybersecurity researchers.

Manufacturing

Manufacturing Cybersecurity Government IT

Zero Trust Mandate: The Realities, Requirements and Roadmap

Government agencies can no longer ignore or delay their Zero Trust initiatives. and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines. The DHS compliance audit clock is ticking on Zero Trust.

Cybersecurity

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Security Affairs

OCTOBER 6, 2024

China-linked APT group Salt Typhoon breached U.S. China-linked APT group Salt Typhoon (also known as FamousSparrow and GhostEmperor ) breached U.S. “A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers is still ongoing, government experts are assessing its scope.

Government

Government Access Risk Security

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Thanks to AI, GIGO is More Relevant Than Ever

Weissman's World

NOVEMBER 11, 2024

The adage “garbage in, garbage out” (GIGO) has been around for nearly 70 years, and it’s never been more relevant thanks to the intensifying need for information governance and the emergence of generative and agentic AI as potential disruptors. Regardless of your mandate (e.g., Regardless of your mandate (e.g.,

Information governance

Information governance Compliance Cloud Government

Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos

Security Affairs

JANUARY 17, 2024

Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Naturally, not empty-handed, but with DDoS gifts” read a message published by the hacker group on its Telegram channel. ” reported the AFP agency. reported NCSC.

Government

Government Access Security IT

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. The researchers also tracked at least four ransomware groups exploiting four zero-day vulnerabilities. ” continues the report.

Government

Government Ransomware Libraries Access

The Rhysida ransomware group hit the Kuwait Ministry of Finance

Security Affairs

SEPTEMBER 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Ransomware

Ransomware Government Cybersecurity IT

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group claimed to have breached the Abdali Hospital in Jordan and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Ransomware

Ransomware Manufacturing Education Libraries

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. Gelsemium is a group focused on cyberespionage that has been active since at least 2014.

Government

Government Manufacturing Education Access

Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa

Security Affairs

AUGUST 29, 2024

Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. Google TAG (Threat Analysis Group) researchers observed the Russia-linked group APT29 (aka SVR group , BlueBravo , Cozy Bear , Nobelium , Midnight Blizzard , and The Dukes ).

Government

Government Encryption Authentication Risk

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. The APT group conducted a cyber espionage campaign between April and July 2024 and used Microsoft’s Azure infrastructure for C2 infrastructure.

IT

IT Education File names Passwords

Russian nationals plead guilty to participating in the LockBit ransomware group

Security Affairs

JULY 19, 2024

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. The LockBit ransomware operation has been active since January 2020, the group hit over 2,500 victims across 120 countries, including 1,800 in the U.S.

Ransomware

Ransomware Encryption Government Access

Australian government announced sanctions for Medibank hacker

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Gennadievich Ermakov (aka GustaveDore, aiiis_ermak, blade_runner, JimJones), a Russian national who is a member of the REvil ransomware group.

Government

Government Insurance Ransomware Data breaches

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023. Data from the Royal Family!

Ransomware

Ransomware Manufacturing Education Libraries

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

Kaspersky researchers linked a new wave of cyber attacks to the cyber espionage group tracked as The Mask. Kaspersky researchers linked several targeted attacks to a cyber espionage group known as The Mask. The APT group targeted an organization in Latin America in 2019 and 2022.

Government

Government IT Access Information Security

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Security Affairs

AUGUST 7, 2024

The Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware and offers alleged stolen data for 25 BTC. The Rhysida Ransomware group claims to have breached Bayhealth Hospital and added the hospital to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Ransomware

Ransomware Manufacturing Libraries Education

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint advisory on the BlackSuit Ransomware group. The group uses SharpShares and SoftPerfect NetWorx to map out victim networks.

Ransomware

Ransomware Communications Manufacturing Phishing

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

AUGUST 13, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities. The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email.

Phishing

Phishing Government File names Access

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, NSO GROUP)

IT

IT Government Security Information Security

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

Security Affairs

JULY 23, 2024

The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. The US authorities identified Pankratova as the group leader, while Degtyarenko is a primary hacker. The US government also blocked entities owned 50% or more by these individuals.

Government

Government IT Information Security Security

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

The group managed to maintain access without being detected for as long as possible. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

e-Discovery

e-Discovery Communications Ransomware Government

Two Sudanese nationals indicted for operating the Anonymous Sudan group

Security Affairs

OCTOBER 17, 2024

The group’s victims include ChatGPT , Telegram , Microsoft , X , the Department of Justice, the Department of Defense, the FBI, the State Department, Cedars-Sinai Medical Center in Los Angeles, and government websites for the state of Alabama.

Government

Government Cloud Cybersecurity IT

Earth Krahang APT breached tens of government organizations worldwide

Security Affairs

MARCH 19, 2024

Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide. The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities.

Government

Government Phishing Access Passwords

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure. ” reads the court filing.

Risk

Risk Government Manufacturing IT

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group.

Ransomware

Ransomware Blockchain Manufacturing Analytics

Clop group obtained access to the email addresses of about 632,000 US federal employees

Security Affairs

NOVEMBER 2, 2023

Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The news of the attacks on the government departments was reported by federal cybersecurity officers to the House Science, Space and Technology Committee in July.

Access

Access Agriculture Data breaches Ransomware

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Access Phishing

North Korea-linked APT groups target South Korean defense contractors

Security Affairs

APRIL 23, 2024

North Korea-linked APT groups Lazarus , Andariel , and Kimsuky hacked multiple defense companies in South Korea, reported the National Police Agency. The Police states that the attacks are carried out in the form of an all-out war that see the contribution of multiple APT groups.

Passwords

Passwords Authentication Cloud Cybersecurity

Swiss Government Reports Nuisance-Level DDoS Disruptions

Data Breach Today

JANUARY 18, 2024

Self-Proclaimed Russian Hacktivists Continue Putin-Aligned Information Operations Switzerland's federal government reports that multiple federal agencies' public-facing sites were temporarily disrupted by distributed denial-of-service attacks perpetrated by a self-proclaimed Russian hacktivist group "as a means of gaining media attention for their (..)

Government

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. As part of that action, the government seized the BlackCat website and released a decryption tool to help victims recover their systems. After a much-promoted attack on the government of Fulton County, Ga.,

Ransomware

Ransomware Insurance Government IT

North Korean Group Seen Snooping on Russian Foreign Ministry

Data Breach Today

FEBRUARY 26, 2024

Espionage Groups Deploy Info Stealer to Monitor Russia's Diplomatic Moves North Korean espionage group TA406, aka the Konni Group, deployed information-stealing malware on a Russian government-owned software to spy on the country's foreign ministry officials.

Government

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Members of the ExCobalt group have been active since at least 2016, the researchers believe that the group is linked to the notorious Cobalt Gang.

File names

File names Communications Mining Archiving

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

The cyber campaign is attributed to the China-linked APT group Salt Typhoon, which is also known as FamousSparrow and GhostEmperor. “Hackers linked to the Chinese government have broken into a handful of U.S. This group was publicly called out by the U.S. The company linked the attacks to StormBamboo APT group.

IoT

IoT Cybersecurity Government IT

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. 9, 2024, U.S. On July 28 and again on Aug.

Passwords

Passwords Phishing Access Encryption

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence.

Phishing

Phishing Authentication Access Government

Turning Information Into Outcomes: What Governance Really is About

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Webinars

Trending Sources

Good Governance is About the “Why”

Webinars

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Partner Webinar: A Framework for Building Data Mesh Architecture

Zimbra zero-day exploited to steal government emails by four groups

Awaken Likho APT group targets Russian government with a new implant

Massive cyberattacks hit French government agencies

Unknown Cyberespionage Group Targeted Taiwan

Zero Trust Mandate: The Realities, Requirements and Roadmap

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Thanks to AI, GIGO is More Relevant Than Ever

Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

The Rhysida ransomware group hit the Kuwait Ministry of Finance

Rhysida ransomware group hacked Abdali Hospital in Jordan

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa

Iran-linked group APT33 adds new Tickler malware to its arsenal

Russian nationals plead guilty to participating in the LockBit ransomware group

Australian government announced sanctions for Medibank hacker

Rhysida ransomware group hacked King Edward VII’s Hospital in London

The Mask APT is back after 10 years of silence

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

CERT-UA warns of a phishing campaign targeting government entities

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

China’s Volt Typhoon botnet has re-emerged

Two Sudanese nationals indicted for operating the Anonymous Sudan group

Earth Krahang APT breached tens of government organizations worldwide

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

US offers $10 million reward for info on Hive ransomware group leaders

Clop group obtained access to the email addresses of about 632,000 US federal employees

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

North Korea-linked APT groups target South Korean defense contractors

Swiss Government Reports Nuisance-Level DDoS Disruptions

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

North Korean Group Seen Snooping on Russian Foreign Ministry

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Storm-2372 used the device code phishing technique since August 2024

Stay Connected