Krebs on Security

OCTOBER 9, 2020

military’s Cyber Command. The Post report suggested the action was a bid to prevent Trickbot from being used to somehow interfere with the upcoming presidential election, noting that Cyber Command was instrumental in disrupting the Internet access of Russian online troll farms during the 2018 midterm elections. Image: Shuttstock.

Ransomware 341

Ransomware Military Passwords Access 341

Security Affairs

NOVEMBER 10, 2021

On the other end, the Chinese government considers the island its territory and does not exclude its military occupation in the future. The ministry’s information security and protection centre handled around 1.4 Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Government 117

Government Military Information Security Security 117

Security Affairs

JUNE 26, 2022

Department of Justice brought charges against four Russian nationals suspected of using TRITON malware in cyber attacks on behalf of the Russian government between 2012 and 2018. ” reported the American Military News website. ” continues the American Military News website. Pierluigi Paganini.

Military 119

Military Cloud Government Security 119

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. Hello and welcome to the final IT Governance podcast of 2018. For more information on each story, simply follow the links in the transcript on our blog. Well, that’ll do for 2018.

Data breaches 71

Data breaches Personal data Access GDPR 71

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement.

Manufacturing 102

Manufacturing Information Security Military Authentication 102

Security Affairs

FEBRUARY 21, 2020

The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The agency sent a data breach notification to its employees last week informing them of a security breach that took place last year between May and July.

Military 110

Military Data breaches Security Communications 110

Security Affairs

OCTOBER 21, 2020

The decision is the result of assessments made by the Swedish military and security service. In April 2018, the UK GCHQ intelligence agency warned UK telcos firms of the risks of using ZTE equipment and services for their infrastructure. ” reads a press release published by the Swedish Post and Telecom Authority.

IT 116

IT Military Manufacturing Risk 116

Security Affairs

DECEMBER 21, 2021

Ivan Yermakov worked for the Russian Military Unit 26165 and was indicted by the US DoJ in October 2018, along six other defendants working for the Russian Main Intelligence Directorate ( GRU ), for hacking, wire fraud, identity theft, and money laundering. Securities and Exchange Commission (SEC).”

Military 100

Military Passwords Access Security 100

Security Affairs

APRIL 13, 2021

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. In the same period, Russia-linked hackers working for the military intelligence service GRU targeted other prominent sporting bodies, including World Anti-Doping Agency (WADA) and FIFA.

Military 59

Military Government Security IT 59

Security Affairs

OCTOBER 7, 2021

The threat actors have been targeting the above industries since at least 2018. “Assessments as to the identity of the operators and authors of ShellClient resulted in the identification of a new Iranian threat actor dubbed MalKamak that has operated since at least 2018 and remained publicly unknown thus far.”

Military 101

Military Cloud IT Access 101

Security Affairs

JULY 31, 2020

The Council of the European Union announced sanctions imposed on a Russia-linked military espionage unit, as well as companies operating for Chinese and North Korean threat actors that launched cyber-attacks against the EU and its member states. ” states the Council of the European Union.”

Military 88

Military Cloud Government Phishing 88

Security Affairs

AUGUST 19, 2020

According to the Taiwan Investigation Bureau’s Cyber Security Investigation Office, the China-linked cyberespionage groups tracked as Blacktech and Taidoor have been targeting government agencies and information service providers since 2018. . “We know for sure that these 6,000 emails have been compromised.

Government 136

Government Military IT Access 136

Schneier on Security

MAY 6, 2022

The Paris Call for Trust and Stability in Cyberspace is an initiative launched by French President Emmanuel Macron during the 2018 UNESCO’s Internet Governance Forum. It’s an attempt by the world’s governments to come together and create a set of international norms and standards for a reliable, trustworthy, safe, and secure Internet.

Cybersecurity 81

Cybersecurity Military Government Security 81

Security Affairs

DECEMBER 1, 2022

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016.

Military 106

Military Cloud Communications Access 106

Security Affairs

OCTOBER 6, 2019

Affected sectors include government, military, academic, business and healthcare,”. The CVE-2018-13379 flaw could be exploited to obtain administrator credentials in plain text. The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability.

Military 82

Military Data breaches Security Government 82

Security Affairs

MARCH 21, 2022

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole , used in targeted attacks in Russia and Ukraine in the previous five years.

Phishing 80

Phishing Military Archiving Government 80

Security Affairs

SEPTEMBER 9, 2019

Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. Security experts at Symantec speculate that Thrip is a sub-group of Billbug. ” concludes the report.

Military 80

Military Communications Government Education 80

Security Affairs

JUNE 11, 2022

According to Dragos, the Hexane group has been active since at least the middle of 2018, it intensified its activity in early 2019 with an escalation of tensions within the Middle East. Dragos reported that Hexane was focused on organizations in the oil and gas industry and telecommunication providers.

IT 143

IT Military Communications Phishing 143

Security Affairs

MARCH 18, 2022

Cyclops Blink is believed to be a replacement for the VPNFilter botnet, which was first exposed in 2018 and at the time was composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. ” reads the advisory published by TrendMicro. ” reads the advisory published by TrendMicro.

IoT 90

IoT Military File names Communications 90

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. According to Bloomberg, multiple versions of Apple Zeus have been used in attacks against entities in 30 countries since 2018, and according to a UN and US investigation, between 2019 and November 2020, North Korean hackers stole $316.4

Military 122

Military Government Ransomware Security 122

Security Affairs

NOVEMBER 12, 2020

The decision is the result of assessments made by the Swedish military and security service. In April 2018, the UK GCHQ intelligence agency warned UK telcos firms of the risks of using ZTE equipment and services for their infrastructure.

Military 106

Military Manufacturing Risk Communications 106

Security Affairs

JUNE 10, 2021

The group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. APT28 was also involved in the string of attacks that targeted 2016 Presidential election , experts link the APT to the Russian military intelligence service (GRU).

Military 84

Military Government Ransomware Security 84

Security Affairs

AUGUST 23, 2019

. “Further, the SBU also found and seized additional equipment[ 1 , 2 ] that looked like mining rigs in the building used as barracks by a military unit of the National Guard of Ukraine, tasked with guarding the power plant.” In February 2018, a similar incident took place in Russia. ” reported ZDnet.

Mining 93

Mining Military Security Access 93

Security Affairs

OCTOBER 9, 2019

The UK agency reported that APT groups target several vulnerabilities, including CVE-2019-11510 and CVE-2019-11539 in Pulse Secure VPN solutions, and CVE-2018-13379 , The CVE-2018-13379 is a path traversal vulnerability in the FortiOS SSL VPN web portal that could be exploited by an unauthenticated attacker to download FortiOS system files.

Military 82

Military Security Access Government 82

Security Affairs

OCTOBER 20, 2020

Department of Justice announced charges against six members of Russia’s GRU military intelligence agency for their alleged role in several major cyberattacks conducted over the past years. DoJ announced charges against six Russian intelligence officers for their role in several major cyberattacks carried out over the last years.

Military 100

Military Government Risk Access 100

Security Affairs

DECEMBER 7, 2023

The Callisto APT group (aka “ Seaborgium “, “Star Blizzard”, “ ColdRiver” , “TA446”) targeted government officials, military personnel, journalists and think tanks since at least 2015. The nation-state actor is carrying out spear-phishing attacks for cyberespionage purposes.

Phishing 86

Phishing Government Military Cloud 86

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” reads a press release published by DoJ. ’ (aka Dragonfly , Berzerk Bear, Energetic Bear, and Crouching Yeti ). ” reads the joint advisory.

Energy and Utilities 87

Energy and Utilities Government Cybersecurity Military 87

Security Affairs

FEBRUARY 11, 2021

Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. The two malware were used to spy on personnel linked to Pakistan’s military, nuclear authorities, and Indian election officials in Kashmir. ” reads the report published by Lookout.

Metadata 105

Metadata Military Manufacturing Access 105

Security Affairs

FEBRUARY 12, 2020

The list of Crypto’s customers included Iran, India and Pakistan, military juntas in Latin America and the Vatican. Crypto was liquidated in 2018, but its products are still in use in more than a dozen countries. The company was completely under the control of the spy agencies since 1970.

Military 77

Military Communications Encryption Government 77

Security Affairs

FEBRUARY 17, 2021

Justice Department indicted three North Korean military intelligence officials, members of the Lazarus APT group, for their involvement in cyber-attacks, including the theft of $1.3 In 2018, the U.S. government as “ FASTCash ” – including the October 2018 theft of $6.1 ” reads the press release published by the DoJ.

Blockchain 71

Blockchain Ransomware Military Phishing 71

Security Affairs

JULY 1, 2020

“With today’s Orders, and based on the overwhelming weight of evidence, the Bureau has designated Huawei and ZTE as national security risks to America’s communications networks—and to our 5G future,” said FCC Chairman Ajit Pai.

Communications 79

Communications Security Government Military 79

Security Affairs

NOVEMBER 29, 2019

According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. While 2017 was the year of WannaCry , NotPetya , and BadRabbit ransomware epidemics, 2018 revealed a lack of preparedness for side-channel attacks and threats related to microprocessor vulnerabilities.

IT 82

IT Military Cybersecurity Phishing 82

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere.

Phishing 76

Phishing Passwords Military Education 76

Security Affairs

JUNE 8, 2019

The APT group is considered a persistent collector of sensitive information, Kaspersky team detected a series of attacks against the defense supply chain (e.g. Military contractors, shipbuilders, satellite operators, high-tech companies ) in Japan and South Korea. Some samples for both variants have been compiled between 2014 and 2019.

Agriculture 94

Agriculture Government Military Communications 94

Security Affairs

OCTOBER 1, 2019

Jalali is an Islamic Revolution Guard Corps (IRGC) brigadier general, in November 2018 he announced that government experts have uncovered and neutralized a new strain of Stuxnet. The news was reported by the ISNA news website on October 1, Jalali also added that Iran “ decisively will resort to cyber defense.”.

Military 92

Military Government IT Security 92

Security Affairs

AUGUST 18, 2019

Texas authorities along with the FBI are investigating the attacks, the DIR, Texas Division of Emergency Management, and Texas Military Department have launched separate investigations. The Department of Homeland Security and the Federal Emergency Management Agency (FEMA) have also launched an investigation.

Ransomware 82

Ransomware Government Military Security 82

IT Governance

APRIL 27, 2018

This week, we discuss TSB’s chaotic system upgrade, a security flaw in electronic hotel locks and a major NATO cyber security exercise. Hello and welcome to the IT Governance podcast for Friday, 27 April 2018. Until next time you can keep up with the latest information security news on our blog.

Military 49

Military Manufacturing Information Security Access 49