2022, Blog and Military - Information Management Today

Anonymous targets the Russian Military and State Television and Radio propaganda

Security Affairs

APRIL 5, 2022

Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Anonymous leaked personal details of the Russian military stationed in Bucha where the Russian military carried out a massacre of civilians that are accused of having raped and shot local women and children.

Military

Military Cybersecurity Security Government

Catches of the Month: Phishing Scams for March 2022

IT Governance

MARCH 8, 2022

Welcome to our March 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal information. Meanwhile, the CERT-UA posted on Facebook that it had detected a widespread phishing campaign targeting Ukrainian military personnel.

Phishing

Phishing Military Access Education

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

2022 will go down as the year where some semblance of normality returned. In total, we have so far reported more than 1,000 data breaches in 2022, with almost half a billion breached records. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security

Security Data breaches Ransomware Military

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926 , to its Known Exploited Vulnerabilities Catalog. The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0, which is used to host publicly-facing webmail portals. reads the post published by Proofpoint.

IT

IT Military Phishing Passwords

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

. “After data exfiltration often involving direct communications with victims demanding ransom, Snatch threat actors may threaten victims with double extortion, where the victims’ data will be posted on Snatch’s extortion blog if the ransom goes unpaid.” HENSOLDT is a company specializing in military and defense electronics.

Ransomware

Ransomware Computer and Electronics Military Agriculture

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” continues the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

Meanwhile, you can find the full list of cyber attacks and data breaches for February 2022 below. The post List of data breaches and cyber attacks in February 2022 – 5.1 million records breached appeared first on IT Governance UK Blog. It will take place on Thursday, 3 March at 3pm, and you can register for on our website.

Data breaches

Data breaches Ransomware Government Blockchain

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. electronics manufacturers and distributors between approximately October 2012 and January 2022.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

IT Governance

NOVEMBER 1, 2022

Welcome to our October 2022 review of data breaches and cyber attacks. The post List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached appeared first on IT Governance UK Blog. Cyber attacks.

Data breaches

Data breaches Ransomware Insurance Phishing

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. ” reads the report published by Symantec.

Military

Military File names Archiving Phishing

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Phishing

Phishing Military Ransomware Education

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013.

Military

Military Phishing File names Archiving

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs

APRIL 19, 2023

An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021 to mid-2022. Microsoft has linked the Iranian Mint Sandstorm APT (previously tracked by Microsoft as PHOSPHORUS ) to a series of attacks aimed at US critical infrastructure between late 2021 to mid-2022.

Energy and Utilities

Energy and Utilities Military Education Phishing

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. However, the attackers chose a domain name that gives the impression of a connection to the South African military. softether[.]net

Communications

Communications Military Government Libraries

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. This gave them access to all sorts of private documents and photos, including photos that are said to show awards and uniforms of the Russian military intelligence service GRU.”

Military

Military Access Cybersecurity Security

Russia-linked threat actors launched hundreds of cyberattacks on Ukraine

Security Affairs

APRIL 27, 2022

The experts pointed out that starting just before the invasion threat actors linked to the military intelligence service GRU launched destructive wiper attacks on hundreds of systems in Ukraine. 32% percent of destructive attacks were aimed at Ukrainian government organizations at the national, regional, and city levels.

Military

Military Government Cybersecurity Security

Nation-state malware could become a commodity on dark web soon, Interpol warns

Security Affairs

MAY 24, 2022

Threat actors could perform reverse engineering of military-made malicious code and use their own versions in attacks in the wild. “The same applies for the digital weapons that, maybe today are used by the military, developed by military, and tomorrow will be available for criminals,” he explained. .

Military

Military Government Communications Security

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Security Affairs

MAY 4, 2022

Pro-Ukraine hackers, likely linked to Ukraine IT Army , are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen websites belonging to government, military, and media. The DDoS attacks also targeted three Lithuanian media websites. ” reported Crowdstrike. To nominate, please visit:?

Honeypots

Honeypots Military Mining Government

The strange link between Industrial Spy and the Cuba ransomware operation

Security Affairs

MAY 28, 2022

Very strange… pic.twitter.com/on0v3IryKB — MalwareHunterTeam (@malwrhunterteam) April 15, 2022. We public schemes, drawings, technologies, political and military secrets, accounting reports and clients databases. link] — MalwareHunterTeam (@malwrhunterteam) May 24, 2022. in their IT infrastructure.

Ransomware

Ransomware Military Security Cybersecurity

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

Security Affairs

APRIL 10, 2022

April 5 – Anonymous targets the Russian Military and State Television and Radio propaganda. Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Feb 27- Mar 05 Ukraine – Russia the silent cyber conflict. To nominate, please visit:?

Military

Military Phishing Cybersecurity Government

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

“ Curious Gorge, a group TAG attributes to China’s PLA SSF, has remained active against government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia. link] Much of the activity here is an evolution of techniques and targeting vs a revolution — Shane Huntley (@ShaneHuntley) May 3, 2022.

Manufacturing

Manufacturing Phishing Passwords Military

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

Since February the notorious cybercrime operation Trickbot is controlled by Conti ransomware, the ransomware gang that publicly announced its support to Russia after the invasion of Ukraine by Russian cyber militaries. The alert published by the Ukraine CERT-UA includes Indicators of Compromise (IoCs) for this campaign and recommendations.

Phishing

Phishing Military Ransomware Encryption

NB65 group targets Russia with a modified version of Conti’s ransomware

Security Affairs

APRIL 10, 2022

F**k the Russian Military. pic.twitter.com/BZDMPb0JxN — NB65 (@xxNB65) April 3, 2022. And what kind of chincy ass soviet connection are you guys using? You know how long it took us to exfil?!? F**k Vladimir Putin. The experts noticed that unlike the original version of the Conti ransomware, NB65 version appends the.

Ransomware

Ransomware Encryption Military Cybersecurity

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

The Last Watchdog

JULY 5, 2022

In our recent report Intelligent Business: 2022 Strategic Intelligence Report we asked 205 creators and consumers of intelligence within large organizations (i.e. At any point the external environment can throw a curve ball – new government regulations, changes in political and social dynamics, or trends in sustainability to name a few.

Risk

Risk Military Marketing Data Privacy

Experts spotted Industrial Spy, a new stolen data marketplace

Security Affairs

APRIL 18, 2022

Very strange… pic.twitter.com/on0v3IryKB — MalwareHunterTeam (@malwrhunterteam) April 15, 2022. We public schemes, drawings, technologies, political and military secrets, accounting reports and clients databases. Same typos/mistakes as in the text notes seen, and also the whole text is repeated. in their IT infrastructure.

Military

Military Sales Ransomware Cybersecurity

Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)

Security Affairs

MAY 8, 2022

The agency is responsible for national, military and police intelligence, as well as counterintelligence. The Conti ransomware gang added the Peru MOF – Dirección General de Inteligencia (DIGIMIN) to the list of its victims on its Tor leak site. The National Directorate of Intelligence is the premier intelligence agency in Peru.

Ransomware

Ransomware Military Cybersecurity Risk

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

billion rubles. Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Security

Security Computer and Electronics Ransomware Marketing

SideWinder carried out over 1,000 attacks since April 2020

Security Affairs

MAY 31, 2022

SideWinder has been active since at least 2012, the group main targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. Below are the slides presented by the Kaspersky researcher Noushin Shabab at the BlackHat Asia 2022: Download Slides. To nominate, please visit:? Pierluigi Paganini.

Encryption

Encryption Military Phishing Communications

A zero-click vulnerability in Windows allows stealing NTLM credentials

Security Affairs

MAY 11, 2023

.” Microsoft Threat Intelligence observed a Russian threat actor exploiting the CVE-2023-23397 flaw in targeted attacks against several organizations in the European government, transportation, energy, and military sectors, for approximately a year. ” concludes the expert.

Military

Military Cybersecurity Security Government

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

Cyber security of satellite systems is becoming crucial due to the growing number of commercial and military applications that rely on them. .” Thales pointed out that throughout the entire exercise, ESA had access to the satellite’s systems to retain control. ” said Pierre-Yves Jolivet, VP Cyber Solutions, Thales. .”

Cybersecurity

Cybersecurity Military Access Education

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Access Cybersecurity Education

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. To nominate, please visit:?

Military

Military Government Phishing Security

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Security

Security Ransomware Data breaches Cybersecurity

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

The attack chain observed by the researchers starts with spear-phishing messages using weaponized Word document disguised as a news report related to military affairs in Iran. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

IT

IT Military Communications Phishing

Conti ransomware is shutting down operations, what will happen now?

Security Affairs

MAY 20, 2022

VK_Intel pic.twitter.com/gMSXhlHVSb — Yelisey Boguslavskiy (@y_advintel) May 19, 2022. The agency is responsible for national, military and police intelligence, as well as counterintelligence. The FBI estimates that as of January 2022, the gang obtained $150,000,000 in ransom payments from over 1,000 victims. GB of data.

Ransomware

Ransomware Government Military IT

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere.

Phishing

Phishing Passwords Military Education

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

RedFoxtrot has been active since at least 2014 and focused on gathering military intelligence from neighboring countries, it is suspected to work under the PLA China-linked Unit 69010. Experts observed overlap between the TTPs of the Moshen Dragon group with the ones of the Chinese Nomad Panda (aka RedFoxtrot). To nominate, please visit:?

Security

Security Military Insurance Cybersecurity

Pro-Russian hacktivists target Italy government websites

Security Affairs

MAY 14, 2022

Our Legion conducts military cyber exercises in your countries in order to improve their skills. Killnet published a message on its Telegram channel, threatening further attacks may: “Dear media of Italy and Spain. killnet does not actually attack your countries like it did in Romania. To nominate, please visit:?

Government

Government Military Cybersecurity Data breaches

New ToddyCat APT targets high-profile entities in Europe and Asia

Security Affairs

JUNE 21, 2022

The affected organizations, both governmental and military, show that this group is focused on very high-profile targets and is probably used to achieve critical goals, likely related to geopolitical interests. ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. .”

Military

Military Cybersecurity Security IT

Conti Ransomware gang threatens to overthrow the government of Costa Rica

Security Affairs

MAY 18, 2022

The agency is responsible for national, military and police intelligence, as well as counterintelligence. The FBI estimates that as of January 2022, the gang obtained $150,000,000 in ransom payments from over 1,000 victims. The National Directorate of Intelligence is the premier intelligence agency in Peru. GB of data.

Ransomware

Ransomware Government Military Encryption

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The sanctioned entities conducted operations to steal funds to support the military strategy of the regime. In December 2022, South Korea’s spy agency, the National Intelligence Service, estimated that North Korea-linked threat actors have stolen an estimated 1.5 ” reads the announcement. trillion won ($1.2

Government

Government Military Financial Services IT

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

The latest samples of this spyware were detected by the researchers in April 2022, four months after a series of nation-wide protests against government policies that were violently suppressed. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Military

Military Manufacturing Government Security

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

“The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm, which the U.S. ” reads the press release published by DoJ.

Military

Military Government Cybersecurity Ransomware

Anonymous targets the Russian Military and State Television and Radio propaganda

Catches of the Month: Phishing Scams for March 2022

Trending Sources

2022 Cyber Security Review of the Year

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Google TAG warns of Russia-linked APT groups targeting Ukraine

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Russian APT28 hacker accused of the NATO think tank hack in Germany

Russia-linked threat actors launched hundreds of cyberattacks on Ukraine

Nation-state malware could become a commodity on dark web soon, Interpol warns

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

The strange link between Industrial Spy and the Cuba ransomware operation

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

China-linked APT Curious Gorge targeted Russian govt agencies

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

NB65 group targets Russia with a modified version of Conti’s ransomware

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

Experts spotted Industrial Spy, a new stolen data marketplace

Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

SideWinder carried out over 1,000 attacks since April 2020

A zero-click vulnerability in Windows allows stealing NTLM credentials

White hat hackers showed how to take over a European Space Agency satellite

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Conti ransomware is shutting down operations, what will happen now?

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

China-linked Moshen Dragon abuses security software to sideload malware

Pro-Russian hacktivists target Italy government websites

New ToddyCat APT targets high-profile entities in Europe and Asia

Conti Ransomware gang threatens to overthrow the government of Costa Rica

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

US dismantled the Russia-linked Cyclops Blink botnet

Stay Connected