Document - Cyber Security Informer

Russian Cyberwarfare Documents Leaked

Schneier on Security

MARCH 30, 2023

Now this is interesting: Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet. Lots more at the link.

Engineering

Engineering Internet Internet Hacking

New Revelations from the Snowden Documents

Schneier on Security

SEPTEMBER 21, 2023

Jake Appelbaum’s PhD thesis contains several new revelations from the classified NSA documents provided to journalists by Edward Snowden. At this point, those documents are more historical than anything else. Nothing major, but a few more tidbits. Kind of amazing that that all happened ten years ago.

Surveillance

Redacting Documents with a Black Sharpie Doesn’t Work

Schneier on Security

JUNE 29, 2023

Microsoft hearing , Sony supplied a document from PlayStation chief Jim Ryan that includes redacted details on the margins Sony shares with publishers, its Call of Duty revenues, and even the cost of developing some of its games. We have learned this lesson again : As part of the FTC v.

Documented Death from a Ransomware Attack

Schneier on Security

SEPTEMBER 23, 2020

I think this is the first documented case of a cyberattack causing a fatality. UK hospitals had to redirect patients during the 2017 WannaCry ransomware attack , but there were no documented fatalities from that event. The police are treating this as a homicide.

Ransomware

Ransomware Hacking

OpenAI Is Not Training on Your Dropbox Documents—Today

Schneier on Security

DECEMBER 19, 2023

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Dropbox isn’t sharing all of your documents with OpenAI. Here’s CNBC. Here’s Boing Boing. Some articles are more nuanced , but there’s still a lot of confusion. It seems not to be true.

Government

Government Banking Risk Internet

Documents about the NSA’s Banning of Furby Toys in the 1990s

Schneier on Security

FEBRUARY 6, 2024

Via a FOIA request, we have documents from the NSA about their banning of Furby toys.

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

They also enrich documents with metadata and place them in crypto-containers, access to which is only granted by permission. However, all of these solutions are powerless when it comes to photographing a document with a smartphone and compromising printed copies of documents. There are more exotic ways of protecting documents.

Marketing

Marketing Software Surveillance Information Security

Different Methods to Secure Your Microsoft Word Documents

Tech Republic Security

JUNE 29, 2023

Microsoft offers different Word document security solutions. Dive into the methods to learn how you can secure your files and ensure document protection. The post Different Methods to Secure Your Microsoft Word Documents appeared first on TechRepublic.

Software

Software Cybersecurity

Dude, Where’s My Documentation?

Security Boulevard

AUGUST 8, 2024

The post Dude, Where’s My Documentation? When the zero day hits the fan, can you find the information you need? appeared first on Security Boulevard.

Hackers Leak Sensitive Documents from Major Pentagon IT Contractor, Leidos

Penetration Testing

JULY 26, 2024

Cybercriminals have leaked internal documents stolen from Leidos Holdings Inc., According to a source familiar with the situation, Leidos recently became... The post Hackers Leak Sensitive Documents from Major Pentagon IT Contractor, Leidos appeared first on Cybersecurity News. government, Bloomberg reports.

Government

Government Cybersecurity

Hacking gang leaks documents stolen from Pentagon IT provider

Graham Cluley

JULY 29, 2024

Hackers have released internal documents stolen from one of America's largest IT services providers, which counts various US government agencies, including the Department of Defense, amongst its customers. Read more in my article on the Hot for Security blog.

Hacking

Hacking Government Data breaches Ransomware

NEW TECH: DigiCert Document Signing Manager leverages PKI to advance electronic signatures

The Last Watchdog

JULY 21, 2021

And this is why DigiCert recently introduced DigiCert® Document Signing Manager (DSM) – an advanced hosted service designed to increase the level of assurance of the identities of persons signing documents digitally. Trzupek outlined how DSM allows for legally-binding documents with auditability and management of signers. “It

Computers and Electronics

Computers and Electronics Digital transformation Authentication Internet

Ransomware Now Leaking Stolen Documents

Schneier on Security

APRIL 14, 2020

The company refused to pay, so the criminals leaked documents and data belonging to Visser Precision, Lockheed Martin, Boeing, SpaceX, the US Navy, and others. It's a further incentive for the victims to pay. Recently, the aerospace company Visser Precision was hit by the DoppelPaymer ransomware.

Ransomware

Ransomware Encryption Malware

Hackers Leak Internal Documents Stolen from Leidos Holdings

SecureWorld News

JULY 29, 2024

Internal documents from Leidos Holdings Inc., According to a Bloomberg News report on July 23, the documents are believed to have been exfiltrated during a breach of a system operated by Diligent Corp., Graham continued, "For example, if project plans or classified documents are compromised, adversaries might gain insights into U.S.

Government

Government Risk Encryption Authentication

CommitStrip ‘No Documentation’

Security Boulevard

DECEMBER 2, 2021

The post CommitStrip ‘No Documentation’ appeared first on Security Boulevard. via the textual amusements of Thomas Gx , along with the Illustration talents of Etienne Issartia and superb translation skillset of Mark Nightingale - the creators of CommitStrip !

Announcing the Smart SOAR Documentation Site

Security Boulevard

FEBRUARY 23, 2024

We are excited to announce the launch of D3’s public documentation site. Previously, our Smart SOAR documentation was only available to our clients. The post Announcing the Smart SOAR Documentation Site appeared first on Security Boulevard. Now, we are making it accessible to everyone.

Enhancing Document Workflow Automation: GlobalSign and airSlate

GlobalSign

MARCH 19, 2024

Join us as we discover automated document signing workflows through the GlobalSign and airSlate partnership.

OfflRouter Virus: A Persistent Threat in Ukraine Exploiting Confidential Documents

Penetration Testing

APRIL 17, 2024

Cisco Talos security researchers have uncovered a persistent, multi-component virus known as OfflRouter that has been quietly infecting Ukrainian systems and stealing sensitive documents since 2015.

Penetration Testing

Penetration Testing Malware

Threats That Hide in Your Microsoft Office Documents

Security Boulevard

MAY 28, 2024

By Nathaniel Raymond Microsoft Office documents in the Office365 software suite have become a mainstay for many users who need to create documents for business reports, college essays, resumes, essential notetaking, and even strategic analyses.

Software

Software Technology

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption

Encryption Malware Phishing Hacking

Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks

The Hacker News

MARCH 19, 2024

Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends.

Phishing

Cabinet of Secret Documents from Australia

Schneier on Security

FEBRUARY 7, 2018

Inside was the trove of documents now known as The Cabinet Files. There's lots of interesting (and embarassing ) stuff in the documents, although most of it is local politics. The deals can be even cheaper when the items in question are two heavy filing cabinets to which no-one can find the keys.

Government

Government Media Internet Internet

Leaked Documents Reveal NVIDIA’s Secret AI Training Practices

Penetration Testing

AUGUST 6, 2024

NVIDIA has used videos from YouTube and other sources to train its AI products, as revealed by internal communications and documents obtained by 404 Media. When discussing the legal and ethical aspects of using... The post Leaked Documents Reveal NVIDIA’s Secret AI Training Practices appeared first on Cybersecurity News.

Media

Media Cybersecurity

Seqrite Labs Uncovers New Cronus Ransomware Campaign Utilizing Fake PayPal Documents

Penetration Testing

AUGUST 11, 2024

In a recent report, the Seqrite Labs APT-Team has exposed a series of malicious campaigns employing fake PayPal documents to spread a new fileless ransomware variant known as Cronus. This... The post Seqrite Labs Uncovers New Cronus Ransomware Campaign Utilizing Fake PayPal Documents appeared first on Cybersecurity News.

Ransomware

Ransomware Cybersecurity Malware

NIST Draft Document on Post-Quantum Cryptography Guidance

Schneier on Security

MAY 2, 2023

NIST has release a draft of Special Publication1800-38A: Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography.”

Leaked Documents Reveal China's State-Sponsored Hacking Operations

SecureWorld News

FEBRUARY 22, 2024

Recently leaked documents from Chinese cybersecurity firm i-SOON provide an unprecedented look at China's extensive state-sponsored hacking operations. Targets listed in the documents span Central and Southeast Asia, Hong Kong, and Taiwan. The specifics of the leaked capabilities that directly relate to these or other U.S. government."

Hacking

Hacking Government Firewall Cyber threats

Former NSA employee pleads guilty to attempted selling classified documents to Russia

Security Affairs

OCTOBER 24, 2023

The ex-NSA employee had Top Secret clearance that give him access to top secret documents. All three documents from which the excerpts were taken contain NDI, are classified as Top Secret//Sensitive Compartmented Information (SCI) and were obtained by Dalke during his employment with the NSA.”

Encryption

Encryption Hacking Accountability Information Security

FAUST Ransomware Strikes: The Hidden Dangers Inside Office Documents

Penetration Testing

JANUARY 25, 2024

This malicious software, designed to encrypt files on a victim’s computer, demands a ransom in exchange for the decryption key,... The post FAUST Ransomware Strikes: The Hidden Dangers Inside Office Documents appeared first on Penetration Testing.

Penetration Testing

Penetration Testing Ransomware Encryption Software

Microsoft warns of attacks targeting Office documents

Tech Republic Security

SEPTEMBER 8, 2021

Affecting Windows desktops and servers, the attacks exploit an MSHTML vulnerability by using specially crafted Microsoft Office documents.

Rhysida ransomware leaks documents stolen from Chilean Army

Bleeping Computer

JUNE 15, 2023

Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents stolen from the network of the Chilean Army (Ejército de Chile). [.]

Ransomware

Linux and open-source documentation is a mess: Here's the solution

Zero Day

SEPTEMBER 12, 2024

We need to improve the quality of our documentation, and the way to do that is simple. Simply telling someone to RTFM is not an answer when the manual is outdated, unreadable, or nonexistent.

Proton Is Launching Encrypted Documents to Take On Google Docs

WIRED Threat Level

JULY 3, 2024

Proton is adding an end-to-end encrypted documents editor to its privacy tools, boosting its competition with Google’s suite of productivity apps.

Encryption

3 Considerations for Securing Internal Documents Within Financial Services

GlobalSign

MARCH 4, 2024

Here are 3 areas to consider when securing document signing workflows in the financial services.

Financial Services

14 UK schools suffer cyberattack, highly confidential documents leaked

CSO Magazine

JANUARY 6, 2023

More than a dozen schools in the UK have suffered a cyberattack which has led to highly confidential documents being leaked online by cybercriminals. Pates Grammar School in Gloucestershire is one of 14 to have been impacted by the data breach, the BBC reported , with Vice Society hackers using generic search terms to steal documents.

Data breaches

Data breaches Education Cybercrime Ransomware

Classified NATO documents sold on darkweb after they were stolen from Portugal

Security Affairs

SEPTEMBER 9, 2022

Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA). “It was a cyberattack prolonged in time and undetectable , through bots programmed to detect this type of documents, which were later removed in several stages”, explained one of these sources. .

Data breaches

Data breaches Hacking Information Security Cybersecurity

These 2 attacks allow to alter certified PDF Documents

Security Affairs

MAY 30, 2021

Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature. The attacks are documented in CVE-2020-35931 , CVE-2021-28545 , and CVE-2021-28546. ed document by inserting annotations that include malicious code.

Banking

Banking Accountability Hacking Information Security

Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia

Security Affairs

MAY 1, 2024

NSA employee has been sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia. Dalke pleaded guilty to six counts of attempting to transmit classified documents to a foreign agent while he was working at the NSA. A former U.S.

Accountability

Accountability Encryption Government Hacking

Newly Unclassified NSA Document on Cryptography in the 1970s

Schneier on Security

MAY 10, 2021

This is a newly unclassified NSA history of its reaction to academic cryptography in the 1970s: “ New Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era ,” Cryptographic Quarterly , Spring 1996, author still classified.

When a breach goes from 25 documents to 1.3 terabytes…

Graham Cluley

APRIL 11, 2024

If 25 documents stolen is "very serious," I'm not sure the words exist to describe the 1.3 terabytes of data that Leicester City Council now says it has had stolen by hackers.

Ransomware

Ransomware Malware

Beware of Word: Remcos RAT Lurks in Malicious Documents

Penetration Testing

JUNE 25, 2024

A new and sophisticated cyber attack campaign has surfaced, leveraging a weaponized Microsoft Word document to deliver the notorious Remcos Remote Access Trojan (RAT).

Cyber Attacks

Cyber Attacks Malware Cybersecurity

RansomEXX gang claims to have hacked Ferrari and leaked online internal documents

Security Affairs

OCTOBER 3, 2022

The Italian luxury sports car manufacturer Ferrari confirmed the availability of internal documents online, but said it has no evidence of cyber attack. Documents belonging to the Italian luxury sports car manufacturer Ferrari are circulating online, the company confirmed their authenticity stating it is not aware of cyber attacks.

Hacking

Hacking Manufacturing Cyber Attacks Ransomware

Uber’s hacker irritated his way into its network, stole internal documents

Graham Cluley

SEPTEMBER 16, 2022

Uber has suffered a security breach which allowed a hacker to break into its network, and access the company's internal documents and systems. How did they do it? By bombarding an employee with a spate of multi-factor authentication (MFA) push notifications.

Authentication

Authentication Data breaches

FBI training document shows lawful access to multiple encrypted messaging apps

Security Affairs

DECEMBER 1, 2021

An FBI document shows what data can be obtained from them. The Record shared an FBI training document that reveals the surveillance capabilities of the US law enforcement detailing which data can be extracted from encrypted messaging apps. ” reads the document. Which are the most secure encrypted messaging apps?

Encryption

Encryption Surveillance Hacking Information Security

Unpatched Security Flaws Disclosed in Multiple Document Management Systems

The Hacker News

FEBRUARY 8, 2023

Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System (DMS) offerings from four vendors LogicalDOC, Mayan, ONLYOFFICE, and OpenKM.

Cybersecurity

Russian Cyberwarfare Documents Leaked

New Revelations from the Snowden Documents

Trending Sources

Redacting Documents with a Black Sharpie Doesn’t Work

Documented Death from a Ransomware Attack

OpenAI Is Not Training on Your Dropbox Documents—Today

Documents about the NSA’s Banning of Furby Toys in the 1990s

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Different Methods to Secure Your Microsoft Word Documents

Dude, Where’s My Documentation?

Hackers Leak Sensitive Documents from Major Pentagon IT Contractor, Leidos

Hacking gang leaks documents stolen from Pentagon IT provider

NEW TECH: DigiCert Document Signing Manager leverages PKI to advance electronic signatures

Ransomware Now Leaking Stolen Documents

Hackers Leak Internal Documents Stolen from Leidos Holdings

CommitStrip ‘No Documentation’

Announcing the Smart SOAR Documentation Site

Enhancing Document Workflow Automation: GlobalSign and airSlate

OfflRouter Virus: A Persistent Threat in Ukraine Exploiting Confidential Documents

Threats That Hide in Your Microsoft Office Documents

North Korea-linked Konni APT uses Russian-language weaponized documents

Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks

Cabinet of Secret Documents from Australia

Leaked Documents Reveal NVIDIA’s Secret AI Training Practices

Seqrite Labs Uncovers New Cronus Ransomware Campaign Utilizing Fake PayPal Documents

NIST Draft Document on Post-Quantum Cryptography Guidance

Leaked Documents Reveal China's State-Sponsored Hacking Operations

Former NSA employee pleads guilty to attempted selling classified documents to Russia

FAUST Ransomware Strikes: The Hidden Dangers Inside Office Documents

Microsoft warns of attacks targeting Office documents

Rhysida ransomware leaks documents stolen from Chilean Army

Linux and open-source documentation is a mess: Here's the solution

Proton Is Launching Encrypted Documents to Take On Google Docs

3 Considerations for Securing Internal Documents Within Financial Services

14 UK schools suffer cyberattack, highly confidential documents leaked

Classified NATO documents sold on darkweb after they were stolen from Portugal

These 2 attacks allow to alter certified PDF Documents

Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia

Newly Unclassified NSA Document on Cryptography in the 1970s

When a breach goes from 25 documents to 1.3 terabytes…

Beware of Word: Remcos RAT Lurks in Malicious Documents

RansomEXX gang claims to have hacked Ferrari and leaked online internal documents

Uber’s hacker *irritated* his way into its network, stole internal documents

FBI training document shows lawful access to multiple encrypted messaging apps

Unpatched Security Flaws Disclosed in Multiple Document Management Systems

Stay Connected

Uber’s hacker irritated his way into its network, stole internal documents