Security Affairs

DECEMBER 7, 2023

Palo Alto Networks’ Unit 42 reported that the Russia-linked APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) group exploited the CVE-2023-23397 vulnerability in attacks aimed at European NATO members. The first occurred between March-December 2022 and the second occurred in March 2023.”

Military 104

Military Government Phishing Authentication 104

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military 100

Military Government Phishing Access 100

Security Affairs

JANUARY 29, 2024

The information secretly provided to Moscow includes military secrets such as the locations of Ukrainian troops and military weaponry in the country. Russian military used this information to coordinate recent missile strikes. If found guilty, the man could face up to 12 years in prison.

Military 105

Military Communications Government Security 105

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” continues the report.

Energy and Utilities 92

Energy and Utilities Military Government Phishing 92

Security Affairs

AUGUST 22, 2023

Snatch gang claims the hack of the Department of Defence South Africa and added the military organization to its leak site. The group claims to have stolen Military contracts, internal call signs and personal data, for a total of 1.6 HENSOLDT is a company specializing in military and defense electronics. TB of data.

Computer and Electronics 92

Computer and Electronics Military Ransomware Personal data 92

Security Affairs

OCTOBER 27, 2023

The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the deadline (02 Nov, 2023 13:25:39 UTC). At the time of this writing, the group has yet to publish any samples. ” reads the message published by the group on its leak site.

Ransomware 126

Ransomware Manufacturing Military Sales 126

Security Affairs

OCTOBER 5, 2023

There has been no impact on NATO missions, operations and military deployments.” On Saturday, September 30, 2023, the group announced on its Telegram channel the theft of approximately 3,000 North Atlantic Treaty Organization’ documents, more than 9 GB of data. . “Additional cyber security measures have been put in place.

Military 125

Military Security Access IT 125

The Last Watchdog

AUGUST 1, 2023

1, 2023 – Devo Technology , the cloud-native security analytics company, today announced its financial support for Cybermindz, a not-for-profit organization dedicated to improving the mental health and well-being of cybersecurity professionals. is part of our larger goal of international expansion, with a UK launch in September 2023.

Cybersecurity 167

Cybersecurity Analytics Military Cloud 167

Security Affairs

SEPTEMBER 4, 2023

It is not clear who is behind the DDoS attack, but the media speculate that it was launched by pro-Russian hacktivists in response to the German financial and military support to Ukraine. A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down for some days.

Financial Services 123

Financial Services Military Insurance Marketing 123

Security Affairs

AUGUST 6, 2023

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug Russian APT29 conducts phishing attacks through Microsoft Teams Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign Burger King forgets to put a password (..)

Security 76

Security Military Phishing Sales 76

Security Affairs

APRIL 1, 2024

The US Defense Department announced establishing the Office of the Assistant Secretary of Defense for Cyber Policy (ASD(CP)) as directed in the National Defense Authorization Act for Fiscal Year 2023. The ASD(CP) also serves as the Principal Cyber Advisor (PCA), advising the Secretary of Defense on military cyber forces and activities.

Military 104

Military Government Security Information Security 104

Archives Blogs

APRIL 9, 2020

Just as digitization will improve the processing and access of these records to qualify individuals for benefits based on their military service, so it will support public access for the open analysis of historically significant military actions and activities as recommended by the Public Interest Declassification Board (PIDB).

Military 49

Military Paper Archiving Access 49

Security Affairs

OCTOBER 25, 2023

Russian APT group Winter Vivern (aka TA473) has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023. In recent attacks, the group was observed exploiting a XSS vulnerability, tracked as CVE-2023-5631 , by sending a specially crafted email message. x before 1.6.4, x before 1.5.5, x before 1.4.15.

Military 108

Military Government Phishing IT 108

Security Affairs

JUNE 25, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 88

Security Military Ransomware Cybersecurity 88

Krebs on Security

AUGUST 29, 2023

Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. In April 2022, the DOJ quietly removed malware from computers around the world infected by the “Snake” malware , an even older malware family that has been tied to the GRU, an intelligence arm of the Russian military.

Ransomware 239

Ransomware Government Military Access 239

Security Affairs

JANUARY 31, 2024

In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities ( CVE-2023-46805, CVE-2024-21887 ) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure.

Authentication 86

Authentication Military Communications Security 86

Security Affairs

MAY 11, 2023

Researchers shared technical details about a flaw in Windows MSHTML platform, tracked as CVE-2023-29324 , that could be abused to bypass security protections. Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows MSHTML platform.

Military 98

Military Cybersecurity Security Government 98

Security Affairs

JANUARY 5, 2024

Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group Sandworm was inside Ukrainian telecoms giant Kyivstar from at least May 2023, the head of Ukraine’s Security Service of Ukraine’s (SBU) told Reuters.

Military 85

Military Communications Access Ransomware 85

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Military 95

Military Government Access Cybersecurity 95

Security Affairs

OCTOBER 29, 2023

Another blow by our cyber army disrupting enemy military communication at the frontlines.” am on October 27, 2023. am on October 27, 2023. Today, our intel orchestrated a “thousand proxies” strike, disabling “Miranda-media,” “Krimtelekom,” and “MirTelekom.”

IT 114

IT Communications Military Security 114

Security Affairs

FEBRUARY 6, 2024

Dutch Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) published a joint report warning that a China-linked APT group breached the Dutch Ministry of Defence last year. “The Ministry of Defence (MOD) of the Netherlands was impacted in 2023 by an intrusion into one of its networks.

Military 102

Military Government IT Security 102

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations.

Military 81

Military File names Archiving Phishing 81

Security Affairs

NOVEMBER 18, 2023

The Gamaredon APT group continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. Most of the attacks began in February/March 2023 and threat actors remained undetected in the target networks until May.

Military 108

Military Communications IT Government 108

Security Affairs

OCTOBER 27, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ANSSI investigations confirm that APT28 exploited the Outlook 0-day vulnerability CVE-2023-23397.

Military 103

Military Phishing Government Security 103

Security Affairs

NOVEMBER 27, 2023

The content of the alleged stolen data demonstrates that: In January 2023, 185 accidents were recorded in Russian civil aviation. In the first 9 months of 2023, 150 cases of aircraft malfunctions were recorded in Russia. In January 2023 alone, 19 different failures were recorded among the 220 Airbus aircraft in Russia. .

Military 105

Military Manufacturing Government Authentication 105

Security Affairs

JANUARY 16, 2024

Last week, software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure.

Security 80

Security Authentication Military Government 80

Security Affairs

DECEMBER 14, 2023

Russia-linked cyber espionage group APT29 has been targeting JetBrains TeamCity servers since September 2023. The APT29 group (aka SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) exploited the flaw CVE-2023-42793 in TeamCity to carry out multiple malicious activities. in TeamCity.

Authentication 95

Authentication Military Access Manufacturing 95

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Chicago, Ill., Also in attendance were Access Living, The College of Lake County, CyberSkills2Work, and Task Force Movement.

Cybersecurity 147

Cybersecurity Manufacturing Military Artificial Intelligence 147

Security Affairs

APRIL 19, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. The researchers pointed out that the use of the KV-Botnet is limited to China-linked actors.

Energy and Utilities 93

Energy and Utilities Communications Military Manufacturing 93

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 96

Artificial Intelligence Security Ransomware Data breaches 96

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. The North Korean regime is known to use stolen cryptocurrencies to fund its military and other state projects.

Phishing 253

Phishing Blockchain Military Passwords 253

Security Affairs

JUNE 17, 2023

Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9 Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Security 87

Security Ransomware Data breaches Military 87

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security 77

Security Data breaches Ransomware Artificial Intelligence 77

Security Affairs

MARCH 24, 2024

Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

Security 95

Security Passwords Military Marketing 95

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. reads the post published by Proofpoint.

IT 90

IT Military Phishing Passwords 90

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” states Recorded Future.

Military 86

Military Phishing Government Communications 86

Security Affairs

FEBRUARY 8, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. .” ” U.S.

Energy and Utilities 104

Energy and Utilities Communications Military Manufacturing 104