Adam Levin

AUGUST 19, 2019

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files.

Government 213

Government Ransomware Encryption Malware 213

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 72

Malware Spyware Government Mobile 72

SecureList

APRIL 23, 2025

We found that the malware was running in the memory of a legitimate SyncHost. In the South Korean internet environment, the online banking and government websites require the installation of particular security software to support functions such as anti-keylogging and certificate-based digital signatures.

Malware 144

Malware Software Encryption Internet 144

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 328

Antivirus VPN Encryption Malware 328

Malwarebytes

MAY 8, 2025

According to the original complaint against NSO Group, filed in October 2019, the spyware vendor used WhatsApp servers to send malware to around 1400 mobile phones. NSO Group reverse engineered WhatsApp’s software and developed its own software and servers to send messages to victims via the WhatsApp service that contained malware.

Spyware 110

Spyware Hacking Surveillance Government 110

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Artificial Intelligence DNS Ransomware 63

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Given Telegrams end-to-end encryption and widespread use, an exploit that bypasses its security could be a game-changer for cyber espionage. The Russian firm seeks up to $500K for one-click RCE, $1.5M continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

APRIL 30, 2025

PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978 , Tropical Scorpius , UNC2596 ), used RomCom RAT and Hancitor since 2019 to target critical infrastructure, governments, and NATO-linked entities.

Encryption 98

Encryption Ransomware Malware Phishing 98

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 116

Data breaches Cybercrime Cyber Insurance Marketing 116

Security Affairs

APRIL 25, 2025

The attackers used multiple hacking tools and malware, including ThreatNeedle , Agamemnon downloader, wAgent , SIGNBT, and COPPERHEDGE. We found that the malware was running in the memory of a legitimateSyncHost.exeprocess, and was created as a subprocess of Cross EX, legitimate software developed in South Korea.”

Malware 92

Malware Software Encryption Hacking 92

Security Affairs

APRIL 17, 2025

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Encryption 113

Encryption Government Malware Internet 113

Schneier on Security

FEBRUARY 7, 2020

That allows it to then encrypt the data that those control system programs interact with. While crude compared to other malware purpose-built for industrial sabotage, that targeting can nonetheless break the software used to monitor infrastructure, like an oil firm's pipelines or a factory's robots.

Ransomware 272

Ransomware Malware Encryption Software 272

The Last Watchdog

DECEMBER 18, 2024

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. state privacy laws, the EUs governance of ethical AI deployment, and updated regulations in India and Japan.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

SecureList

NOVEMBER 28, 2024

However, P8 contains many built-in functions and redesigns of the communication protocol and encryption algorithm, making it a well-designed and powerful espionage platform. The secure USB drive was developed by a government entity in Southeast Asia to securely store and transfer files between machines in sensitive environments.

Malware 118

Malware Government Software Spyware 118

SecureList

NOVEMBER 29, 2024

Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations. The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens.

Energy and Utilities 106

Energy and Utilities Ransomware Malware Government 106

SecureList

OCTOBER 15, 2024

Its primary targets have been military and government entities in Pakistan, Sri Lanka, China and Nepal. The malware uses different strings to load libraries and functions required for execution. In particular, Avast and AVG solutions are of interest to the malware. If the CPU is not from Intel or AMD, it terminates execution.

Malware 143

Malware Encryption Architecture Phishing 143

Security Affairs

DECEMBER 3, 2024

Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 The threat actors had access to the company’s information technology systems and encrypted some of its data files. . million year-to-date. ” reads the report filed with SEC.

Ransomware 118

Ransomware Encryption Technology Cybersecurity 118

Security Affairs

NOVEMBER 19, 2024

Ptitsyn reportedly sold the ransomware on darknet forums under aliases like “derxan” and “zimmermanx,” enabling other criminals to encrypt data and demand ransom. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 115

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 115

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 110

Cryptocurrency Malware Hacking Ransomware 110

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. and Swiss governments sought the suspects, and Switzerland has requested their extradition. Both the U.S.

Ransomware 70

Ransomware Encryption Backups Malware 70

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

VPN 121

VPN Government Malware Manufacturing 121

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Quantum computing advances are making traditional encryption obsolete, and adversaries are stockpiling data for future decryption. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies.

Risk 173

Risk Threat Detection Technology Phishing 173

SecureList

APRIL 22, 2025

It targeted various large organizations in Russia, spanning the government, finance, and industrial sectors. Malware execution After analyzing the contents of the archive, we found that the action.inf text file contained an action to be executed by the ViPNet update service component (itcsrvup64.exe) exe while lumpdiag.exe is running.

Software 82

Software Encryption Architecture Malware 82

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers.

Ransomware 299

Ransomware Cybercrime Accountability Malware 299

Security Affairs

APRIL 7, 2025

In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement and other government agencies to illicitly forward Emergency Data Requests (EDRs) to major online platforms. Payments are mostly made in Bitcoin or Monero, to ensure confidentiality and irreversibility.

Cybercrime 138

Cybercrime Social Engineering Accountability Government 138

Security Boulevard

MARCH 10, 2023

Executive Summary In February 2023, EclecticIQ researchers identified multiple KamiKakaBot malwares which are very likely used to target government entities in ASEAN (Association of Southeast Asian Nations) countries. Dark Pink is an Advanced Persistent Threat (APT) group active in the ASEAN region.

Government 121

Government Malware Encryption Passwords 121

SecureList

APRIL 17, 2025

Day after day, threat actors create new malware to use in cyberattacks. Each of these new implants is developed in its own way, and as a result gets its own destiny while the use of some malware families is reported for decades, information about others disappears after days, months or several years.

Malware 94

Malware Encryption Architecture Engineering 94

IT Security Guru

NOVEMBER 1, 2024

Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom. With more nations and corporations investing heavily in digital platforms, cybersecurity investments have become paramount.

Technology 109

Technology Cyber Attacks Government Social Engineering 109

Security Affairs

SEPTEMBER 5, 2024

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. The malware is highly obfuscated and disguises itself as system utilities, allowing attackers to perform tasks like file manipulation, command execution, and remote port scanning. TCP, RDP, TLS, Ping, Web).

Malware 118

Malware Telecommunications Encryption Hacking 118

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. government entities in Belgium, and telecommunications companies in Thailand and Brazil. “Analysis of the script download URL’s telemetry reveals a concentrated pattern of infections. .

Malware 134

Malware Telecommunications Encryption DDOS 134

Webroot

NOVEMBER 21, 2024

The five core components of a VPN are: Encryption : The conversion of information into a coded format that can only be read by someone who has the decryption key. Split tunneling: Allows you to choose which internet traffic goes through the VPN (with encryption) and which goes directly to the internet. How do VPNs work?

VPN 111

VPN Antivirus Internet Internet 111

Adam Levin

SEPTEMBER 29, 2020

The school district was originally infected with a still unidentified strain of malware on August 27, It declined to pay the ransom demanded in return for access to the encrypted files. The FBI strongly discourages paying ransom in response to ransomware attacks.

Ransomware 237

Ransomware Media Encryption Government 237

SecureList

SEPTEMBER 5, 2024

This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong. Our recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle East, starting in June 2023. dll 2023.08.25

Government 127

Government Malware Encryption Penetration Testing 127

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 122

Malware Antivirus Software Passwords 122

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. – Government entities. Image: Abnormal Security. For example, the Lockbit 2.0 – Canada. – Australia.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363