Government, Industry and Security - Information Management Today

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 million year-to-date. According to the FORM 8-K report filed with the U.S.

Ransomware

Ransomware Encryption Cybersecurity Access

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

CERT-UA warns of a cyber campaign using Dark Crystal RAT to target Ukraine’s defense sector, including defense industry employees and Defense Forces members. The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. ” reads the report published CERT-UA.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. These penalties apply to all aspects of GDPR compliance, including inadequate data security, improper consent, and data breach failures. government surveillance.

GDPR

GDPR Security Compliance Data Privacy

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

APT41: The threat of KeyPlug against Italian industries

Security Affairs

MAY 23, 2024

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. State Governments ”.

Encryption

Encryption Cybersecurity Government Security

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe.

Cloud

Cloud Education Government Communications

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs

JULY 7, 2022

The attacks against Healthcare and Public Health (HPH) Sector organizations started in May 2021 and government experts observed multiple cases that involved the use of the Maui ransomware. The joint report refers to an industry analysis of a sample of Maui provided in Stairwell Threat Report: Maui Ransomware. Pierluigi Paganini.

Ransomware

Ransomware Encryption Government Cybersecurity

China-linked Space Pirates APT targets the Russian aerospace industry

Security Affairs

MAY 19, 2022

A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. Pierluigi Paganini.

Phishing

Phishing Archiving Government Access

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies.

Government

Government Communications Access Passwords

US Government Lagging on Border Gateway Protocol Security

Data Breach Today

AUGUST 5, 2023

Heads of FCC, CISA Call for BGP Overhaul, Industry Collaboration The U.S. federal government acknowledged that it is lagging behind on border gateway protocol security practices.

Government

Government Security Cloud IT

Relyance AI Raises $32M to Take on AI Governance Challenges

Data Breach Today

OCTOBER 10, 2024

Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance Relyance AI raised $32 million in Series B funding to grow its data governance platform.

Government

Government Privacy Compliance Security

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

China-linked threat actors targeted dozens of industrial enterprises and public institutions in Afghanistan and Europe. In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. ” concludes the report.

Encryption

Encryption Military Archiving Phishing

NSO Group, Positive Technologies and other firms sanctioned by the US government

Security Affairs

NOVEMBER 3, 2021

The Commerce Department’s Bureau of Industry and Security (BIS) has sanctioned four companies for the development of spyware or the sale of hacking tools used by nation-state actors. The firms are NSO Group and Candiru from Israel, Computer Security Initiative Consultancy PTE. national security.

Government

Government Sales Cybersecurity Security

APT41: The threat of KeyPlug against Italian industries

Security Affairs

MAY 23, 2024

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. State Governments ”.

Encryption

Encryption Cybersecurity Government Security

Chinese man charged for spear-phishing against NASA and US Government

Security Affairs

SEPTEMBER 17, 2024

” The man, who remails at large, used fake email accounts posing as US-based researchers and engineers to target government personnel to obtain software and source code created by the National Aeronautics and Space Administration (“NASA”), research universities, and private companies. Air Force, Navy, Army, and the FAA.”

Phishing

Phishing Government Military Security

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors. ” reads the advisory. ” reads the advisory.

Government

Government Passwords Access Cybersecurity

How to Protect Privacy and Build Secure AI Products

Security Affairs

JULY 18, 2024

AI systems are transforming technology and driving innovation across industries. How to protect privacy and build secure AI products? How to Protect Privacy and Build Secure AI Products AI systems are transforming technology and driving innovation across industries.

Privacy

Privacy Security Data Privacy Risk

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence.

Phishing

Phishing Authentication Access Government

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack. The Rhysida ransomware group has been active since May 2023.

Data breaches

Data breaches Ransomware Manufacturing Education

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The post Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Phishing

Phishing e-Delivery Government Passwords

China-linked APT groups targets orgs via Pulse Secure VPN devices

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

Security

Security Passwords Cybersecurity Government

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” ” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site. ” reads the message published on the leak site.

Military

Military Manufacturing Ransomware Mining

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security

Security Military Ransomware Marketing

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. The vulnerability is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 A vulnerability was discovered under Pulse Connect Secure (PCS).

Security

Security Cybersecurity Authentication Government

Awaken Likho APT group targets Russian government with a new implant

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises.

Government

Government Archiving Phishing Access

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. A security incident is often an indication of poor investment in security programs, rather than personal characeteriziation of the security leader.

Cybersecurity

Cybersecurity Risk Government Compliance

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” continues the DoJ.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Security Affairs

NOVEMBER 6, 2024

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc.

Security

Security Government Risk Data collection

SYS01 stealer targets critical government infrastructure

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. ” reads the analysis published by Morphisec. to lure victims into downloading a malicious file. .”

Government

Government Manufacturing Authentication Cybersecurity

Security Affairs newsletter Round 367 by Pierluigi Paganini

Security Affairs

MAY 29, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?. Pierluigi Paganini.

Security

Security Cybersecurity Ransomware Government

US adds Tencent to the list of companies supporting Chinese military

Security Affairs

JANUARY 7, 2025

The US government does not explain the decision. Unlike the Entity List for Malicious Cyber Activities, managed by the Commerce Departments Bureau of Industry and Security (BIS), the Section 1260 list does not impose any ban or sanction on the tech giant. ” “We are not a military company or supplier.

Military

Military Cloud Government Analytics

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 16, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Ransomware Sales

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

Strategies for Securing Your Supply Chain

IT Governance

OCTOBER 23, 2024

What to do when your ‘supply chain’ is really a ‘supply loop’ When I asked Bridget Kenyon – CISO (chief information security officer) for SSCL, lead editor for ISO 27001:2022 and author of ISO 27001 Controls – what she’d like to cover in an interview, she suggested supply chain security. How can you secure a ‘supply loop’?

Security

Security Information Security Risk Access

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Automotive Industry Chinese Organized Crime’s Latest U.S. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Ransomware MDM

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement. ” continues the announcement.

Government

Government Military Financial Services Security

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Security Affairs

NOVEMBER 20, 2021

banking regulators this week approved a rule that obliges banks to report any major cybersecurity incidents to the government within 36 hours of discovery. banking regulators order banks to notify cybersecurity incidents in 36 hours appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. The post U.S.

Cybersecurity

Cybersecurity Financial Services Insurance Ransomware

How DSPM Helps Businesses Meet Compliance Requirements

Security Affairs

NOVEMBER 27, 2024

Data Security Posture Management (DSPM) helps monitor, secure, and ensure compliance for sensitive data, reducing risks across diverse environments. This is one area where Data Security Posture Management ( DSPM ) can be of great use. In simple terms, DSPM is a data-centric approach to securing cloud environments.

Compliance

Compliance Cloud Data Privacy Risk

AI Governance vs. Data Governance: Understanding the Differences and Opportunities

Gimmal

JANUARY 8, 2025

AI Governance vs. Data Governance: Understanding the Differences and Opportunities Written by In our current rapidly evolving technological landscape, enterprises are collecting, analyzin g, and lev eraging unprecedented amounts of data. YouTube Video: What is AI governance? What is AI Governance? What is AI Governance?

Government

Government Information governance Privacy Compliance

NSA buys internet browsing records from data brokers without a warrant

Security Affairs

JANUARY 29, 2024

National Security Agency (NSA) admitted to buying internet browsing records from data brokers to monitor Americans’ activity online without a court order. released documents that confirmed the National Security Agency (NSA) buys Americans’ internet browsing records without a court order. Senator Ron Wyden, D-Ore.,

Metadata

Metadata Personal data Sales Privacy

What Counts as “Good Faith Security Research?”

Krebs on Security

JUNE 3, 2022

The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. ” What constitutes “good faith security research?” ” The new DOJ policy comes in response to a Supreme Court ruling last year in Van Buren v.

Security

Security Computer and Electronics Access Libraries

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Managing Cybersecurity in the Age of Artificial Intelligence Clearview AI Faces €30.5M

Security

Security Data breaches Artificial Intelligence Ransomware

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 24, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Security

Security Ransomware Data breaches Cybersecurity

Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. million patients in the U.S.

Security

Security Ransomware Data breaches Libraries

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Webinars

Trending Sources

Increased GDPR Enforcement Highlights the Need for Data Security

Webinars

APT41: The threat of KeyPlug against Italian industries

Stark Industries Solutions: An Iron Hammer in the Cloud

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

China-linked Space Pirates APT targets the Russian aerospace industry

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

US Government Lagging on Border Gateway Protocol Security

Relyance AI Raises $32M to Take on AI Governance Challenges

Chinese actors behind attacks on industrial enterprises and public institutions

NSO Group, Positive Technologies and other firms sanctioned by the US government

APT41: The threat of KeyPlug against Italian industries

Chinese man charged for spear-phishing against NASA and US Government

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

How to Protect Privacy and Build Secure AI Products

Storm-2372 used the device code phishing technique since August 2024

Port of Seattle ‘s August data breach impacted 90,000 people

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

China-linked APT groups targets orgs via Pulse Secure VPN devices

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Awaken Likho APT group targets Russian government with a new implant

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

US indicted 4 Russian government employees for attacks on critical infrastructure

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

SYS01 stealer targets critical government infrastructure

Security Affairs newsletter Round 367 by Pierluigi Paganini

US adds Tencent to the list of companies supporting Chinese military

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Unmasking 2024’s Email Security Landscape

Strategies for Securing Your Supply Chain

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

How DSPM Helps Businesses Meet Compliance Requirements

AI Governance vs. Data Governance: Understanding the Differences and Opportunities

NSA buys internet browsing records from data brokers without a warrant

What Counts as “Good Faith Security Research?”

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected