Event and Information Security - Cyber Security Informer

Scammers live-streamed on YouTube a fake Apple crypto event

Security Affairs

SEPTEMBER 10, 2022

Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. Cybercriminals were live-streaming on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. ” continues The Verge.

Scams

Scams Advertising Hacking Information Security

On the Irish Health Services Executive Hack

Schneier on Security

FEBRUARY 11, 2022

It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event. Antivirus software triggered numerous alerts after detecting Cobalt Strike activity but these were not escalated. The antivirus server was later encrypted in the attack).

Antivirus

Antivirus Hacking Ransomware CISO

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Exposed data did not include Social Security numbers or financial information. Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.

Data breaches

Data breaches Hacking Ransomware Technology

Is Cybersecurity Awareness Month Worth the Money?

Adam Shostack

JANUARY 2, 2025

For example, the version I got for my role at the University of Washington involved approval from two Chief Information Security Officers. Having speakers like me come and speak for your events. (I Time from people to engage with content that leads with Cybersecurity Awareness month, rather that something useful.

Cybersecurity

Cybersecurity Marketing Information Security

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Security Affairs

OCTOBER 10, 2024

The Mongolian Skimmer captures final data entries using the beforeunload event, ensures cross-browser compatibility with various event-handling techniques, and employs anti-debugging tactics by monitoring formatting changes to detect and evade debugging attempts.

Data collection

Data collection Engineering Malware Hacking

Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

Security Affairs

OCTOBER 24, 2024

On day two of Pwn2Own Ireland 2024 , hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have sum to the $516,250 earned by participants on the first day of the event. ” reads the announcement published by ZDI.

Hacking

Hacking Information Security

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers.

Telecommunications

Telecommunications Software Technology Healthcare

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Security Affairs

DECEMBER 28, 2023

This widespread geographical distribution of “Free Leaksmas” event highlights the extensive global reach and severe impact of these cybercriminal activities.

Identity Theft

Identity Theft Data breaches Hacking Government

New version of Android malware FakeCall redirects bank calls to scammers

Security Affairs

OCTOBER 30, 2024

. “The victim will be unaware of the manipulation, as the malware’s fake UI will mimic the actual banking experience, allowing the attacker to extract sensitive information or gain unauthorized access to the victim’s financial accounts.” Upon detecting specific events (e.g.,

Banking

Banking Malware Accountability Phishing

DoubleClickjacking allows clickjacking on major websites

Security Affairs

JANUARY 2, 2025

” DoubleClickjacking exploits timing differences between mousedown and onclick events to hijack user actions. “By exploiting the event timing between clicks, attackers can seamlessly swap out benign UI elements for sensitive ones in the blink of an eye. ” concludes the post.

Accountability

Accountability Authentication Hacking Information Security

Ross Anderson

Schneier on Security

MARCH 31, 2024

Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. Recently, we saw each other on only a couple of occasions every year: at this or that workshop or event.

Surveillance

Surveillance Engineering Encryption Government

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

The backdoor can drop additional payloads, block input, clear event logs, wipe clipboard, delete browser data, and erase profiles for apps like Skype and Telegram. Google researchers provided event rules within Google Security Operations to dete ctPLAYFULGHOST activity.

Malware

Malware Encryption Phishing Hacking

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Last week, I attended an excellent briefing given by Tom Gillis, Senior Vice President and General Manager of VMware’s Networking and Advanced Security Business Group, in which he discussed various important cybersecurity-related trends that he and his team have observed.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

Proactive monitoring of Windows event logs, specifically from the “Microsoft-Windows-BitLocker-API/Management” source, can help organizations detect early stages of BitLocker attacks, such as when attackers test encryption capabilities.

Ransomware

Ransomware Encryption Passwords Backups

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

The risks are real, and the impact of cybersecurity events continues to grow. A cyber catastrophe may seem inevitable, but there are basic practices and actionable steps any healthcare organization can take to begin reducing the clear and present risk of being impacted by a cybersecurity event. Scheduling? Practice to improve response.

Healthcare

Healthcare Cyber Attacks Education Social Engineering

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

In addition, in the event of a leak, the watermark will not help to determine who leaked the document if an attacker cleverly cleans up the document, deletes it, or hides it. But they have more disadvantages than benefits if we talk about ensuring information security. Demyanchuk. Yes, they are cheap to apply.

Marketing

Marketing Software Surveillance Information Security

A crime ring compromised Italian state databases reselling stolen info

Security Affairs

OCTOBER 28, 2024

The charges being pursued by investigators include criminal conspiracy for unauthorized access to computer systems, illegal interception, falsification of electronic communications, disclosure of confidential information, aiding and abetting, and extortion. ” reads a statement from a lawyer for Del Vecchio.

Computers and Electronics

Computers and Electronics Banking Marketing Hacking

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

“The SEC’s order against Unisys finds that the company described its risks from cybersecurity events as hypothetical despite knowing that it had experienced two SolarWinds-related intrusions involving exfiltration of gigabytes of data. ” reads the press release published by SEC.

Hacking

Hacking Risk Cybersecurity Government

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

FEBRUARY 15, 2021

Companies can promote family online safety with family-focused materials, events, and outreach. Host virtual events? Consider child-focused educational books, games, movies, or virtual events that can enroll adults along with their children on the topic of security education to make it a family affair.

Education

Education CISO Security Awareness Cybersecurity

ZAGG disclosed a data breach that exposed its customers’ credit card data

Security Affairs

DECEMBER 29, 2024

.” FreshClick is not developed by BigCommerce, which told Bleeping Computer that its systems were secure. ZAGG announced the implementation of security measures to minimize the risk of a similar event occurring in the future. BigCommerce discovered and removed a hacked FreshClick app from customer stores.

Data breaches

Data breaches Computers and Electronics Hacking Wireless

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Meanwhile, Cisco will engage directly with customers if we determine they have been impacted by this event. Out of an abundance of caution, we have disabled public access to the site while we continue the investigation. The company has disabled public access to the site while we continue the investigation.

Cybercrime

Cybercrime Data breaches Technology Banking

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

Severe monitoring events are flagged and shared on WeChat for internal handling, raising privacy concerns due to China’s cybersecurity laws. A leaked document from September 2023 shows tasks related to sensitive word detection and forwarding asset identifiers to Zhao Nannan, linked to political events in Shanghai.

Government

Government Cybersecurity Hacking Internet

Critical Actions Post Data Breach

SecureWorld News

DECEMBER 30, 2024

ISO 22317: Focuses on Business Impact Analysis (BIA), detailing the processes for identifying and evaluating the impact of different events on business operations. How to prepare a data breach response plan After containing the data breach, the next step is to secure and analyze all available evidence to understand the incident thoroughly.

Data breaches

Data breaches Social Engineering Passwords Accountability

Microsoft Patches Six Zero-Day Security Holes

Krebs on Security

JUNE 8, 2021

“This can be hugely damaging in the event of ransomware attacks, where high privileges can enable the attackers to stop or destroy backups and other security tools,” Breen said. “There are no workarounds for these vulnerabilities, patching as soon as possible is highly recommended.”

Backups

Backups Ransomware Cyber threats Phishing

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

“Following these events, and during 2024, various cyberattacks against other entities, public bodies and even Spanish universities took place.” “ At the international level, there has been collaboration with EUROPOL and the Homeland Security Investigations (HSI) of the USA.” ” continues the press release.

Cybercrime

Cybercrime Government Data breaches Information Security

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

On November 20, a verified Bohemia administrator provided on the dark web forum Dread information about the disruptions affecting the marketplace. “The statement claims that in a “shameful and disgruntled set of events” a lead developer went “rogue”, withdrawing small amounts of Bitcoin (BTC) over a period of just over a month.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

California Cryobank, the largest US sperm bank, disclosed a data breach

Security Affairs

MARCH 19, 2025

“In addition, we are providing you with proactive fraud assistance to help with any questions that you might have or in the event that you become a victim of fraud” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,California Cryobank)

Data breaches

Data breaches Banking Insurance Hacking

The Subsequent Waves of log4j Vulnerabilities Aren’t as Bad as People Think

Daniel Miessler

DECEMBER 18, 2021

So you need to have changed your configs to include patterns like: $${ctx:loginId} ${ctx ${event ${env. . “Certain non-default configurations” I’ve never heard a sweeter set of syllables. These can also be set in log4j2.xml xml or programatically. etc to be vulnerable to a 2.15 patch level or a log4j2.formatMsgNoLookups

Internet

Internet Internet Information Security

A large botnet targets M365 accounts with password spraying attacks

Security Affairs

FEBRUARY 24, 2025

“The attackers have identified a method that causes login events to be logged in the Non-Interactive Sign-In logs, which may result in reduced security visibility and response.” ” continues the report.

Passwords

Passwords Accountability Authentication Malware

Vietnam Post exposes 1.2TB of data, including email addresses

Security Affairs

NOVEMBER 16, 2023

At the time of discovery, the data store contained 226 million logged events, resulting in 1.2 The leaked information also had employee names and emails. Those logs were mainly attributable to cybersecurity software such as Extended Detection and Response (XDR) and Security Information and Event Management (SIEM).

IoT

IoT Government Cyber threats Software

ESXi ransomware attacks use SSH tunnels to avoid detection

Security Affairs

JANUARY 27, 2025

Configuring log forwarding is essential to streamline monitoring and centralize event capture. ESXi appliances splits logs into multiple files by activity, complicating forensic investigations and monitoring activities. “While ESXi does support a few third-party monitoring or telemetry agents, such tools are limited in availability.

Ransomware

Ransomware Authentication Hacking Cybersecurity

Managed detection and response in 2024

SecureList

FEBRUARY 20, 2025

Security incident statistics for 2024 In 2024, the MDR infrastructure received and processed on average 15,000 telemetry events per host every day, generating security alerts as a result. Users are still the weakest link, making Security Awareness training an important focus for corporate information security planning.

Social Engineering

Social Engineering Phishing Government Threat Detection

Customer Care Giant TTEC Hit By Ransomware

Krebs on Security

SEPTEMBER 15, 2021

It is common for companies to disconnect critical systems in the event of a network intrusion, as part of a larger effort to stop the badness from spreading elsewhere. . “As far as I know, all low-level employees have another day off today.” ” The extent and severity of the incident at TTEC remains unknown.

Ransomware

Ransomware Banking Cryptocurrency Media

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

Meanwhile, Cisco will engage directly with customers if we determine they have been impacted by this event. Out of an abundance of caution, we have disabled public access to the site while we continue the investigation. The company disabled public access to the site while we continue the investigation.

Data breaches

Data breaches Cybercrime Authentication Technology

NFL Teams Up with Cisco to Secure Super Bowl LVI

Cisco Security

FEBRUARY 15, 2022

Since it’s a live event, 100 percent uptime is imperative for the Super Bowl, ensuring fans don’t miss a moment of the action. The Super Bowl is the largest sporting and television event in the United States, with nearly 100 million viewers. Securing an event of this magnitude can be quite a challenge.

Firewall

Firewall Technology Malware Network Security

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

You read so much classified information about the world’s geopolitical events that you start seeing the world differently. Those of us in the information security community had long assumed that the NSA was doing things like this. Intelligence professionals talk about how disorienting it is living on the inside.

Surveillance

Surveillance Computers and Electronics Government Encryption

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Security Affairs

NOVEMBER 6, 2023

Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “The script creates a ‘Covert Channel’ by exploiting the event descriptions in Google Calendar. “To use GRC, only a Gmail account is required.” ” reads the Google Report.

Accountability

Accountability Hacking Information Security Malware

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Security Affairs

MARCH 24, 2025

They patched the Event Tracing for Windows (ETW) to suppress event logs and bypassed the Antimalware Scan Interface (AMSI) by modifying amsi.dll, allowing malicious PowerShell execution. Weaver Ant deployed multiple payloads to evade detection, maintain persistence, and expand access within compromised networks.

Telecommunications

Telecommunications Encryption Accountability Firewall

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

JANUARY 15, 2025

We encourage all customers to follow security, identity, and compliance best practices. In the event a customer suspects they may have exposed their credentials, they can start by following the steps listed in this post. As always, customers can contact AWS Support with any questions or concerns about the security of their account.

Encryption

Encryption Ransomware Authentication Accountability

Spotlight on Cybersecurity Leaders: Richard Staynings

SecureWorld News

JANUARY 6, 2025

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. For the past 25 years, he has resided in Boulder, Colorado, and calls the Rockies home when he is not flying to or from a security event or conference in some distant part of the world.

Cybersecurity

Cybersecurity Cybercrime Healthcare Government

Careers in Cybersecurity: Myths and Realities with Kathleen Smith

Security Boulevard

FEBRUARY 9, 2025

Kathleen shares her extensive experience in the field, recounting her tenure in various cybersecurity events and her contributions to job market research and recruiting. In this episode we welcome Kathleen Smith, CMO of ClearedJobs.net, to discuss the current state of the cybersecurity job market.

Cybersecurity

Cybersecurity Marketing Data privacy Cyber threats

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

critical infrastructure in the event of a major crisis or conflict with the United States. In August 2023, Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717 , in Versa Director, to deploy a custom webshell on breached networks.

VPN

VPN Government Malware Manufacturing

SIEM for Small and Medium-Sized Enterprises: What you need to know

Security Affairs

SEPTEMBER 19, 2024

Security Information and Event Management (SIEM) solutions are a great way to achieve this. What is SIEM (Security Information and Event Management)? Why SIEM is Crucial for SMEs SIEM solutions offer many benefits for SMEs, enhancing their security posture while keeping costs relatively low.

Threat Detection

Threat Detection Identity Theft Banking Small Business

Scammers live-streamed on YouTube a fake Apple crypto event

On the Irish Health Services Executive Hack

Trending Sources

Amazon discloses employee data breach after May 2023 MOVEit attacks

Is Cybersecurity Awareness Month Worth the Money?

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

Russia warns financial sector organizations of IT service provider LANIT compromise

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

New version of Android malware FakeCall redirects bank calls to scammers

DoubleClickjacking allows clickjacking on major websites

Ross Anderson

PLAYFULGHOST backdoor supports multiple information stealing features

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Bitdefender released a decryptor for the ShrinkLocker ransomware

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

A crime ring compromised Italian state databases reselling stolen info

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

ZAGG disclosed a data breach that exposed its customers’ credit card data

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Critical Actions Post Data Breach

Microsoft Patches Six Zero-Day Security Holes

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

California Cryobank, the largest US sperm bank, disclosed a data breach

The Subsequent Waves of log4j Vulnerabilities Aren’t as Bad as People Think

A large botnet targets M365 accounts with password spraying attacks

Vietnam Post exposes 1.2TB of data, including email addresses

ESXi ransomware attacks use SSH tunnels to avoid detection

Managed detection and response in 2024

Customer Care Giant TTEC Hit By Ransomware

Cisco states that the second data leak is linked to the one from October

NFL Teams Up with Cisco to Secure Super Bowl LVI

Snowden Ten Years Later

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Spotlight on Cybersecurity Leaders: Richard Staynings

Careers in Cybersecurity: Myths and Realities with Kathleen Smith

China’s Volt Typhoon botnet has re-emerged

SIEM for Small and Medium-Sized Enterprises: What you need to know

Stay Connected