Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Given Telegrams end-to-end encryption and widespread use, an exploit that bypasses its security could be a game-changer for cyber espionage. The Russian firm seeks up to $500K for one-click RCE, $1.5M continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 333

Antivirus VPN Encryption Malware 333

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 64

Malware Artificial Intelligence DNS Ransomware 64

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 117

Data breaches Cybercrime Cyber Insurance Marketing 117

Schneier on Security

FEBRUARY 7, 2020

That allows it to then encrypt the data that those control system programs interact with. While crude compared to other malware purpose-built for industrial sabotage, that targeting can nonetheless break the software used to monitor infrastructure, like an oil firm's pipelines or a factory's robots.

Ransomware 274

Ransomware Malware Encryption Software 274

The Hacker News

DECEMBER 22, 2023

Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate

Government 105

Government Malware Engineering Encryption 105

The Last Watchdog

DECEMBER 18, 2024

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. state privacy laws, the EUs governance of ethical AI deployment, and updated regulations in India and Japan.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

SecureList

NOVEMBER 28, 2024

However, P8 contains many built-in functions and redesigns of the communication protocol and encryption algorithm, making it a well-designed and powerful espionage platform. The secure USB drive was developed by a government entity in Southeast Asia to securely store and transfer files between machines in sensitive environments.

Malware 117

Malware Government Software Spyware 117

Security Affairs

DECEMBER 3, 2024

Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 The threat actors had access to the company’s information technology systems and encrypted some of its data files. . million year-to-date. ” reads the report filed with SEC.

Ransomware 118

Ransomware Encryption Technology Cybersecurity 118

SecureList

OCTOBER 15, 2024

Its primary targets have been military and government entities in Pakistan, Sri Lanka, China and Nepal. The malware uses different strings to load libraries and functions required for execution. In particular, Avast and AVG solutions are of interest to the malware. If the CPU is not from Intel or AMD, it terminates execution.

Malware 143

Malware Encryption Architecture Phishing 143

Security Affairs

NOVEMBER 19, 2024

Ptitsyn reportedly sold the ransomware on darknet forums under aliases like “derxan” and “zimmermanx,” enabling other criminals to encrypt data and demand ransom. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 116

Security Affairs

SEPTEMBER 10, 2022

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. PlugX is modular malware has backdoor capabilities that could be extended by downloading additional plugins. In the recent campaign, the malware is included in RAR archive files.

Government 128

Government Malware Encryption Hacking 128

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide.

Ransomware 112

Ransomware IoT Encryption Social Engineering 112

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. and Swiss governments sought the suspects, and Switzerland has requested their extradition. Both the U.S.

Ransomware 71

Ransomware Encryption Backups Malware 71

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

VPN 122

VPN Government Malware Manufacturing 122

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Quantum computing advances are making traditional encryption obsolete, and adversaries are stockpiling data for future decryption. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies.

Risk 173

Risk Threat Detection Technology Phishing 173

Security Affairs

DECEMBER 11, 2024

The man and co-conspirators exploited a zero-day vulnerability, tracked as CVE-2020-12271 , in Sophos firewalls to deploy malware. The malware stole data and encrypted files to block remediation attempts. Tianfeng worked at Sichuan Silence Information Technology Co., ” reads the press release published by DoJ.

Firewall 75

Firewall Hacking Malware Passwords 75

Security Affairs

APRIL 7, 2025

In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement and other government agencies to illicitly forward Emergency Data Requests (EDRs) to major online platforms. Payments are mostly made in Bitcoin or Monero, to ensure confidentiality and irreversibility.

Cybercrime 118

Cybercrime Social Engineering Accountability Government 118

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers.

Ransomware 300

Ransomware Cybercrime Accountability Malware 300

Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. center, linked to Konni malware used by APT37, and nidlogon[.]com, One of C2 domains, st0746[.]net,

Spyware 77

Spyware Surveillance Encryption Malware 77

Security Boulevard

MARCH 10, 2023

Executive Summary In February 2023, EclecticIQ researchers identified multiple KamiKakaBot malwares which are very likely used to target government entities in ASEAN (Association of Southeast Asian Nations) countries. Dark Pink is an Advanced Persistent Threat (APT) group active in the ASEAN region.

Government 121

Government Malware Encryption Passwords 121

IT Security Guru

NOVEMBER 1, 2024

Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom. With more nations and corporations investing heavily in digital platforms, cybersecurity investments have become paramount.

Technology 109

Technology Cyber Attacks Government Social Engineering 109

Security Affairs

SEPTEMBER 5, 2024

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. The malware is highly obfuscated and disguises itself as system utilities, allowing attackers to perform tasks like file manipulation, command execution, and remote port scanning. TCP, RDP, TLS, Ping, Web).

Malware 119

Malware Telecommunications Encryption Hacking 119

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. government entities in Belgium, and telecommunications companies in Thailand and Brazil. “Analysis of the script download URL’s telemetry reveals a concentrated pattern of infections. .

Malware 134

Malware Telecommunications Encryption DDOS 134

Webroot

NOVEMBER 21, 2024

The five core components of a VPN are: Encryption : The conversion of information into a coded format that can only be read by someone who has the decryption key. Split tunneling: Allows you to choose which internet traffic goes through the VPN (with encryption) and which goes directly to the internet. How do VPNs work?

VPN 110

VPN Antivirus Internet Internet 110

Adam Levin

SEPTEMBER 29, 2020

The school district was originally infected with a still unidentified strain of malware on August 27, It declined to pay the ransom demanded in return for access to the encrypted files. The FBI strongly discourages paying ransom in response to ransomware attacks.

Ransomware 237

Ransomware Media Encryption Government 237

IT Security Guru

MARCH 26, 2025

At an individual level, this will change how we interact with each other as citizens, with our governments, perform our jobs and consume goods and services. Verified Identity, access permission controls, data encryption are all challenges for the cybersecurity industry in a world of autonomous machines!

Cybersecurity 113

Cybersecurity Encryption Threat Detection Authentication 113

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 122

Malware Antivirus Software Passwords 122

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. – Government entities. Image: Abnormal Security. For example, the Lockbit 2.0 – Canada. – Australia.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Security Affairs

DECEMBER 8, 2024

officials urge Americans to use encrypted apps amid unprecedented cyberattack The Great Pokmon Go Spy Panic Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Artificial Intelligence 102

Artificial Intelligence Spyware Hacking Ransomware 102

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The campaign has been active since at least 2021, threat actors employed downloaders and loaders to deploy next-stage malware. report – CurKeep collects information about the infected machine.

Government 131

Government Encryption Malware Phishing 131

Krebs on Security

OCTOBER 28, 2020

The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of customers globally, including banks, government agencies, airports, casinos, jewelry stores, tax agencies and even nuclear power plants. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job.

Hacking 359

Hacking Ransomware Banking Accountability 359

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. Researchers from Trend Micro, while monitoring the activity of the China-linked threat actor Earth Lusca , discovered an encrypted file hosted on a server under the control of the group.

Malware 126

Malware Encryption Telecommunications Authentication 126

The Hacker News

MARCH 3, 2024

cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware.

Ransomware 144

Ransomware Encryption Government Malware 144

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. The Rhysida ransomware group has been active since May 2023. The victims of the group are targets of opportunity.

Data breaches 93

Data breaches Ransomware Cyber Attacks Manufacturing 93

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing 141

Phishing Malware Computers and Electronics Internet 141