Government and Industry - Information Management Today

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 million year-to-date. According to the FORM 8-K report filed with the U.S.

Ransomware

Ransomware Encryption Cybersecurity Access

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

CERT-UA warns of a cyber campaign using Dark Crystal RAT to target Ukraine’s defense sector, including defense industry employees and Defense Forces members. The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. ” reads the report published CERT-UA.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe.

Cloud

Cloud Education Government Communications

Webinars

Going Beyond Chatbots: Connecting AI to Your Tools, Systems, & Data

Automation, Evolved: Your New Playbook for Smarter Knowledge Work

MORE WEBINARS

APT41: The threat of KeyPlug against Italian industries

Security Affairs

MAY 23, 2024

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. State Governments ”.

Encryption

Encryption Cybersecurity Government Security

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. He will also dive into topic definitions, governance structures, and framework components for success. Do we understand and articulate our bank’s risk appetite and how that impacts our business units? Register today!

Risk

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs

JULY 7, 2022

The attacks against Healthcare and Public Health (HPH) Sector organizations started in May 2021 and government experts observed multiple cases that involved the use of the Maui ransomware. The joint report refers to an industry analysis of a sample of Maui provided in Stairwell Threat Report: Maui Ransomware. Pierluigi Paganini.

Ransomware

Ransomware Encryption Government Cybersecurity

China-linked Space Pirates APT targets the Russian aerospace industry

Security Affairs

MAY 19, 2022

A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. Pierluigi Paganini.

Phishing

Phishing Archiving Government Access

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

China-linked threat actors targeted dozens of industrial enterprises and public institutions in Afghanistan and Europe. In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. ” concludes the report.

Encryption

Encryption Military Archiving Phishing

Relyance AI Raises $32M to Take on AI Governance Challenges

Data Breach Today

OCTOBER 10, 2024

Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance Relyance AI raised $32 million in Series B funding to grow its data governance platform.

Government

Government Privacy Compliance Security

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. This report offers insights for cybersecurity, compliance, and privacy executives at healthcare organizations, as well as for policymakers and auditors.

Cybersecurity

APT41: The threat of KeyPlug against Italian industries

Security Affairs

MAY 23, 2024

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. State Governments ”.

Encryption

Encryption Cybersecurity Government Security

Chinese man charged for spear-phishing against NASA and US Government

Security Affairs

SEPTEMBER 17, 2024

” The man, who remails at large, used fake email accounts posing as US-based researchers and engineers to target government personnel to obtain software and source code created by the National Aeronautics and Space Administration (“NASA”), research universities, and private companies. Air Force, Navy, Army, and the FAA.”

Phishing

Phishing Government Military Security

United Nations AI Body to Advise on Risks, Global Governance

Data Breach Today

OCTOBER 27, 2023

The 38-Member Body Comprises Government, Private, Civil Society Representatives The United Nations unveiled Thursday an AI advisory body that looks to analyze risks and make recommendations on international governance for the technology.

Government

Government Risk

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence.

Phishing

Phishing Authentication Access Government

How to Overcome the Pain Points of Your CRM

Advertiser: ZoomInfo

However, as a company, sales stack, and database grow, it becomes difficult to uphold structure and governance to keep a CRM up-to-date. Leveraging leading industry research from industry analysts, this eBook explores how your sales team can gain back valuable time with the following: Conquering the most difficult pain points in your CRM.

Digital transformation

NSO Group, Positive Technologies and other firms sanctioned by the US government

Security Affairs

NOVEMBER 3, 2021

The Commerce Department’s Bureau of Industry and Security (BIS) has sanctioned four companies for the development of spyware or the sale of hacking tools used by nation-state actors. The post NSO Group, Positive Technologies and other firms sanctioned by the US government appeared first on Security Affairs. Pierluigi Paganini.

Government

Government Sales Cybersecurity Security

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures.

Government

Government Communications Access Passwords

Awaken Likho APT group targets Russian government with a new implant

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises.

Government

Government Archiving Phishing Access

US Government Lagging on Border Gateway Protocol Security

Data Breach Today

AUGUST 5, 2023

Heads of FCC, CISA Call for BGP Overhaul, Industry Collaboration The U.S. federal government acknowledged that it is lagging behind on border gateway protocol security practices. Officials from several government agencies, ISPs and cloud content providers organized a workshop to understand the latest security improvements underway.

Government

Government Security Cloud IT

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The post Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Phishing

Phishing e-Delivery Government Passwords

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

SYS01 stealer targets critical government infrastructure

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. ” reads the analysis published by Morphisec. to lure victims into downloading a malicious file. .” ” concludes Morphisec that also provides indicators of compromise (IoCs).

Government

Government Manufacturing Authentication Cybersecurity

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack. The Rhysida ransomware group has been active since May 2023.

Data breaches

Data breaches Ransomware Manufacturing Education

AI Governance vs. Data Governance: Understanding the Differences and Opportunities

Gimmal

JANUARY 8, 2025

AI Governance vs. Data Governance: Understanding the Differences and Opportunities Written by In our current rapidly evolving technological landscape, enterprises are collecting, analyzin g, and lev eraging unprecedented amounts of data. YouTube Video: What is AI governance? What is AI Governance? What is AI Governance?

Government

Government Information governance Privacy Compliance

US adds Tencent to the list of companies supporting Chinese military

Security Affairs

JANUARY 7, 2025

The US government does not explain the decision. Unlike the Entity List for Malicious Cyber Activities, managed by the Commerce Departments Bureau of Industry and Security (BIS), the Section 1260 list does not impose any ban or sanction on the tech giant. ” “We are not a military company or supplier.

Military

Military Cloud Government Analytics

APTs Using New Tools to Target ICS/SCADA

Data Breach Today

APRIL 14, 2022

US Government Agencies, Mandiant, Dragos, Schneider Electric Issue Joint Advisory U.S.

Government

Government Cybersecurity

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement. ” continues the announcement.

Government

Government Military Financial Services Security

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

As organizations continue facing escalating cyber threats, how they communicate multiplying and rapidly morphing cyber exposures – in essence how much they choose to abide by industry standards and embrace ethical practices — remains under intense scrutiny. 1 million for a company the size of Checkpoint is but a slap on the wrist.

Cybersecurity

Cybersecurity Risk Government Compliance

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. Treasury trading operations at an American subsidiary of Industrial & Commercial Bank of China Ltd. The ransomware breach that crippled U.S. Treasury market.

Ransomware

Ransomware Financial Services Marketing Government

The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure

WIRED Threat Level

NOVEMBER 10, 2023

US government officials continue to warn that the public and private sectors need to identify and root out China-backed attackers lurking in industrial control systems.

Government

Government Security

NSA buys internet browsing records from data brokers without a warrant

Security Affairs

JANUARY 29, 2024

Wyden called on the US government to order intelligence agencies to stop buying personal data from Americans that has been obtained illegally by data brokers. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ privacy are not just unethical, but illegal.”

Metadata

Metadata Personal data Sales Privacy

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Manufacturing Archiving Government

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

government surveillance. Automated Data Governance : Leverage advanced data security platforms that provide real-time visibility and automated compliance checks. Meni has over 15 years of expertise in various industries such as cloud management, dev tools, e-commerce, mobile games, and more. After the invalidation of the EU-U.S.

GDPR

GDPR Security Compliance Data Privacy

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Security Affairs

NOVEMBER 20, 2021

banking regulators this week approved a rule that obliges banks to report any major cybersecurity incidents to the government within 36 hours of discovery. banking regulators have approved a new rule that orders banks to notify federal regulators of significant cybersecurity incidents within 36 hours.

Cybersecurity

Cybersecurity Financial Services Insurance Ransomware

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

Security Affairs

JULY 23, 2024

The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. In late 2023, CARR claimed attacks on industrial control systems in the U.S. The US government also blocked entities owned 50% or more by these individuals. or controlled by U.S.

Government

Government IT Information Security Security

SSA Struggling to Modernize Fraud Prevention Tech, GAO Warns

Data Breach Today

OCTOBER 10, 2024

GAO: SSA Fails to Meet Industry and Federal Electronic Verification System Goals The Social Security Administration is facing criticism for failing to update its fraud prevention technology, leaving financial institutions and federal authorities at risk of missing synthetic identity scams, according to a new Government Accountability Office report. (..)

Risk

Risk Government Security IT

BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber

Data Breach Today

NOVEMBER 29, 2023

Deal Will Expand BlueVoyant's Footprint in US Government, Defense Industrial Base BlueVoyant purchased a risk management vendor led by an Army veteran to expand its SaaS footprint with U.S. government and defense industrial organizations.

Compliance

Compliance Risk Government IT

Canada Gov plans to ban the Flipper Zero to curb car thefts

Security Affairs

FEBRUARY 12, 2024

The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipper Zero , and similar hacking devices, to curb the surge in car thefts. ” said Canadian Industry Minister François-Philippe Champagne.

Government

Government Sales Insurance IT

ISMG Editors: How Crypto Helped Finance Hamas' Attacks

Data Breach Today

OCTOBER 12, 2023

Also: North Korean Cryptocurrency Activity, Ex-FTX CEO Sam Bankman-Fried Trial In the latest weekly update, Ari Redbord, head of Legal and Government Affairs at TRM Labs, joined ISMG editors to discuss how Hamas is using crypto to finance operations, the latest illicit activities by North Korean actors, and how the trial of FTX's Sam Bankman-Fried (..)

Government

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

According to the South Korean authorities, the government of Pyongyang’s goal is to steal intellectual property and trade secrets from the South. North Korea-linked actors hacking groups are targeting South Korea’s construction and machinery industries. ” reads the advisory.

Information capture

Information capture Authentication Military Government

British Lawmakers Push Ahead With Modifying UK GDPR

Data Breach Today

DECEMBER 1, 2023

Government backers say the bill will bolster the domestic AI industry. Data Protection and Digital Information Bill Heads to the House of Lords British Conservative lawmakers are pushing ahead with legislation modifying the U.K.

GDPR

GDPR Privacy Government

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Cybersecurity Sales Blockchain

Ransomware threat landscape Jan-Apr 2024: insights and challenges

Security Affairs

JUNE 24, 2024

In terms of sectors, ransomware attacks have significantly affected industries such as consulting, logistics, and healthcare. The industrial and consulting sectors, including pharmaceutical, mechanical, and electronic industries, were among the most targeted in the country.

Ransomware

Ransomware Healthcare Cybersecurity Government

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Webinars

Trending Sources

Stark Industries Solutions: An Iron Hammer in the Cloud

Webinars

APT41: The threat of KeyPlug against Italian industries

ERM Program Fundamentals for Success in the Banking Industry

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

China-linked Space Pirates APT targets the Russian aerospace industry

Chinese actors behind attacks on industrial enterprises and public institutions

Relyance AI Raises $32M to Take on AI Governance Challenges

Beware of Pixels & Trackers on U.S. Healthcare Websites

APT41: The threat of KeyPlug against Italian industries

Chinese man charged for spear-phishing against NASA and US Government

United Nations AI Body to Advise on Risks, Global Governance

Storm-2372 used the device code phishing technique since August 2024

How to Overcome the Pain Points of Your CRM

NSO Group, Positive Technologies and other firms sanctioned by the US government

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Awaken Likho APT group targets Russian government with a new implant

US Government Lagging on Border Gateway Protocol Security

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

US indicted 4 Russian government employees for attacks on critical infrastructure

SYS01 stealer targets critical government infrastructure

Port of Seattle ‘s August data breach impacted 90,000 people

AI Governance vs. Data Governance: Understanding the Differences and Opportunities

US adds Tencent to the list of companies supporting Chinese military

APTs Using New Tools to Target ICS/SCADA

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure

NSA buys internet browsing records from data brokers without a warrant

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Increased GDPR Enforcement Highlights the Need for Data Security

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

SSA Struggling to Modernize Fraud Prevention Tech, GAO Warns

BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber

Canada Gov plans to ban the Flipper Zero to curb car thefts

ISMG Editors: How Crypto Helped Finance Hamas' Attacks

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

British Lawmakers Push Ahead With Modifying UK GDPR

New Leak Shows Business Side of China’s APT Menace

Ransomware threat landscape Jan-Apr 2024: insights and challenges

Stay Connected