Government and Industry - Information Management Today

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 million year-to-date. According to the FORM 8-K report filed with the U.S.

Ransomware

Ransomware Encryption Cybersecurity Access

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

CERT-UA warns of a cyber campaign using Dark Crystal RAT to target Ukraine’s defense sector, including defense industry employees and Defense Forces members. The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. ” reads the report published CERT-UA.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

APT41: The threat of KeyPlug against Italian industries

Security Affairs

MAY 23, 2024

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. State Governments ”.

Encryption

Encryption Cybersecurity Government Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs

JULY 7, 2022

The attacks against Healthcare and Public Health (HPH) Sector organizations started in May 2021 and government experts observed multiple cases that involved the use of the Maui ransomware. The joint report refers to an industry analysis of a sample of Maui provided in Stairwell Threat Report: Maui Ransomware. Pierluigi Paganini.

Ransomware

Ransomware Encryption Government Cybersecurity

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. He will also dive into topic definitions, governance structures, and framework components for success. Do we understand and articulate our bank’s risk appetite and how that impacts our business units? Register today!

Risk

China-linked Space Pirates APT targets the Russian aerospace industry

Security Affairs

MAY 19, 2022

A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. Pierluigi Paganini.

Phishing

Phishing Archiving Government Access

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

China-linked threat actors targeted dozens of industrial enterprises and public institutions in Afghanistan and Europe. In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. ” concludes the report.

Encryption

Encryption Military Archiving Phishing

Relyance AI Raises $32M to Take on AI Governance Challenges

Data Breach Today

OCTOBER 10, 2024

Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance Relyance AI raised $32 million in Series B funding to grow its data governance platform.

Government

Government Privacy Compliance Security

APT41: The threat of KeyPlug against Italian industries

Security Affairs

MAY 23, 2024

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. State Governments ”.

Encryption

Encryption Cybersecurity Government Security

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. This report offers insights for cybersecurity, compliance, and privacy executives at healthcare organizations, as well as for policymakers and auditors.

Cybersecurity

United Nations AI Body to Advise on Risks, Global Governance

Data Breach Today

OCTOBER 27, 2023

The 38-Member Body Comprises Government, Private, Civil Society Representatives The United Nations unveiled Thursday an AI advisory body that looks to analyze risks and make recommendations on international governance for the technology.

Government

Government Risk

Chinese man charged for spear-phishing against NASA and US Government

Security Affairs

SEPTEMBER 17, 2024

” The man, who remails at large, used fake email accounts posing as US-based researchers and engineers to target government personnel to obtain software and source code created by the National Aeronautics and Space Administration (“NASA”), research universities, and private companies. Air Force, Navy, Army, and the FAA.”

Phishing

Phishing Government Military Security

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence.

Phishing

Phishing Authentication Access Government

NSO Group, Positive Technologies and other firms sanctioned by the US government

Security Affairs

NOVEMBER 3, 2021

The Commerce Department’s Bureau of Industry and Security (BIS) has sanctioned four companies for the development of spyware or the sale of hacking tools used by nation-state actors. The post NSO Group, Positive Technologies and other firms sanctioned by the US government appeared first on Security Affairs. Pierluigi Paganini.

Government

Government Sales Cybersecurity Security

How to Overcome the Pain Points of Your CRM

Advertiser: ZoomInfo

However, as a company, sales stack, and database grow, it becomes difficult to uphold structure and governance to keep a CRM up-to-date. Leveraging leading industry research from industry analysts, this eBook explores how your sales team can gain back valuable time with the following: Conquering the most difficult pain points in your CRM.

Digital transformation

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors. ” reads the advisory. ” reads the advisory.

Government

Government Passwords Access Cybersecurity

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Awaken Likho APT group targets Russian government with a new implant

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises.

Government

Government Archiving Phishing Access

US Government Lagging on Border Gateway Protocol Security

Data Breach Today

AUGUST 5, 2023

Heads of FCC, CISA Call for BGP Overhaul, Industry Collaboration The U.S. federal government acknowledged that it is lagging behind on border gateway protocol security practices. Officials from several government agencies, ISPs and cloud content providers organized a workshop to understand the latest security improvements underway.

Government

Government Security Cloud IT

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” ” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site. ” reads the message published on the leak site.

Military

Military Manufacturing Ransomware Mining

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The post Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Phishing

Phishing e-Delivery Government Passwords

SYS01 stealer targets critical government infrastructure

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. ” reads the analysis published by Morphisec. to lure victims into downloading a malicious file. .” ” concludes Morphisec that also provides indicators of compromise (IoCs).

Government

Government Manufacturing Authentication Cybersecurity

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

US adds Tencent to the list of companies supporting Chinese military

Security Affairs

JANUARY 7, 2025

The US government does not explain the decision. Unlike the Entity List for Malicious Cyber Activities, managed by the Commerce Departments Bureau of Industry and Security (BIS), the Section 1260 list does not impose any ban or sanction on the tech giant. ” “We are not a military company or supplier.

Military

Military Cloud Analytics Government

APTs Using New Tools to Target ICS/SCADA

Data Breach Today

APRIL 14, 2022

US Government Agencies, Mandiant, Dragos, Schneider Electric Issue Joint Advisory U.S.

Government

Government Cybersecurity

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement. ” continues the announcement.

Government

Government Military Financial Services Security

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. Treasury trading operations at an American subsidiary of Industrial & Commercial Bank of China Ltd. The ransomware breach that crippled U.S. Treasury market.

Ransomware

Ransomware Financial Services Marketing Government

NSA buys internet browsing records from data brokers without a warrant

Security Affairs

JANUARY 29, 2024

Wyden called on the US government to order intelligence agencies to stop buying personal data from Americans that has been obtained illegally by data brokers. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ privacy are not just unethical, but illegal.”

Metadata

Metadata Personal data Sales Privacy

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Manufacturing Archiving Authentication

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Security Affairs

NOVEMBER 20, 2021

banking regulators this week approved a rule that obliges banks to report any major cybersecurity incidents to the government within 36 hours of discovery. banking regulators have approved a new rule that orders banks to notify federal regulators of significant cybersecurity incidents within 36 hours.

Cybersecurity

Cybersecurity Financial Services Insurance Ransomware

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

Security Affairs

JULY 23, 2024

The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. In late 2023, CARR claimed attacks on industrial control systems in the U.S. The US government also blocked entities owned 50% or more by these individuals. or controlled by U.S.

Government

Government IT Information Security Security

Pegasus Spyware: World Leaders Demand Israeli Probe

Data Breach Today

JULY 27, 2021

French President, US Lawmakers and Others Call for Urgent 'Hacking for Hire' Review Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire (..)

Government

SSA Struggling to Modernize Fraud Prevention Tech, GAO Warns

Data Breach Today

OCTOBER 10, 2024

GAO: SSA Fails to Meet Industry and Federal Electronic Verification System Goals The Social Security Administration is facing criticism for failing to update its fraud prevention technology, leaving financial institutions and federal authorities at risk of missing synthetic identity scams, according to a new Government Accountability Office report. (..)

Risk

Risk Government Security IT

BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber

Data Breach Today

NOVEMBER 29, 2023

Deal Will Expand BlueVoyant's Footprint in US Government, Defense Industrial Base BlueVoyant purchased a risk management vendor led by an Army veteran to expand its SaaS footprint with U.S. government and defense industrial organizations.

Compliance

Compliance Risk Government IT

Canada Gov plans to ban the Flipper Zero to curb car thefts

Security Affairs

FEBRUARY 12, 2024

The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipper Zero , and similar hacking devices, to curb the surge in car thefts. ” said Canadian Industry Minister François-Philippe Champagne.

Government

Government Sales Insurance IT

Misinformation and hacktivist campaigns targeting the Philippines skyrocket

Security Affairs

APRIL 16, 2024

Resecurity interprets this activity as pre-staging for broader malicious, foreign cyber-threat actor activity in the region, including cyber espionage and targeted attacks against government agencies and critical infrastructure. The full report is available here.

Government

Government Security Information Security IT

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

According to the South Korean authorities, the government of Pyongyang’s goal is to steal intellectual property and trade secrets from the South. North Korea-linked actors hacking groups are targeting South Korea’s construction and machinery industries. ” reads the advisory.

Information capture

Information capture Authentication Military Government

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Cybersecurity Sales Blockchain

British Lawmakers Push Ahead With Modifying UK GDPR

Data Breach Today

DECEMBER 1, 2023

Government backers say the bill will bolster the domestic AI industry. Data Protection and Digital Information Bill Heads to the House of Lords British Conservative lawmakers are pushing ahead with legislation modifying the U.K.

GDPR

GDPR Privacy Government

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Security Affairs

SEPTEMBER 23, 2024

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-linked APT group Earth Baxia has targeted a government organization in Taiwan and potentially other countries in the Asia-Pacific (APAC) region.

Phishing

Phishing File names Cloud Government

Ransomware threat landscape Jan-Apr 2024: insights and challenges

Security Affairs

JUNE 24, 2024

In terms of sectors, ransomware attacks have significantly affected industries such as consulting, logistics, and healthcare. The industrial and consulting sectors, including pharmaceutical, mechanical, and electronic industries, were among the most targeted in the country.

Ransomware

Ransomware Healthcare Cybersecurity Government

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

LW: What industries face the biggest quantum security risks, and whats driving urgency in those sectors? When you consider the types of data that these industries handle and protect, the urgency makes sense. Financial services firms have to protect sensitive data like customers bank account information.

Encryption

Encryption Financial Services Risk Libraries

How to Protect Privacy and Build Secure AI Products

Security Affairs

JULY 18, 2024

AI systems are transforming technology and driving innovation across industries. How to Protect Privacy and Build Secure AI Products AI systems are transforming technology and driving innovation across industries. As AI redefines industries, prioritizing data privacy is essential for responsible AI development.

Privacy

Privacy Security Data Privacy Risk

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Security Affairs

JUNE 26, 2022

Experts speculate a cyber attack may have turned off the industrial safety controls at the natural gas facility. ICS malware like TRITON , which experts associated with Russia-linked APT group XENOTIME , has offensive capabilities to shut down industrial safety controls and cause extensive damages to industrial facilities.

Military

Military Cloud Government Security

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Webinars

Trending Sources

APT41: The threat of KeyPlug against Italian industries

Webinars

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

ERM Program Fundamentals for Success in the Banking Industry

China-linked Space Pirates APT targets the Russian aerospace industry

Chinese actors behind attacks on industrial enterprises and public institutions

Relyance AI Raises $32M to Take on AI Governance Challenges

APT41: The threat of KeyPlug against Italian industries

Beware of Pixels & Trackers on U.S. Healthcare Websites

United Nations AI Body to Advise on Risks, Global Governance

Chinese man charged for spear-phishing against NASA and US Government

Storm-2372 used the device code phishing technique since August 2024

NSO Group, Positive Technologies and other firms sanctioned by the US government

How to Overcome the Pain Points of Your CRM

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Awaken Likho APT group targets Russian government with a new implant

US Government Lagging on Border Gateway Protocol Security

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

SYS01 stealer targets critical government infrastructure

US indicted 4 Russian government employees for attacks on critical infrastructure

US adds Tencent to the list of companies supporting Chinese military

APTs Using New Tools to Target ICS/SCADA

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

NSA buys internet browsing records from data brokers without a warrant

PseudoManuscrypt, a mysterious massive cyber espionage campaign

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

Pegasus Spyware: World Leaders Demand Israeli Probe

SSA Struggling to Modernize Fraud Prevention Tech, GAO Warns

BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber

Canada Gov plans to ban the Flipper Zero to curb car thefts

Misinformation and hacktivist campaigns targeting the Philippines skyrocket

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

New Leak Shows Business Side of China’s APT Menace

British Lawmakers Push Ahead With Modifying UK GDPR

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Ransomware threat landscape Jan-Apr 2024: insights and challenges

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

How to Protect Privacy and Build Secure AI Products

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Stay Connected