2016, Encryption and Information Security

Hackers penetrated NEC defense business division in 2016

Security Affairs

JANUARY 31, 2020

Japanese electronics and IT giant NEC confirmed a security breach suffered by its defense business division in December 2016. The IT giant NEC confirmed that the company defense business division has suffered a security breach back in December 2016. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising Antivirus Encryption

Facebook announces WhatsApp end-to-end encrypted (E2EE) backups

Security Affairs

SEPTEMBER 13, 2021

Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud. Facebook will continue to work to protect the privacy of WhatsApp users and announced that it will allow users to encrypt their message history backups in the cloud. ” reads the announcement published by WhatsApp.

Backups

Backups Encryption Passwords Accountability

Zendesk 2016 security breach may impact Uber, Slack, and other organizations

Security Affairs

OCTOBER 2, 2019

Zendesk discloses a data breach that took place in 2016 when a hacker accessed data of 10,000 users, including passwords, emails, names, and phone numbers. In 2016, customer service software company Zendesk suffered a security breach that exposed data of 10,000 users, including passwords, emails, names, and phone numbers.

Data breaches

Data breaches Passwords Accountability Authentication

NIST’s Post-Quantum Cryptography Standards

Schneier on Security

AUGUST 8, 2022

Cryptographers hate being rushed into things, which is why NIST began a competition to create a post-quantum cryptographic standard in 2016. The idea is to standardize on both a public-key encryption and digital signature algorithm that is resistant to quantum computing, well before anyone builds a useful quantum computer.

Encryption

Encryption Architecture Engineering Information Security

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Security Affairs

FEBRUARY 23, 2022

National Security Agency (NSA) Equation Group. The name “ Bvp47 ” comes form numerous references to the string “Bvp” and the numerical value “0x47” used in the encryption algorithm. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, backdoor).

Encryption

Encryption Hacking Government Engineering

Linux variant of Cerber ransomware targets Atlassian servers

Security Affairs

APRIL 17, 2024

Cado Security Labs recently became aware that Cerber ransomware is being deployed into Confluence servers via the CVE-2023-22518 exploit. Cerber has been active since at least 2016, most recently it was involved in attacks against Confluence servers. ” continues the report. 0” at startup and “/tmp/log.1”

Ransomware

Ransomware Encryption Malware Accountability

OpenSSL to fix the second critical flaw ever

Security Affairs

OCTOBER 26, 2022

Experts pointed out that it is the first critical vulnerability patched in toolkit since September 2016. is a security-fix release. SecurityAffairs – hacking, encryption ). The post OpenSSL to fix the second critical flaw ever appeared first on Security Affairs. ” reads the announcement. “OpenSSL 3.0.7

Encryption

Encryption Hacking Information Security

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

Those secrets collectively have a code name—ECI, for exceptionally compartmented information—and almost never appear in the documents. Chatting with Snowden on an encrypted IM connection, I joked that the NSA cafeteria menu probably has code names for menu items. Transferring files electronically is what encryption is for.

Surveillance

Surveillance Computers and Electronics Government Encryption

CyberSecurity Hall of Fame

Adam Shostack

AUGUST 5, 2018

Congratulations to the 2016 winners ! Dan Geer, Chief Information Security Officer at In-Q-Tel; Lance J.

Cybersecurity

Cybersecurity Education Encryption Information Security

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware

Ransomware Encryption Passwords Malware

No More Ransom helped ransomware victims to save almost €1B

Security Affairs

JULY 26, 2021

The “No More Ransom” website is an initiative launched in 2016 by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee to help victims of ransomware retrieve their encrypted data without having to pay the criminals. ” reads the post published by the EUROPOL.

Ransomware

Ransomware Encryption Cybercrime Hacking

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

The ZIP archives contain a compressed executable payload that, if executed, will start the encryption process with LockBit Black ransomware. The emails sent in the April campaign contain ZIP attachments and were sent by the same addresses, “JennyBrown3422[@]gmail[.]com,” com,” and “Jenny[@]gsd[.]com.”

Phishing

Phishing Ransomware Security Awareness Authentication

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” Please see this KB for more information. ” continues Microsoft.

Authentication

Authentication Malware Advertising Hacking

Emsisoft releases free decryptor for the victims of the Diavol ransomware

Security Affairs

MARCH 19, 2022

TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features. In January, the FBI officially linked the Diavol ransomware operation to the infamous TrickBot gang , the group that is behind the TrickBot banking trojan.

Ransomware

Ransomware Encryption Malware Banking

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

The ransomware encrypts files on the targeted systems using the “ cuba” extension. The Hancitor downloader has been active since at least 2016 for dropping Pony and Vawtrak. The FBI discourages paying the ransom because there is no guarantee to recover the encrypted files.

Ransomware

Ransomware Hacking Malware Encryption

Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

Security Affairs

JUNE 10, 2022

The ransomware encrypts files on the targeted systems using the “.cuba” The Hancitor downloader has been active since at least 2016 for dropping Pony and Vawtrak. .” Its operators have a data leak site, where they post exfiltrated data from their victims who refused to pay the ransom. cuba” extension.

Ransomware

Ransomware Malware Encryption Hacking

FBI links the Diavol ransomware to the TrickBot gang

Security Affairs

JANUARY 20, 2022

Diavol encrypts files solely using an RSA encryption key, and its code is capable of prioritizing file types to encrypt based on a pre-configured list of extensions defined by the attacker. “The FBI has not yet observed Diavol leak victim data, despite ransom notes including threats to leak stolen information.”

Ransomware

Ransomware Banking Malware Encryption

Counting Down to the EU NIS2 Directive

Thales Cloud Protection & Licensing

MAY 22, 2024

On 17 October 2024, European Union Member States must adopt and publish the measures necessary to comply with the Network and Information Security Directive (NIS2). Supply chain security. Network and information systems security. Cryptography and encryption. Business continuity/crisis management.

Marketing

Marketing Data breaches Risk Authentication

Post-quantum cryptographic standards to be finalized later this year

SC Magazine

MAY 25, 2021

Most cryptographers believe that the sheer power of quantum computing will be capable of tearing through many of the existing public key encryption algorithms, like RSA or Diffie-Hellman, that underpin most computer hardware and software today. It could also threaten some symmetric key algorithms, though not to nearly the same extent.

Technology

Technology Government Encryption Backups

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Security Affairs

JUNE 24, 2024

Members of the ExCobalt group have been active since at least 2016, the researchers believe that the group is linked to the notorious Cobalt Gang. The backdoor serializes, encrypts, archives, and sends the collected data to a designated server that stores compromised data.

Cybercrime

Cybercrime Telecommunications DNS Technology

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Security Affairs

FEBRUARY 2, 2024

According to his LinkedIn profile , Schulte worked for the NSA for five months in 2010 as a systems engineer, after this experience, he joined the CIA as a software engineer and he left the CIA in November 2016. Schulte was identified a few days after WikiLeaks started leaking the precious dumps.

Computers and Electronics

Computers and Electronics Engineering Hacking Data breaches

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

In 2016, researchers from the non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried out by the Stealth Falcon. The remaining components are encrypted and stored within a binary registry value.”

Spyware

Spyware Malware Architecture Encryption

MyKings botnet operators already amassed at least $24 million

Security Affairs

OCTOBER 13, 2021

According to the researchers, the Smominru botnet has been active at least since 2016 and at the time of its discovery infected more than 526,000 Windows computers. “For protection against quick analysis and against static extraction with regular expressions, the substitute values are encrypted. ” continues the analysis.

Cryptocurrency

Cryptocurrency Encryption Malware Hacking

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The Dharma ransomware first appeared on the threat landscape in February 2016, at the time experts dubbed it Crysis. In November 2016, the master decryption keys for Crysis were released online, victims of CrySis versions 2 and 3 were able to recover their files.

Ransomware

Ransomware Hacking Advertising Malware

Experts found many similarities between the new Karma Ransomware and Nemty variants

Security Affairs

OCTOBER 19, 2021

Karma ransomware is a new threat that was first spotted in June of 2021, it is important to distinguish it from a different threat with the same name that is active since 2016. Sentinel Labs experts have analyzed the new Karma ransomware and speculate it represents an evolution of the Nemty ransomware operation.

Ransomware

Ransomware Encryption Malware Hacking

Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug

Security Affairs

JULY 4, 2019

In October, Kaspersky revealed that the CVE-2018-8453 vulnerability has been exploited by the APT group tracked as FruityArmor , a cyber-espionage group that was first observed in 2016 while targeting activists, researchers, and individuals related to government organizations. Further details, including IoCs, are reported in the analysis.

Ransomware

Ransomware Encryption Advertising Architecture

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak. Starting from 2016 the group developed a new custom malware using Cobalt Strike, a legitimate penetration testing framework. Hladyr also controlled the organization’s encrypted channels of communication.”

System Administration

System Administration Penetration Testing Malware Hacking

Yahoo proposes $117.5 million for the settlement of data breach

Security Affairs

APRIL 9, 2019

Yahoo is continuously trying to settle a lawsuit on the massive data breach over the period of 2013 to 2016. million settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history”. This time Yahoo could pay $117.5

Data breaches

Data breaches Small Business Advertising Cryptocurrency

Microsoft publishes mitigations for the PetitPotam attack

Security Affairs

JULY 26, 2021

The attack abuses the Encrypting File System Remote (EFSRPC) protocol, which is used to perform maintenance and management operations on encrypted data that is stored remotely and accessed over a network.

Authentication

Authentication Passwords Encryption Hacking

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

The files are then held for ransom and the victim is threatened by data loss, because of the encryption, and leaking of the exfiltrated data. Files are encrypted with a combination of AES-256 and RSA-4096 via the Microsoft CryptoAPI , as per CrowdStrike. Earlier versions appended the.CONTI extension to encrypted files.

Healthcare

Healthcare Ransomware Encryption Passwords

Leafly Cannabis information platform suffered a data leak

Security Affairs

OCTOBER 12, 2019

The company discovered on September 30 that a secondary database was exposing customer information from July 2, 2016. Exposed records include user’s email addresses, usernames and encrypted passwords, fortunately, no financial data was collected by the company.

Passwords

Passwords Advertising Mobile Encryption

New Mirai botnet targets tens of flaws in popular IoT devices

Security Affairs

JUNE 22, 2023

” The researchers pointed out that the Mirai variant like IZ1H9 and V3G4 will first initialize an encrypted string table and then retrieve the strings through an index. However, the persistent security concerns surrounding these devices cannot be ignored. The Mirai botnet, discovered back in 2016, is still active today.

IoT

IoT Malware Encryption DDOS

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Security Affairs

JULY 22, 2019

Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate. The Kazakhstan government is beginning to intercept all the encrypted traffic and to do it is forcing users in the country to install a certificate. ” states Tele2.

Internet

Internet Internet Encryption Government

Does Your Health App Meet HIPAA Compliance Requirements?

Security Boulevard

NOVEMBER 12, 2021

The Health Information Technology for Economic and Clinical Health (HITECH) Act applied these safeguards to electronic health record (EHR) technology. As web and mobile apps became the norm, the Department of Health and Human Services (HHS) published a 2016 guidance around health applications. Apply encryption. Data-in-transit.

Healthcare

Healthcare Mobile Technology Encryption

DNA testing company failed to protect sensitive genetic and health data, says FTC

Malwarebytes

JUNE 20, 2023

This is because despite claims of rock solid security, sensitive data was being stored in publicly accessible Amazon Web Service buckets. According to the complaint, the data in the storage buckets was not encrypted, no monitoring was taking place with regard to who was accessing it, and there were no access restrictions in place either.

Insurance

Insurance Risk Manufacturing Encryption

UK ICO proposes a $123 million fine for Marriott 2014 data breach

Security Affairs

JULY 9, 2019

Marriott International has bought Starwood Hotels and Resorts Worldwide in 2016 for $13 billion. According to the company, hackers accessed to the Starwood’s guest reservation system since 2014 and copied and encrypted the information. The brand includes St. ” reads the statement published by the ICO.

Data breaches

Data breaches Data privacy Advertising Encryption

JSWorm: The 4th Version of the Infamous Ransomware

Security Affairs

SEPTEMBER 4, 2019

Table 1: Information about JSWorm 4.0.2 JSWorm encrypts all the user files appending a new extension to their name. Unlike other ransomware, the extension is composed by many fields, reporting the information the user needs to move on the ransom payment phase. Figure 3: Extensions excluded from encryption.

Ransomware

Ransomware Encryption Malware Backups

Experts linked multiple ransomware strains North Korea-backed APT38 group

Security Affairs

MAY 4, 2022

A Mandiant’s report attributed the string of attacks against the SWIFT banking system to the APT38, including the hack of Vietnam’s TP Bank in 2015, Bangladesh’s central bank in 2016, Taiwan’s Far Eastern International in 2017, Bancomext in Mexico in 2018, and Banco de Chile in 2018. ” reads the analysis published by Trellix.

Ransomware

Ransomware Banking Malware Hacking

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

“We found dozens of related samples that had been appearing in the wild since 2016 and had been deployed in various application marketplaces including Google Play.” Experts observed around 300 infection attacks on Android devices in India, Vietnam, Bangladesh, Indonesia since 2016. Android version, installed apps). .

Malware

Malware Advertising Marketing Spyware

US arrested Latvian woman who developed part of Trickbot malware

Security Affairs

JUNE 5, 2021

Once infected a system, the ransomware informed victims that their files were encrypted demanded the payment of a Bitcoin ransom to decrypt them. TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features.

Malware

Malware Banking Ransomware Encryption

New GTPDOOR backdoor is designed to target telecom carrier networks

Security Affairs

MARCH 4, 2024

The cyberespionage group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. If the implant is active, a specially crafted empty TCP packet is returned, accompanied by information regarding the host’s responsiveness.

Telecommunications

Telecommunications Firewall Mobile Malware

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize law enforcement agencies into using spyware to spy on suspects’ devices, the malicious code allows agents to read encrypted communications, to track their movements, exfiltrate data and spy on them via built-in microphone and camera. ” reads the official announcement. Pierluigi Paganini.

Spyware

Spyware Government Surveillance Encryption

New FuxSocy Ransomware borrows code from defunct Cerber

Security Affairs

OCTOBER 28, 2019

The Cerber ransomware was first spotted in 2016, it was offered in the criminal underground as a ransomware-as-a-service (RaaS). “For example, when encrypting files FuxSocy will skip files whose file path contain certain strings. Experts also noticed that the FuxSocy Encryptor only encrypts a portion of the files.

Ransomware

Ransomware Encryption Advertising Cybercrime

Hackers penetrated NEC defense business division in 2016

Facebook announces WhatsApp end-to-end encrypted (E2EE) backups

Trending Sources

Zendesk 2016 security breach may impact Uber, Slack, and other organizations

NIST’s Post-Quantum Cryptography Standards

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Linux variant of Cerber ransomware targets Atlassian servers

OpenSSL to fix the second critical flaw ever

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Snowden Ten Years Later

CyberSecurity Hall of Fame

FBI published a flash alert on Mamba Ransomware attacks

No More Ransom helped ransomware victims to save almost €1B

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Emsisoft releases free decryptor for the victims of the Diavol ransomware

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

FBI links the Diavol ransomware to the TrickBot gang

Counting Down to the EU NIS2 Directive

Post-quantum cryptographic standards to be finalized later this year

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

MyKings botnet operators already amassed at least $24 million

Source code of Dharma ransomware now surfacing on public hacking forums

Experts found many similarities between the new Karma Ransomware and Nemty variants

Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug

A member of the FIN7 group was sentenced to 10 years in prison

Yahoo proposes $117.5 million for the settlement of data breach

Microsoft publishes mitigations for the PetitPotam attack

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Leafly Cannabis information platform suffered a data leak

New Mirai botnet targets tens of flaws in popular IoT devices

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Does Your Health App Meet HIPAA Compliance Requirements?

DNA testing company failed to protect sensitive genetic and health data, says FTC

UK ICO proposes a $123 million fine for Marriott 2014 data breach

JSWorm: The 4th Version of the Infamous Ransomware

Experts linked multiple ransomware strains North Korea-backed APT38 group

PhantomLance, a four-year-long cyberespionage spying campaign

US arrested Latvian woman who developed part of Trickbot malware

New GTPDOOR backdoor is designed to target telecom carrier networks

Swedish Government grants police the use of spyware against violent crime suspects

New FuxSocy Ransomware borrows code from defunct Cerber

Stay Connected