Analysis, Communications and Military - Information Management Today

A phishing campaign targets Ukrainian military entities with drone manual lures

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. The campaign, codenamed STARK#VORTEX by Securonix, targets Ukrainian military entities and CERT-UA attributed it to a threat actor tracked as UAC-0154. ” reads the analysis published by Securonix.

Military

Military Phishing Communications IT

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. Attorney General Bill Barr said at a press conference today that the Justice Department doesn’t normally charge members of another country’s military with crimes (this is only the second time the agency has indicted Chinese military hackers).

Military

Military Phishing Government Sales

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. ” reads the analysis published by ESET. Pierluigi Paganini. SecurityAffairs – hacking, InvisiMole).

Military

Military Communications Libraries Encryption

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. ” reads the analysis published by the experts. ” reads the analysis published by the experts. ” continues the report.

Military

Military Archiving Passwords Communications

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

JUNE 6, 2019

The Platinum cyber espionage group uses steganographic technique to hide communications with the Command and Control Servers (C&C). Experts from Kaspersky have linked the Platinum APT group with cyber attacks involving an elaborate, and new steganographic technique used to hide communications with C2 servers.

Communications

Communications Encryption Military Government

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Blackjack group is believed to be affiliated with Ukrainian intelligence services that carried out other attacks against Russian targets, including an internet provider and a military infrastructure. ” reads the analysis published by Claroty. ” reads the analysis published by Claroty.

IoT

IoT Access Communications Military

Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

Security Affairs

NOVEMBER 18, 2023

The Gamaredon APT group continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. The LitterDrifter worm is written in VBS, it supports two main features: automatic USB propagating and communication with a broad, flexible set of C2.

Military

Military Communications IT Government

A brief history of cryptography: Sending secret messages throughout time

IBM Big Data Hub

JANUARY 5, 2024

From securing everyday personal messages and the authentication of digital signatures to protecting payment information for online shopping and even guarding top-secret government data and communications—cryptography makes digital privacy possible.

Encryption

Encryption Communications Military Government

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military spacecraft. The cyberspies targeted NPO Mashinostroyeniya in an attempt to steal highly confidential intellectual property on sensitive missile technology currently in use and under development for the Russian military.

Military

Military Communications Manufacturing Phishing

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. Experts also found PingPull variants that use HTTPS and TCP for C2 communications instead of ICMP. org over port 8443 for C2.

Communications

Communications Military Government Libraries

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” states Recorded Future.

Military

Military Phishing Government Communications

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

” reads the analysis published ZScaler. “The malware employs the DNS protocol for command and control (C2) communication which increases stealth and keeps the malware communication probes under the radar to evade detection.”

IT

IT Military Communications Phishing

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Security Affairs

AUGUST 15, 2021

The MoD is offering a salary of £33k to “work alongside some of the best scientists and engineers within defence and will be tasked with delivering prototype solutions directly to the soldiers and officers of a unique and specialized military unit.” ”What unique and specialised military unit is famously based in Hereford?

Military

Military Computer and Electronics Manufacturing Communications

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

” reads the analysis published by ProofPoint. ” Since Russia’s invasion of Ukraine, the Ghostwriter APT group has launched , multiple attacks against the private email accounts of Ukrainian military personnel. . net) that appears to belong to a compromised Ukranian armed service member.”

Phishing

Phishing Military Government Communications

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

.” The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military IoT Phishing Government

Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months

Security Affairs

AUGUST 23, 2020

The Transparent Tribe cyber-espionage group continues to improve its arsenal while targets Military and Government entities. The Transparent Tribe APT group is carrying out an ongoing cyberespionage campaign aimed at military and diplomatic targets worldwide. ” reads the analysis published by Kaspersky.

Military

Military Phishing Passwords Communications

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Researchers from cybersecurity firm Synacktiv published a technical analysis of a Rust malware, named KrustyLoader, that was delivered by threat actors exploiting the above vulnerabilities. “The Sliver backdoors contact their C2 server using HTTP/HTTPS communication. The flaw CVE-2023-46805 (CVSS score 8.2)

Authentication

Authentication Military Communications Security

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . ” reads the analysis published by FireEye. through 2020.2.1

Military

Military Cybersecurity Communications Government

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. ” reads the analysis published by Symantec. “Many of its recent attacks have involved a previously unseen backdoor known as Hannotog ( Backdoor. Sagerunex ).”

Military

Military Communications Government Education

Dark Pink APT targets Govt entities in South Asia

Security Affairs

MARCH 13, 2023

The group focuses on military and government organizations to steal sensitive information, including confidential data and intellectual property. ” reads the analysis published by EclecticIQ. The C2 communication relies on a Telegram bot controlled by the threat actor. ” concludes the report.

Phishing

Phishing Encryption Military Government

Cyber recovery vs. disaster recovery: What’s the difference?

IBM Big Data Hub

FEBRUARY 6, 2024

Disaster recovery can refer to everything from equipment failures, power outages, cyberattacks, civil emergencies, natural disasters and criminal or military attacks, but it is most commonly used to describe events with non-malicious causes. What is cyber recovery? Without it, no one will know what to do in the event of a disaster.

Data breaches

Data breaches Phishing Cloud Ransomware

New US Electronic Warfare Platform

Schneier on Security

MAY 13, 2020

The military wants to move away from traditional high-powered jamming, which filled the frequencies the enemy used with blasts of static, to precisely targeted techniques , designed to subtly disrupt the enemy's communications and radar networks without their realizing they're being deceived.

Computer and Electronics

Computer and Electronics Artificial Intelligence Military Communications

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

The huge trove of data includes sensitive documents related to military equipment designed by Lockheed-Martin (i.e. an antenna in an anti-mortar defense system), billing and payment forms, supplier information, data analysis reports, and legal paperwork. ” reads the statement published by El Reg.

Ransomware

Ransomware Manufacturing Military Cybersecurity

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

It’s normal that … we want a European solution” because of the importance of “the security of our communication,” Macron told reporters. Anyway, the French government will not allow the Chinese giant to provide equipment that will be used in protect military bases, nuclear installations and other sensitive and critical infrastructures.

IT

IT Military Manufacturing Risk

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs

DECEMBER 20, 2020

The agency is responsible for enhancing national security through the military application of nuclear science. ” NNSA is a semi-autonomous agency within the U.S. .” ” NNSA is a semi-autonomous agency within the U.S. Department of Energy that was established by Congress in 2000.

Military

Military Risk Security Communications

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

The GCHQ developed emulators for Enigma, Typex and the Bombe that could be executed in the CyberChef , The Enigma machines were used by the German military to protect communications during the Second World War. [link] #GCHQ100 pic.twitter.com/t2ixVE6j7H — GCHQ (@GCHQ) March 14, 2019.

Encryption

Encryption Military Education Communications

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Security Affairs

JULY 15, 2018

It was a long weekend for the researchers from the Z-Lab at CSE Cybsec that completed the analysis a number of payloads being part of a new cyber espionage campaign conducted by the Russian APT28 group (aka Fancy Bear , Pawn Storm , Sednit , Sofacy, and Strontium ).

Military

Military Communications IT Government

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. a communication module (a DLL), which is injected into the default browser by the orchestrator. It communicates with the orchestrator using a named pipe.

Military

Military Communications Encryption Authentication

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” reads the analysis published by Microsoft. ” reads the analysis published by Microsoft.

IoT

IoT Military Access Education

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. So, Cybaze-Yoroi ZLab team decided to dive deep into technical analysis. Technical Analysis.

Military

Military Communications Encryption IT

Hunting the ICEFOG APT group after years of silence

Security Affairs

JUNE 8, 2019

Military contractors, shipbuilders, satellite operators, high-tech companies ) in Japan and South Korea. This week, Chi-en (Ashley) Shen presented at the CONFidence cybersecurity conference held in Poland her analysis on new samples of malware associated with the ICEFOG group.

Agriculture

Agriculture Government Military Communications

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Security Affairs

JANUARY 7, 2020

” reads the analysis published by Trend Micro. “One of these apps, called Camero , exploits CVE-2019-2215 , a vulnerability that exists in Binder (the main Inter-Process Communication system in Android). ” continues the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Access Military Marketing

Ke3chang hacking group adds new Ketrum malware to its arsenal

Security Affairs

MAY 28, 2020

The cyber-espionage group is believed to be operating out of China, it also targeted military and oil industry entities, government contractors and European diplomatic missions and organizations. In May 2016, researchers from Palo Alto found evidence that the threat actors behind the Operation Ke3chang had been active since at least 2010.

IT

IT Military Communications Security

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

2017 analysis of the RAT. Still other unbidden communications from Rezvesz were friendly, even helpful with timely news tips. I tend to have a violent nature, and have both Martial arts and Military training. This makes it harder for targets to remove it from their systems.

Marketing

Marketing Passwords Systems administration Access

Engineering Secure Systems

Thales Cloud Protection & Licensing

APRIL 24, 2019

It was developed over the 20th century to enable the successful realization of more complex engineering projects; from telephony to military, space and automotive domains. This means the software industry needs to adopt better tools and processes for communicating about and understanding the systems they build.

Security

Security Military Communications Risk

The Case for Autonomous Security Testing

ForAllSecure

MAY 25, 2021

DARPA is responsible for the development of emerging military technologies. DARPA’s influence transcends military use cases. Guided fuzz testing, as a technique, showed strength in automated analysis from both a speed and scale perspective. 2016 DARPA Cyber Grand Challenge.

Security

Security Military Marketing Risk

The Case for Autonomous Security Testing

ForAllSecure

MAY 25, 2021

DARPA is responsible for the development of emerging military technologies. DARPA’s influence transcends military use cases. Guided fuzz testing, as a technique, showed strength in automated analysis from both a speed and scale perspective. 2016 DARPA Cyber Grand Challenge.

Security

Security Military Marketing Risk

Three ways for agencies to prepare for the Internet of Things

CGI

MAY 2, 2018

How will your constituents and stakeholders communicate with devices? military is testing connected technologies for use on the battlefield to train soldiers, to improve care for injured troops, and to safeguard military supply chains. It may be speech, gesture, biometrics, or a combination. Proximity to things matters.

IoT

IoT Digital transformation Military Artificial Intelligence

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

As 2-factor authentication falls short, ‘adaptive multi-factor authentication’ goes mainstream

The Last Watchdog

JUNE 28, 2018

I recently visited with Silverfort CEO Hed Kovetz, who described how the idea for the company percolated when the co-founders were toiling in the encryption branch of Unit 8200 , the elite cybersecurity arm of the Israeli military. Most commonly, enterprises today want to use push authentication to their users’ mobile phones.

Authentication

Authentication Digital transformation Cloud Data science

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. ” reads the analysis publisjed by Kaspersky.

IT

IT Archiving Encryption Passwords

SWEED targets precision engineering companies in Italy

Security Affairs

OCTOBER 28, 2019

Security expert Marco Ramilli published a quick analysis of an interesting attack carried out by SWEED threat actor targeting precision engineering firms in Italy. Today I’d like to share a quick analysis of an interesting attack targeting precision engineering companies based in Italy. Technical Analysis. Introduction.

Passwords

Passwords Encryption File names Military

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Source New Defence USA Yes 1,051 Connecticut College Source New Education USA Yes 954 American Alarm & Communications Inc. GB Signature Performance, Inc.

Data Privacy

Data Privacy Manufacturing Privacy Security

What Is Penetration Testing? Complete Guide & Steps

eSecurity Planet

MARCH 7, 2023

Their communications can also be facilitated by a third team, called a purple team, for optimal effectiveness. These cover everything testers need, including initial communications, intelligence gathering, threat modeling phases, vulnerability research, exploitation, and post-exploitation. It consists of seven main sections.

Passwords

Passwords IoT Encryption Access

A phishing campaign targets Ukrainian military entities with drone manual lures

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Webinars

Trending Sources

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Webinars

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Platinum APT and leverages steganography to hide C2 communications

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

A brief history of cryptography: Sending secret messages throughout time

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

FBI and NSA joint report details APT28’s Linux malware Drovorub

Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Dark Pink APT targets Govt entities in South Asia

Cyber recovery vs. disaster recovery: What’s the difference?

New US Electronic Warfare Platform

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

France will not ban Huawei from its upcoming 5G networks

SolarWinds hackers also breached the US NNSA nuclear agency

GCHQ implements World War II cipher machines in encryption app CyberChef

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

New Turla ComRAT backdoor uses Gmail for Command and Control

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Hunting the ICEFOG APT group after years of silence

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Ke3chang hacking group adds new Ketrum malware to its arsenal

Canadian Police Raid ‘Orcus RAT’ Author

Engineering Secure Systems

The Case for Autonomous Security Testing

The Case for Autonomous Security Testing

Three ways for agencies to prepare for the Internet of Things

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

As 2-factor authentication falls short, ‘adaptive multi-factor authentication’ goes mainstream

The Platinum APT group adds the Titanium backdoor to its arsenal

SWEED targets precision engineering companies in Italy

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

What Is Penetration Testing? Complete Guide & Steps

Stay Connected