2023, Military and Security - Information Management Today

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

FEBRUARY 19, 2024

The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. “TAG70 has demonstrated a high level of sophistication in its attack methods. ESET researchers also detailed the same attack chain.

Military

Military Government Access Risk

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

AUGUST 20, 2023

South Korea military exercise. The military drill, the Ulchi Freedom Guardian summer exercises , will start on Monday, August 21, 2023 , and will last 11 days. The military exercises aim at improving the ability of the two armies to respond to North Korea’s evolving nuclear and missile threats. .

Military

Military Phishing Government Security

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Security Affairs

AUGUST 21, 2023

military procurement system. In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called “ HiatusRAT ” that infected over 100 edge networking devices globally. military server used for contract proposals and submissions. military procurement system appeared first on Security Affairs.

Military

Military Manufacturing Government Access

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

NATO military command center should be fully operational in 2023

Security Affairs

OCTOBER 22, 2018

The NATO military command center should be fully operational in 2023, every member states will contribute with its cyber capabilities to the military hub. NATO alliance is aware of growing threats in the cyberspace and the new NATO military command center aims to respond them. 31 at its military hub in Belgium.

Military

Military Communications Security IT

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Security Affairs

APRIL 28, 2024

Security experts at Deep Instinct Threat Lab have uncovered a targeted campaign against Ukraine, exploiting a Microsoft Office vulnerability dating back almost seven years to deploy Cobalt Strike on compromised systems. The researchers found a malicious PPSX (PowerPoint Slideshow signal-2023-12-20-160512.ppsx) space and petapixel[.]fun

Military

Military Mining Libraries Security

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Security Affairs

JUNE 14, 2023

The IT giant pointed out that Cadet Blizzard is distinct from other known APT groups operating under the control of the Russian military intelligence GRU, such as Forest Blizzard ( STRONTIUM ) and Seashell Blizzard (IRIDIUM). Unlike other Russia-linked APT group, CadetBlizzard operations are extremely disruptive.

Military

Military Government IT Security

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Palo Alto Networks’ Unit 42 reported that the Russia-linked APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) group exploited the CVE-2023-23397 vulnerability in attacks aimed at European NATO members. The first occurred between March-December 2022 and the second occurred in March 2023.”

Military

Military Government Phishing Authentication

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 6, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Military Phishing Sales

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 24, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

Security

Security Passwords Military Marketing

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Security Affairs

JUNE 25, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Military Ransomware Cybersecurity

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

Security

Security Authentication Military Government

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence

Artificial Intelligence Security Ransomware Data breaches

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 10, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Military Data breaches Ransomware

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Artificial Intelligence

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Government Phishing Access

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Security Affairs

JANUARY 29, 2024

Ukraine’s security service (SBU) detained an alleged member of the pro-Russia hacker group “the Cyber Army of Russia.” ” Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia.

Military

Military Communications Government Security

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

Security Affairs

JUNE 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Military

NATO is investigating a new cyber attack claimed by the SiegedSec group

Security Affairs

OCTOBER 5, 2023

Additional cyber security measures have been put in place. There has been no impact on NATO missions, operations and military deployments.” On Saturday, September 30, 2023, the group announced on its Telegram channel the theft of approximately 3,000 North Atlantic Treaty Organization’ documents, more than 9 GB of data. .

Military

Military Security Access IT

Lockbit ransomware gang claims to have stolen data from Boeing

Security Affairs

OCTOBER 27, 2023

The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the deadline (02 Nov, 2023 13:25:39 UTC). At the time of this writing, the group has yet to publish any samples. ” reads the message published by the group on its leak site. USA ???????:

Ransomware

Ransomware Manufacturing Military Sales

News Alert: Devo, Cybermindz partner to improve mental health of cybersecurity pros in the U.S.

The Last Watchdog

AUGUST 1, 2023

1, 2023 – Devo Technology , the cloud-native security analytics company, today announced its financial support for Cybermindz, a not-for-profit organization dedicated to improving the mental health and well-being of cybersecurity professionals. is part of our larger goal of international expansion, with a UK launch in September 2023.

Cybersecurity

Cybersecurity Analytics Military Cloud

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Being Used to Phish So Many of Us?

Security

Security Ransomware Data breaches IoT

Snatch gang claims the hack of the Department of Defence South Africa

Security Affairs

AUGUST 22, 2023

Snatch gang claims the hack of the Department of Defence South Africa and added the military organization to its leak site. The group claims to have stolen Military contracts, internal call signs and personal data, for a total of 1.6 HENSOLDT is a company specializing in military and defense electronics. TB of data.

Computer and Electronics

Computer and Electronics Military Ransomware Personal data

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

Energy and Utilities

Energy and Utilities Military Government Phishing

A massive DDoS attack took down the site of the German financial agency BaFin

Security Affairs

SEPTEMBER 4, 2023

It is not clear who is behind the DDoS attack, but the media speculate that it was launched by pro-Russian hacktivists in response to the German financial and military support to Ukraine. BaFin also regulates the securities markets and the financial services industry.

Financial Services

Financial Services Military Insurance Marketing

Pentagon established the Office of the Assistant Secretary of Defense for Cyber Policy

Security Affairs

APRIL 1, 2024

The US Defense Department announced establishing the Office of the Assistant Secretary of Defense for Cyber Policy (ASD(CP)) as directed in the National Defense Authorization Act for Fiscal Year 2023. The ASD(CP) also serves as the Principal Cyber Advisor (PCA), advising the Secretary of Defense on military cyber forces and activities.

Military

Military Government Security Information Security

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. is a command injection vulnerability in web components of Ivanti Connect Secure (9.x, x) and Ivanti Policy Secure.

Authentication

Authentication Military Communications Security

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Data breaches Military Ransomware

A zero-click vulnerability in Windows allows stealing NTLM credentials

Security Affairs

MAY 11, 2023

Researchers shared technical details about a flaw in Windows MSHTML platform, tracked as CVE-2023-29324 , that could be abused to bypass security protections. Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows MSHTML platform.

Military

Military Cybersecurity Security Government

Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

Security Affairs

OCTOBER 25, 2023

Russian APT group Winter Vivern (aka TA473) has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023. In recent attacks, the group was observed exploiting a XSS vulnerability, tracked as CVE-2023-5631 , by sending a specially crafted email message. x before 1.6.4, x before 1.5.5, x before 1.4.15.

Military

Military Government Phishing IT

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

According to recent figures from the managed security firm Reliaquest , QakBot is by far the most prevalent malware “loader” — malicious software used to secure access to a hacked network and help drop additional malware payloads. Source: Reliaquest.com. ” The DOJ said it also recovered more than 6.5

Ransomware

Ransomware Government Military Access

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

Security Affairs

FEBRUARY 6, 2024

Dutch Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) published a joint report warning that a China-linked APT group breached the Dutch Ministry of Defence last year. reads the advisory published by the security vendor.

Military

Military Government IT Security

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

France National Agency for the Security of Information Systems warns that the Russia-linked APT28 group has breached several critical networks. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). ” reads the report.

Military

Military Phishing Government Security

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group Sandworm was inside Ukrainian telecoms giant Kyivstar from at least May 2023, the head of Ukraine’s Security Service of Ukraine’s (SBU) told Reuters.

Military

Military Communications Access Ransomware

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. The North Korean regime is known to use stolen cryptocurrencies to fund its military and other state projects.

Phishing

Phishing Blockchain Military Passwords

US Gov dismantled the Moobot botnet controlled by Russia-linked APT28

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Military

Military Government Access Cybersecurity

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations.

Military

Military File names Archiving Phishing

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Security Affairs

OCTOBER 29, 2023

Another blow by our cyber army disrupting enemy military communication at the frontlines.” am on October 27, 2023. am on October 27, 2023. Today, our intel orchestrated a “thousand proxies” strike, disabling “Miranda-media,” “Krimtelekom,” and “MirTelekom.”

IT

IT Communications Military Security

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

The Last Watchdog

NOVEMBER 14, 2023

I had the chance to discuss this with Christopher Budd , director of Sophos X-Ops , the company’s cross-operational task force of security defenders. Budd explained how Sophos X-Ops is designed to dismantle security silos internally, while also facilitating external sharing, for the greater good.

Ransomware

Ransomware Military Government Security

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

Security Affairs

DECEMBER 14, 2023

Russia-linked cyber espionage group APT29 has been targeting JetBrains TeamCity servers since September 2023. The APT29 group (aka SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) exploited the flaw CVE-2023-42793 in TeamCity to carry out multiple malicious activities. in TeamCity.

Authentication

Authentication Military Access Manufacturing

Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

Security Affairs

NOVEMBER 18, 2023

The Gamaredon APT group continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. Most of the attacks began in February/March 2023 and threat actors remained undetected in the target networks until May.

Military

Military Communications IT Government

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs

NOVEMBER 27, 2023

The agency’s primary role is to ensure the safety, security, and efficiency of air transport within the country. The content of the alleged stolen data demonstrates that: In January 2023, 185 accidents were recorded in Russian civil aviation. About a third of them were classified as incidents of varying levels of danger.

Military

Military Manufacturing Government Authentication

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. In fact, the U.S. ” continues the alert. ” U.S. ” U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926 , to its Known Exploited Vulnerabilities Catalog. The goal of this activity is assessed to be gaining access to the emails of military, government, and diplomatic organizations across Europe involved in the Russia Ukrainian War.”

IT

IT Military Phishing Passwords

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

N. Korean Kimsuky APT targets S. Korea-US military exercises

Webinars

Trending Sources

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Webinars

NATO military command center should be fully operational in 2023

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

NATO is investigating a new cyber attack claimed by the SiegedSec group

Lockbit ransomware gang claims to have stolen data from Boeing

News Alert: Devo, Cybermindz partner to improve mental health of cybersecurity pros in the U.S.

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Snatch gang claims the hack of the Department of Defence South Africa

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

A massive DDoS attack took down the site of the German financial agency BaFin

Pentagon established the Office of the Assistant Secretary of Defense for Cyber Policy

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs newsletter Round 404 by Pierluigi Paganini

A zero-click vulnerability in Windows allows stealing NTLM credentials

Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

U.S. Hacks QakBot, Quietly Removes Botnet Infections

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Calendar Meeting Links Used to Spread Mac Malware

US Gov dismantled the Moobot botnet controlled by Russia-linked APT28

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Stay Connected