Event and Information Security - Cyber Security Informer

Scammers live-streamed on YouTube a fake Apple crypto event

Security Affairs

SEPTEMBER 10, 2022

Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. Cybercriminals were live-streaming on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. ” continues The Verge.

Scams

Scams Advertising Hacking Information Security

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Exposed data did not include Social Security numbers or financial information. Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.

Data breaches

Data breaches Hacking Ransomware Technology

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Security Affairs

OCTOBER 10, 2024

The Mongolian Skimmer captures final data entries using the beforeunload event, ensures cross-browser compatibility with various event-handling techniques, and employs anti-debugging tactics by monitoring formatting changes to detect and evade debugging attempts.

Data collection

Data collection Engineering Malware Hacking

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

Security Affairs

OCTOBER 24, 2024

On day two of Pwn2Own Ireland 2024 , hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have sum to the $516,250 earned by participants on the first day of the event. ” reads the announcement published by ZDI.

Hacking

Hacking Information Security

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers.

Telecommunications

Telecommunications Software Technology Healthcare

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Security Affairs

DECEMBER 28, 2023

This widespread geographical distribution of “Free Leaksmas” event highlights the extensive global reach and severe impact of these cybercriminal activities.

Identity Theft

Identity Theft Data breaches Hacking Government

New version of Android malware FakeCall redirects bank calls to scammers

Security Affairs

OCTOBER 30, 2024

. “The victim will be unaware of the manipulation, as the malware’s fake UI will mimic the actual banking experience, allowing the attacker to extract sensitive information or gain unauthorized access to the victim’s financial accounts.” Upon detecting specific events (e.g.,

Banking

Banking Malware Accountability Phishing

DoubleClickjacking allows clickjacking on major websites

Security Affairs

JANUARY 2, 2025

” DoubleClickjacking exploits timing differences between mousedown and onclick events to hijack user actions. “By exploiting the event timing between clicks, attackers can seamlessly swap out benign UI elements for sensitive ones in the blink of an eye. ” concludes the post.

Accountability

Accountability Authentication Hacking Information Security

Speakers Censored at AISA Conference in Melbourne

Schneier on Security

OCTOBER 8, 2019

Two speakers were censored at the Australian Information Security Association's annual conference this week in Melbourne. But just before the event, the Australian government's ACSC (the Australian Cyber Security Centre) demanded they both be removed from the program. Both were put on the program months ago.

Government

Government Surveillance Information Security Technology

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

The backdoor can drop additional payloads, block input, clear event logs, wipe clipboard, delete browser data, and erase profiles for apps like Skype and Telegram. Google researchers provided event rules within Google Security Operations to dete ctPLAYFULGHOST activity.

Malware

Malware Encryption Phishing Hacking

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Last week, I attended an excellent briefing given by Tom Gillis, Senior Vice President and General Manager of VMware’s Networking and Advanced Security Business Group, in which he discussed various important cybersecurity-related trends that he and his team have observed.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

Proactive monitoring of Windows event logs, specifically from the “Microsoft-Windows-BitLocker-API/Management” source, can help organizations detect early stages of BitLocker attacks, such as when attackers test encryption capabilities.

Ransomware

Ransomware Encryption Passwords Backups

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

In addition, in the event of a leak, the watermark will not help to determine who leaked the document if an attacker cleverly cleans up the document, deletes it, or hides it. But they have more disadvantages than benefits if we talk about ensuring information security. Demyanchuk. Yes, they are cheap to apply.

Marketing

Marketing Software Surveillance Information Security

A crime ring compromised Italian state databases reselling stolen info

Security Affairs

OCTOBER 28, 2024

The charges being pursued by investigators include criminal conspiracy for unauthorized access to computer systems, illegal interception, falsification of electronic communications, disclosure of confidential information, aiding and abetting, and extortion. ” reads a statement from a lawyer for Del Vecchio.

Computers and Electronics

Computers and Electronics Banking Marketing Hacking

Critical Actions Post Data Breach

SecureWorld News

DECEMBER 30, 2024

ISO 22317: Focuses on Business Impact Analysis (BIA), detailing the processes for identifying and evaluating the impact of different events on business operations. How to prepare a data breach response plan After containing the data breach, the next step is to secure and analyze all available evidence to understand the incident thoroughly.

Data breaches

Data breaches Social Engineering Passwords Accountability

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

“The SEC’s order against Unisys finds that the company described its risks from cybersecurity events as hypothetical despite knowing that it had experienced two SolarWinds-related intrusions involving exfiltration of gigabytes of data. ” reads the press release published by SEC.

Hacking

Hacking Risk Cybersecurity Government

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

FEBRUARY 15, 2021

Companies can promote family online safety with family-focused materials, events, and outreach. Host virtual events? Consider child-focused educational books, games, movies, or virtual events that can enroll adults along with their children on the topic of security education to make it a family affair.

Education

Education CISO Security Awareness Cybersecurity

ZAGG disclosed a data breach that exposed its customers’ credit card data

Security Affairs

DECEMBER 29, 2024

.” FreshClick is not developed by BigCommerce, which told Bleeping Computer that its systems were secure. ZAGG announced the implementation of security measures to minimize the risk of a similar event occurring in the future. BigCommerce discovered and removed a hacked FreshClick app from customer stores.

Data breaches

Data breaches Computers and Electronics Hacking Wireless

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Meanwhile, Cisco will engage directly with customers if we determine they have been impacted by this event. Out of an abundance of caution, we have disabled public access to the site while we continue the investigation. The company has disabled public access to the site while we continue the investigation.

Cybercrime

Cybercrime Data breaches Technology Banking

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

Severe monitoring events are flagged and shared on WeChat for internal handling, raising privacy concerns due to China’s cybersecurity laws. A leaked document from September 2023 shows tasks related to sensitive word detection and forwarding asset identifiers to Zhao Nannan, linked to political events in Shanghai.

Government

Government Cybersecurity Hacking Internet

Abilene city, Texas, takes systems offline following a cyberattack

Security Affairs

APRIL 22, 2025

The experts who are investigating the incident are not aware of financial irregularities following the event. .” The IT department worked tirelessly to restore services, however, some of the impacted systems remain offline as a precaution, but emergency services continue.

Ransomware

Ransomware Government Hacking Accountability

Microsoft Patches Six Zero-Day Security Holes

Krebs on Security

JUNE 8, 2021

“This can be hugely damaging in the event of ransomware attacks, where high privileges can enable the attackers to stop or destroy backups and other security tools,” Breen said. “There are no workarounds for these vulnerabilities, patching as soon as possible is highly recommended.”

Backups

Backups Ransomware Cyber threats Phishing

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

“Following these events, and during 2024, various cyberattacks against other entities, public bodies and even Spanish universities took place.” “ At the international level, there has been collaboration with EUROPOL and the Homeland Security Investigations (HSI) of the USA.” ” continues the press release.

Cybercrime

Cybercrime Government Data breaches Information Security

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

On November 20, a verified Bohemia administrator provided on the dark web forum Dread information about the disruptions affecting the marketplace. “The statement claims that in a “shameful and disgruntled set of events” a lead developer went “rogue”, withdrawing small amounts of Bitcoin (BTC) over a period of just over a month.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

The Subsequent Waves of log4j Vulnerabilities Aren’t as Bad as People Think

Daniel Miessler

DECEMBER 18, 2021

So you need to have changed your configs to include patterns like: $${ctx:loginId} ${ctx ${event ${env. . “Certain non-default configurations” I’ve never heard a sweeter set of syllables. These can also be set in log4j2.xml xml or programatically. etc to be vulnerable to a 2.15 patch level or a log4j2.formatMsgNoLookups

Internet

Internet Internet Information Security

A large botnet targets M365 accounts with password spraying attacks

Security Affairs

FEBRUARY 24, 2025

“The attackers have identified a method that causes login events to be logged in the Non-Interactive Sign-In logs, which may result in reduced security visibility and response.” ” continues the report.

Passwords

Passwords Accountability Authentication Malware

Vietnam Post exposes 1.2TB of data, including email addresses

Security Affairs

NOVEMBER 16, 2023

At the time of discovery, the data store contained 226 million logged events, resulting in 1.2 The leaked information also had employee names and emails. Those logs were mainly attributable to cybersecurity software such as Extended Detection and Response (XDR) and Security Information and Event Management (SIEM).

IoT

IoT Government Cyber threats Software

Russia-linked APT29 targets European diplomatic entities with GRAPELOADER malware

Security Affairs

APRIL 21, 2025

.” About a year after its last WINELOADER campaign, the Russia-linked threat actor launched new phishing attacks posing as the European Ministry of Foreign Affairs, inviting targets to fake wine tasting events. The phishing campaign used domains like bakenhof[.]com com and silry[.]com

Malware

Malware Phishing Encryption Hacking

ESXi ransomware attacks use SSH tunnels to avoid detection

Security Affairs

JANUARY 27, 2025

Configuring log forwarding is essential to streamline monitoring and centralize event capture. ESXi appliances splits logs into multiple files by activity, complicating forensic investigations and monitoring activities. “While ESXi does support a few third-party monitoring or telemetry agents, such tools are limited in availability.

Ransomware

Ransomware Authentication Hacking Cybersecurity

Managed detection and response in 2024

SecureList

FEBRUARY 20, 2025

Security incident statistics for 2024 In 2024, the MDR infrastructure received and processed on average 15,000 telemetry events per host every day, generating security alerts as a result. Users are still the weakest link, making Security Awareness training an important focus for corporate information security planning.

Social Engineering

Social Engineering Phishing Government Threat Detection

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

Meanwhile, Cisco will engage directly with customers if we determine they have been impacted by this event. Out of an abundance of caution, we have disabled public access to the site while we continue the investigation. The company disabled public access to the site while we continue the investigation.

Data breaches

Data breaches Cybercrime Authentication Technology

Customer Care Giant TTEC Hit By Ransomware

Krebs on Security

SEPTEMBER 15, 2021

It is common for companies to disconnect critical systems in the event of a network intrusion, as part of a larger effort to stop the badness from spreading elsewhere. . “As far as I know, all low-level employees have another day off today.” ” The extent and severity of the incident at TTEC remains unknown.

Ransomware

Ransomware Banking Cryptocurrency Media

California Cryobank, the largest US sperm bank, disclosed a data breach

Security Affairs

MARCH 19, 2025

“In addition, we are providing you with proactive fraud assistance to help with any questions that you might have or in the event that you become a victim of fraud” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,California Cryobank)

Data breaches

Data breaches Banking Insurance Hacking

NFL Teams Up with Cisco to Secure Super Bowl LVI

Cisco Security

FEBRUARY 15, 2022

Since it’s a live event, 100 percent uptime is imperative for the Super Bowl, ensuring fans don’t miss a moment of the action. The Super Bowl is the largest sporting and television event in the United States, with nearly 100 million viewers. Securing an event of this magnitude can be quite a challenge.

Firewall

Firewall Technology Malware Network Security

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Security Affairs

NOVEMBER 6, 2023

Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “The script creates a ‘Covert Channel’ by exploiting the event descriptions in Google Calendar. “To use GRC, only a Gmail account is required.” ” reads the Google Report.

Accountability

Accountability Hacking Information Security Malware

2018 Retrospective

Troy Hunt

JANUARY 3, 2019

Probably with my 2018 events page which lists everything I did of a public nature. What it doesn't do is list all the private events which pretty dramatically increases that list. And then, a mere few more hours on at a different event: We won! Speaking Geez, where to start. And, yeah, I think that's all it was! Why No HTTPS?

Passwords

Passwords Technology Government InfoSec

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

JANUARY 15, 2025

We encourage all customers to follow security, identity, and compliance best practices. In the event a customer suspects they may have exposed their credentials, they can start by following the steps listed in this post. As always, customers can contact AWS Support with any questions or concerns about the security of their account.

Encryption

Encryption Ransomware Authentication Accountability

First Election Security Research Forum Aims to Bolster Voting Technology

SecureWorld News

SEPTEMBER 22, 2023

Recognizing this, the Information Technology - Information Sharing Analysis Center (IT-ISAC) recently hosted a groundbreaking event, the Election Security Research Forum, September 18-20, 2023, in Washington, D.C.

Technology

Technology Computers and Electronics Manufacturing Internet

Unlock Your Cybersecurity Potential: SecureWorld PLUS Training Courses

SecureWorld News

JANUARY 22, 2025

Meet the instructors Larry Wilson , CISSP, CISA, was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP).

Cybersecurity

Cybersecurity Artificial Intelligence Cyber Risk Risk

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

Careers in Cybersecurity: Myths and Realities with Kathleen Smith

Security Boulevard

FEBRUARY 9, 2025

Kathleen shares her extensive experience in the field, recounting her tenure in various cybersecurity events and her contributions to job market research and recruiting. In this episode we welcome Kathleen Smith, CMO of ClearedJobs.net, to discuss the current state of the cybersecurity job market.

Cybersecurity

Cybersecurity Marketing Data privacy Cyber threats

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

critical infrastructure in the event of a major crisis or conflict with the United States. In August 2023, Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717 , in Versa Director, to deploy a custom webshell on breached networks.

VPN

VPN Government Malware Manufacturing

SIEM for Small and Medium-Sized Enterprises: What you need to know

Security Affairs

SEPTEMBER 19, 2024

Security Information and Event Management (SIEM) solutions are a great way to achieve this. What is SIEM (Security Information and Event Management)? Why SIEM is Crucial for SMEs SIEM solutions offer many benefits for SMEs, enhancing their security posture while keeping costs relatively low.

Threat Detection

Threat Detection Identity Theft Banking Small Business

DORA Compliance Strategy for Business Leaders

Security Affairs

JUNE 14, 2024

Additional podcast guest Mark Hughes, Global Managing Partner, Cybersecurity Services, IBM Consulting, pointed out how events such as Colonial Pipeline clearly showed how a single piece of a supply chain can have a disproportionate impact on all the other parts.

Insurance

Insurance Technology Risk Information Security

Scammers live-streamed on YouTube a fake Apple crypto event

Amazon discloses employee data breach after May 2023 MOVEit attacks

Webinars

Trending Sources

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Webinars

Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

Russia warns financial sector organizations of IT service provider LANIT compromise

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

New version of Android malware FakeCall redirects bank calls to scammers

DoubleClickjacking allows clickjacking on major websites

Speakers Censored at AISA Conference in Melbourne

PLAYFULGHOST backdoor supports multiple information stealing features

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Bitdefender released a decryptor for the ShrinkLocker ransomware

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

A crime ring compromised Italian state databases reselling stolen info

Critical Actions Post Data Breach

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

ZAGG disclosed a data breach that exposed its customers’ credit card data

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Abilene city, Texas, takes systems offline following a cyberattack

Microsoft Patches Six Zero-Day Security Holes

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

The Subsequent Waves of log4j Vulnerabilities Aren’t as Bad as People Think

A large botnet targets M365 accounts with password spraying attacks

Vietnam Post exposes 1.2TB of data, including email addresses

Russia-linked APT29 targets European diplomatic entities with GRAPELOADER malware

ESXi ransomware attacks use SSH tunnels to avoid detection

Managed detection and response in 2024

Cisco states that the second data leak is linked to the one from October

Customer Care Giant TTEC Hit By Ransomware

California Cryobank, the largest US sperm bank, disclosed a data breach

NFL Teams Up with Cisco to Secure Super Bowl LVI

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

2018 Retrospective

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

First Election Security Research Forum Aims to Bolster Voting Technology

Unlock Your Cybersecurity Potential: SecureWorld PLUS Training Courses

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Careers in Cybersecurity: Myths and Realities with Kathleen Smith

China’s Volt Typhoon botnet has re-emerged

SIEM for Small and Medium-Sized Enterprises: What you need to know

DORA Compliance Strategy for Business Leaders

Stay Connected