Analysis, Cybersecurity and Military - Information Management Today

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Military

Military Authentication Access Government

China Hacked Japan’s Military Networks

Schneier on Security

AUGUST 14, 2023

The Washington Post has the story : The hackers had deep, persistent access and appeared to be after anything they could get their hands on—plans, capabilities, assessments of military shortcomings, according to three former senior U.S. More analysis. officials, who were among a dozen current and former U.S.

Military

Military Access Security IT

US Cyber Command Reveals Malware Indicators Targeting Ukraine

Data Breach Today

JULY 21, 2022

Cybersecurity firm Mandiant, which has ties to the U.S. military, published a detailed analysis of phishing campaigns with links to Belarus and Russia. Cyber Command and Security Service of Ukraine revealed malware indicators recently detected in Ukraine, which is resisting invasion by Russia.

Military

Military Phishing Cybersecurity Security

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Cybersecurity Services combat an APT with NDR

OpenText Information Management

MARCH 28, 2024

State carry out comprehensive assessments of their cybersecurity services and practices. Enter OpenText™, a trailblazing force in the realm of cybersecurity , with its cutting-edge Network Detection and Response (NDR). Attackers linked to Iran and China are actively targeting critical infrastructure. Both the U.S.

Cybersecurity

Cybersecurity Military IoT Security

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S.

Cybersecurity

Cybersecurity Military Passwords Education

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs

MARCH 4, 2024

Threat actors stole sensitive information from the company, including military and government documents, revealed Taiwan’s Defense Ministry. Cybersecurity experts attribute the vast majority of these attacks to China-linked threat actors. Threat actors claim they have stolen 1.7 ” reported AFP agency.

Military

Military Sales Government Information Security

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Security

Security Military Data breaches Ransomware

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities in Moscow and beyond the Russian capital using a destructive ICS malware dubbed Fuxnet. ” reads the analysis published by Claroty.

IoT

IoT Access Communications Military

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

The Last Watchdog

NOVEMBER 14, 2023

Obama’s clarion call led to the passage of the Cybersecurity Information Sharing Act , the creation of Information Sharing and Analysis Organizations ( ISAOs ) and the jump-starting of several private-sector sharing consortiums. From this command center perspective, real-world strategic analysis happens continuously and in real time.

Ransomware

Ransomware Military Government Security

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

Russia-linked Cold River APT targeted US nuclear research laboratories

Security Affairs

JANUARY 9, 2023

Cybersecurity and intelligence experts observed an escalation in the activity associated with the Cold River APT since the invasion of Ukraine. In March 2022, the Google Threat Analysis Group (TAG) spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine. Cybersecurity firm SEKOIA.IO

Military

Military Phishing Cybersecurity Passwords

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Security

Security Ransomware Data breaches IoT

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups. NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military spacecraft.

Military

Military Communications Manufacturing Phishing

A zero-click vulnerability in Windows allows stealing NTLM credentials

Security Affairs

MAY 11, 2023

Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows MSHTML platform. ” reads the analysis published by Barnea. An attacker can exploit the vulnerability by crafting a malicious URL that would evade zone checks. ” concludes the expert.

Military

Military Cybersecurity Security Government

A brief history of cryptography: Sending secret messages throughout time

IBM Big Data Hub

JANUARY 5, 2024

In modern times, cryptography has become a critical lynchpin of cybersecurity. 650 BC: Ancient Spartans used an early transposition cipher to scramble the order of the letters in their military communications. Since the days of antiquity, the practice of sending secret messages has been common across almost all major civilizations.

Encryption

Encryption Communications Military Government

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. The alert published by the Ukraine CERT-UA includes Indicators of Compromise (IoCs) for this campaign and recommendations.

Phishing

Phishing Military Ransomware Encryption

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 24, 2024

Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

Security

Security Passwords Military Marketing

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

Researchers from cybersecurity firm Proofpoint uncovered a spear-phishing campaign, likely conducted by a nation-state actor, that compromised a Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine. .

Phishing

Phishing Military Government Communications

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . ” reads the analysis published by FireEye. through 2020.2.1

Military

Military Cybersecurity Communications Government

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Researchers from cybersecurity firm Synacktiv published a technical analysis of a Rust malware, named KrustyLoader, that was delivered by threat actors exploiting the above vulnerabilities. The flaw CVE-2023-46805 (CVSS score 8.2) is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

Authentication

Authentication Military Communications Security

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

” reads the analysis published ZScaler. The attack chain observed by the researchers starts with spear-phishing messages using weaponized Word document disguised as a news report related to military affairs in Iran. ” APT groups continue to evolve their TTPs and embrace new anti-analysis and anti-evasion techniques.

IT

IT Military Communications Phishing

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. ” reads the analysis published by Google TAG. In one case, the group posed as a journalist for a South Korean news agency and sent benign emails with an interview request to North Korea experts.”

Phishing

Phishing Passwords Military Education

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

RedFoxtrot has been active since at least 2014 and focused on gathering military intelligence from neighboring countries, it is suspected to work under the PLA China-linked Unit 69010. ” reads the analysis published by SentinelOne. SentinelOne detailed lateral movements, credential harvesting, and data exfiltration.

Security

Security Military Insurance Cybersecurity

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

MAY 16, 2021

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. ” read the analysis published Cisco Talos.

IT

IT Military Phishing Archiving

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG). ” reads the report published by the Google TAG.

Phishing

Phishing Military Ransomware Education

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

The huge trove of data includes sensitive documents related to military equipment designed by Lockheed-Martin (i.e. an antenna in an anti-mortar defense system), billing and payment forms, supplier information, data analysis reports, and legal paperwork. ” reads the statement published by El Reg.

Ransomware

Ransomware Manufacturing Military Cybersecurity

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Researchers from cybersecurity firm Intezer linked the attacks to a group operating under the APT28.

Phishing

Phishing Healthcare Military Data collection

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 The analysis of the sector usage on a global scale revealed significant differences by continent in the typical user profile.

Passwords

Passwords Manufacturing Military Authentication

New ToddyCat APT targets high-profile entities in Europe and Asia

Security Affairs

JUNE 21, 2022

” reads the analysis published by Kaspersky. The affected organizations, both governmental and military, show that this group is focused on very high-profile targets and is probably used to achieve critical goals, likely related to geopolitical interests.

Military

Military Cybersecurity Security IT

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security

Security Data breaches Ransomware Artificial Intelligence

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

The Departments of Homeland Security and Energy will draw on these standards to address critical infrastructure risks, as well as cybersecurity, chemical, biological, radiological, and nuclear risks. AI use by the military and intelligence community. Protecting Americans’ Privacy Call for federal privacy legislation.

Risk

Risk Artificial Intelligence Privacy Military

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

Cybersecurity and Infrastructure Security Agency (CISA) in August 2020. The BlindingCan was employed in attacks on US and foreign companies operating in the military defense and aerospace sectors. The use of the BlindingCan RAT was first documented by the U.S. ” reads the report published by Kaspersky.

IT

IT Systems administration Military Cybersecurity

Best Ransomware Removal and Recovery Services

eSecurity Planet

OCTOBER 5, 2021

Basic cybersecurity defenses still apply: next generation firewalls (NGFW) , endpoint detection and response (EDR) platforms, employee cybersecurity training , patching. Here are the services that stood out in our analysis. Forensic analysis & reporting. No sector has been spared from its ravages. Touchstone.

Ransomware

Ransomware Encryption Cybersecurity Insurance

SolarWinds hackers stole some of Mimecast source code

Security Affairs

MARCH 17, 2021

Cybersecurity firm Mimecast confirmed that SolarWinds hackers who breached its network stole some of its source code. Implemented additional static and security analysis across the source code tree. Now the company admitted that hackers stole part of its source code from its repositories, but did not modified it.

Encryption

Encryption Military Access Archiving

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

” reads the analysis published by Lookout. RCS Lab was providing its software to military and intelligence agencies in Pakistan , Chile , Mongolia , Bangladesh , Vietnam , Myanmar and Turkmenistan. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Military

Military Manufacturing Government Security

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

Anyway, the French government will not allow the Chinese giant to provide equipment that will be used in protect military bases, nuclear installations and other sensitive and critical infrastructures. The UK intelligence analysis believe that US ban on Chinese 5G technology will force Huawei to use untrusted technology.

IT

IT Military Manufacturing Risk

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

eSecurity Planet

MARCH 7, 2022

Per analysis available from SaaS Alerts, attack trend lines that compare Russia and China show almost the exact same pattern.” reported that hackers – some linked to Russian GRU military intelligence – breached computers at nearly two dozen U.S. Security Agencies Release Network Security, Vulnerability Guidance ).

Security

Security Risk Military Cybersecurity

Cyber recovery vs. disaster recovery: What’s the difference?

IBM Big Data Hub

FEBRUARY 6, 2024

Cybersecurity and cyber recovery are types of disaster recovery (DR) practices that focus on attempts to steal, expose, alter, disable or destroy critical data. Step 1: Conduct a business impact analysis A business impact analysis (BIA) is a careful assessment of every threat your company faces, along with possible outcomes.

Data breaches

Data breaches Phishing Cloud Ransomware

CISA’s MAR warns of North Korean BLINDINGCAN RAT

Security Affairs

AUGUST 19, 2020

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report (MAR) that includes technical details about a new strain of malware, tracked as BLINDINGCAN, that was attributed to North Korea. ” reads the CISA’s MAR report.

Military

Military Systems administration Government Access

DHS report – Voting systems in North Carolina county in 2016 were not hacked

Security Affairs

DECEMBER 31, 2019

. “After voter check-in software failed, federal authorities conducted a forensic analysis of the county’s electronic poll books to see if Russian military hackers who targeted the software provider may have tampered with registration information to disrupt voting.” ” reported the AP agency. ” continues AP news.

Computer and Electronics

Computer and Electronics Military Paper Phishing

Conti ransomware is shutting down operations, what will happen now?

Security Affairs

MAY 20, 2022

Look forward to today's @AdvIntel with extended analysis! The agency is responsible for national, military and police intelligence, as well as counterintelligence. VK_Intel pic.twitter.com/gMSXhlHVSb — Yelisey Boguslavskiy (@y_advintel) May 19, 2022. ” reported BleepingComputer. GB of data.

Ransomware

Ransomware Government Military IT

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs

DECEMBER 20, 2020

The agency is responsible for enhancing national security through the military application of nuclear science. The Cybersecurity and Infrastructure Security Agency was helping the federal agencies to respond to the hacking campaign. ” NNSA is a semi-autonomous agency within the U.S.

Military

Military Risk Security Communications

California Amends Breach Notification Law

Hunton Privacy

OCTOBER 15, 2019

On October 11, 2019, California Governor Gavin Newsom signed into law AB 1130 , which expands the types of personal information covered by California’s breach notification law to include, when compromised in combination with an individual’s name: (1) additional government identifiers, such as tax identification number, passport number, military identification (..)

Military

Military Authentication Government Cybersecurity

Best Open-Source Distributions for Pentesting and Forensics

eSecurity Planet

AUGUST 23, 2022

Linux has an extensive range of open-source distributions that pentesters, ethical hackers and network defenders can use in their work, whether for pentesting , digital forensics or other cybersecurity uses. It eases forensics significantly, especially memory analysis. See the Best Penetration Testing Tools. Some Experience Required.

Cybersecurity

Cybersecurity Military Security Cloud

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

China Hacked Japan’s Military Networks

Webinars

Trending Sources

US Cyber Command Reveals Malware Indicators Targeting Ukraine

Webinars

Cybersecurity Services combat an APT with NDR

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

China-linked APT Curious Gorge targeted Russian govt agencies

Russia-linked Cold River APT targeted US nuclear research laboratories

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

A zero-click vulnerability in Windows allows stealing NTLM credentials

A brief history of cryptography: Sending secret messages throughout time

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

China-linked Moshen Dragon abuses security software to sideload malware

Pakistan-linked Transparent Tribe APT expands its arsenal

Google TAG warns of Russia-linked APT groups targeting Ukraine

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

New ToddyCat APT targets high-profile entities in Europe and Asia

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Biden AI Order Enables Agencies to Address Key Risks

North Korea-linked Lazarus APT targets the IT supply chain

Best Ransomware Removal and Recovery Services

SolarWinds hackers stole some of Mimecast source code

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

France will not ban Huawei from its upcoming 5G networks

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

Cyber recovery vs. disaster recovery: What’s the difference?

CISA’s MAR warns of North Korean BLINDINGCAN RAT

DHS report – Voting systems in North Carolina county in 2016 were not hacked

Conti ransomware is shutting down operations, what will happen now?

SolarWinds hackers also breached the US NNSA nuclear agency

California Amends Breach Notification Law

Best Open-Source Distributions for Pentesting and Forensics

Stay Connected