Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. ” reads the analysis published by ESET. Pierluigi Paganini. SecurityAffairs – hacking, InvisiMole).

Military 85

Military Communications Libraries Encryption 85

Security Affairs

JUNE 17, 2020

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. ” reads the analysis published by the experts. ” reads the analysis published by the experts. Pierluigi Paganini.

Military 79

Military Archiving Passwords Communications 79

Security Affairs

AUGUST 19, 2019

A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis. Experts at the threat intelligence firm Cyjax analyzed file uploaded by organizations via malware analysis sandboxes and discovered that they were exposing sensitive data. ” concludes the company.

Military 82

Military Insurance Education Phishing 82

Security Affairs

JUNE 11, 2022

The activity of the Lyceum APT group was first documented earlier in August 2019 by researchers at ICS security firm Dragos which tracked it as Hexane. ” reads the analysis published ZScaler. Upon enabling macros to view the content, the DNS backdoor will be dropped onto the system when the user close the document.

IT 144

IT Military Communications Phishing 144

Security Affairs

OCTOBER 25, 2023

In March 2023, security firm Proofpoint observed the group actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. ” reads the analysis published by ESET. ” reads the analysis published by ESET.

Military 118

Military Government Phishing IT 118

Security Affairs

NOVEMBER 27, 2023

“The Defence Intelligence of Ukraine informs that as a result of a successful complex special operation in cyberspace, a large volume of confidential documents of the structural subdivision of the Russian Ministry of Transport – the Federal Air Transport Agency (Rosaviatsia) – is now acquired.”

Military 118

Military Manufacturing Government Authentication 118

Security Affairs

JANUARY 16, 2024

reads the analysis published by Volexity.” reads the analysis published by Volexity. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance. ” reads the update provided by Volexity.

Security 89

Security Authentication Military Government 89

Security Affairs

AUGUST 16, 2022

The group targeted government and military organizations in Ukraine. ” reads the analysis published by Symantec. It is distributed in a spear-phishing campaign with a weaponized office document that appears to be designed to lure military personnel. . ” concludes the report.

Military 91

Military Phishing Access Government 91

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Security 94

Security Military Data breaches Ransomware 94

Security Affairs

MARCH 13, 2023

The group focuses on military and government organizations to steal sensitive information, including confidential data and intellectual property. dll), and a decoy Microsoft Word document. “The ISO file also contains a decoy Word document that has an XOR-encrypted section. ” concludes the report.

Phishing 85

Phishing Encryption Military Government 85

Security Affairs

JUNE 12, 2020

Russia-linked Gamaredon APT use a new module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. The group targeted government and military organizations in Ukraine. The VBA code builds the email body and attaches the malicious document to the email in both .docx

Military 111

Military Phishing Government IT 111

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. ” reads the analysis published by Google TAG. At the time, the attackers sent phishing emails with a link that directed recipients to a lure document that prompted users to install the malicious Chrome extension.

Phishing 89

Phishing Passwords Military Education 89

Security Affairs

MAY 16, 2021

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. ” read the analysis published Cisco Talos.

IT 110

IT Military Phishing Archiving 110

Security Affairs

APRIL 23, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) warns of phishing attacks aimed at organizations in the country using the topic “Azovstal” The phishing message use the subject “Azovstal” and a weaponized office document. Upon opening the attachment and enabling the macro, it will start the infection process.

Phishing 94

Phishing Military Ransomware Encryption 94

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The lures consisted of documents about Sinopharm International Corporation” reads the analysis published by Intezer.

Phishing 110

Phishing Healthcare Military Data collection 110

Security Affairs

FEBRUARY 17, 2020

Security experts from Yoroy-Cybaze ZLab have conducted a detailed analysis of an implant used by the Gamaredon APT group in a recent campaign. It is distributed in a spear-phishing campaign with a weaponized office document that appears to be designed to lure military personnel. . Technical Analysis. Introduction.

Archiving 92

Archiving Military IT Phishing 92

Security Affairs

JULY 30, 2020

The threat actors’ job postings messages were crafted to target the following specific US defense programs and groups: F-22 Fighter Jet Program Defense, Space and Security (DSS) Photovoltaics for space solar cells Aeronautics Integrated Fighter Group Military aircraft modernization programs.

Military 101

Military Data collection Phishing Ransomware 101

Security Affairs

DECEMBER 7, 2019

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. ” continues the analysis.

Military 60

Military Government Phishing Archiving 60

Security Affairs

OCTOBER 2, 2020

The APT group, recently discovered by ESET, targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine, including militaries and Ministries of Foreign Affairs. The nature of the targets suggests that the threat actor is also responsible for economic espionage operations.

Military 136

Military Phishing Passwords Government 136

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military 85

Military File names Libraries Government 85

Security Affairs

APRIL 23, 2019

Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. ” reads the analysis published by CheckPoint. ” reads the analysis published by CheckPoint.

Military 108

Military Phishing Government Security 108

Security Affairs

MAY 28, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. ” reads the analysis published by Microsoft.

Phishing 99

Phishing Military Government IT 99

Hunton Privacy

OCTOBER 15, 2019

On October 11, 2019, California Governor Gavin Newsom signed into law AB 1130 , which expands the types of personal information covered by California’s breach notification law to include, when compromised in combination with an individual’s name: (1) additional government identifiers, such as tax identification number, passport number, military identification (..)

Military 62

Military Authentication Government Cybersecurity 62

Security Affairs

JUNE 17, 2022

” reads the analysis published by Lookout. According to leaked documents published in WikiLeaks in 2015, RCS Lab was a reseller of the notorious Italian surveillance firm HackingTeam. In addition to the Italian parliamentary document, we found several pieces of evidence tying Tykelab to RCS Lab.”

Military 86

Military Manufacturing Government Security 86

Security Affairs

DECEMBER 3, 2018

The APT group used Brexit-themed bait documents on the same day the UK Prime Minister Theresa May announced the initial BREXIT draft agreement with the European Union (EU). The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Military 86

Military Government Security IT 86

Security Affairs

AUGUST 19, 2020

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report (MAR) that includes technical details about a new strain of malware, tracked as BLINDINGCAN, that was attributed to North Korea. The document also includes a list of recent attacks attributed to North Korean state-sponsored hackers.

Military 72

Military Systems administration Government Access 72

IT Governance

FEBRUARY 10, 2022

The UK’s FCDO (Foreign, Commonwealth and Development Office) was recently hit by a “serious cyber security incident”, according to a public tender document. The Stack , which broke the story, was alerted to the attack after discovering a tender document that was published, seemingly by mistake, on the government’s website.

Military 98

Military Government Paper Security 98

Security Affairs

MAY 5, 2021

” states the analysis published by FireEye. The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries.

Manufacturing 107

Manufacturing Phishing Military Retail 107

Security Affairs

OCTOBER 27, 2021

The use of the BlindingCan RAT was first documented by the U.S. The BlindingCan was employed in attacks on US and foreign companies operating in the military defense and aerospace sectors. This is the first IT supply chain attack conducted by Lazarus that was documented by Kaspersky researchers.

IT 107

IT Systems administration Military Cybersecurity 107

Security Affairs

SEPTEMBER 28, 2021

” reads the analysis published by Microsoft. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. “Use of FoggyWeb has been observed in the wild as early as April 2021.”

Encryption 93

Encryption Military Government Access 93

Security Affairs

DECEMBER 19, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” reads the analysis published by Palo alto Networks. Researchers noticed that in all the attacks threat actors used decoy documents that have the same author name Joohn.

Military 95

Military Data collection Phishing Government 95

Data Protection Report

OCTOBER 3, 2021

Risk of Harm Analysis No Longer Requires Law Enforcement Consultation. The newly amended statute also provides a limited exemption from public disclosure of any documents, materials and information that a person provides in response to a demand during the course of an investigation of the data breach by the Connecticut government.

Data breaches 142

Data breaches IT Insurance Passwords 142

IBM Big Data Hub

FEBRUARY 6, 2024

Disaster recovery can refer to everything from equipment failures, power outages, cyberattacks, civil emergencies, natural disasters and criminal or military attacks, but it is most commonly used to describe events with non-malicious causes. What is cyber recovery?

Data breaches 100

Data breaches Phishing Cloud Ransomware 100

eSecurity Planet

MARCH 7, 2022

Per analysis available from SaaS Alerts, attack trend lines that compare Russia and China show almost the exact same pattern.” reported that hackers – some linked to Russian GRU military intelligence – breached computers at nearly two dozen U.S. ” Office 365 the Most Attacked App.

Security 134

Security Risk Military Cybersecurity 134

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. “The main use of ComRAT is discovering, stealing and exfiltrating confidential documents. The new variant leverages Gmail’s web interface to covertly receive commands and exfiltrate sensitive data.

Military 100

Military Communications Encryption Authentication 100

Security Affairs

SEPTEMBER 24, 2019

The Fancy Bear APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” reads the analysis published by ESET. ” reads the analysis published by ESET. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing 91

Phishing Military Archiving Security 91

Security Affairs

FEBRUARY 21, 2020

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. So, Cybaze-Yoroi ZLab team decided to dive deep into technical analysis. Technical Analysis.

Military 121

Military Communications Encryption IT 121