Analysis, Government, Military and Security - Information Management Today

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

FEBRUARY 19, 2024

The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. The researchers recommend reading the detailed analysis of the recent TAG-70 campaign here.

Military

Military Government Access Risk

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Military

Military Authentication Access Government

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

JANUARY 26, 2020

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. At the time of the analysis, both sites were not reachable at the time of the analysis. ” reported BleepingComputer. Pierluigi Paganini.

Military

Military Government Ransomware Privacy

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. Attorney General Bill Barr said at a press conference today that the Justice Department doesn’t normally charge members of another country’s military with crimes (this is only the second time the agency has indicted Chinese military hackers).

Military

Military Phishing Government Sales

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Security Affairs

MAY 15, 2020

Chinese threat actors, tracked as Tropic Trooper and KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines. Chinese APT group Tropic Trooper, aka KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines, Trend Micro researchers reported. ” continues the report.

Military

Military Government IT Security

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. SecurityAffairs – hacking, Taiwan Government).

Government

Government Military Information Security Security

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

KnowBe4

JANUARY 22, 2024

The Russian state-sponsored threat actor “COLDRIVER” is launching phishing campaigns against “high profile individuals in NGOs, former intelligence and military officers, and NATO governments,” according to researchers at Google’s Threat Analysis Group (TAG).

Phishing

Phishing Military Government Security

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 24, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience? Is it a Russia’s weapon?

Security

Security Passwords Military Marketing

No Surprise: China Blamed for 'Big Data' Hack of Equifax

Data Breach Today

FEBRUARY 11, 2020

Analysis: Equifax Failed on Security, But Only Governments Can Hold Each Other to Account Who's surprised Chinese military hackers allegedly hacked Equifax?

Big data

Big data Military Personal data Government

Google blocked China-linked APT31’s attacks targeting U.S. Government

Security Affairs

MARCH 9, 2022

government. government. The campaign took place in February and Google Threat Analysis Group (TAG) team was not able to link it to the ongoing invasion of Ukraine. The campaign took place in February and Google Threat Analysis Group (TAG) team was not able to link it to the ongoing invasion of Ukraine. government.

Government

Government Phishing Military IT

Gamaredon APT Improves Toolset to Target Ukraine Government, Military

Threatpost

FEBRUARY 5, 2020

The Gamaredon advanced persistent threat (APT) group has been supercharging its operations lately, improving its toolset and ramping up attacks on Ukrainian national security targets.

Military

Military Government Security IT

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

OCTOBER 22, 2019

Security experts at vpnMentor’s discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. ” reads the analysis published by vpnMentor. ” reads the analysis published by vpnMentor. SecurityAffairs – US government, Autoclerk data le ak ).

Military

Military Government Cloud Archiving

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. x and Ivanti Policy Secure. is a command injection vulnerability in web components of Ivanti Connect Secure (9.x, x) and Ivanti Policy Secure. reads the advisory published by Ivanti.

Security

Security Authentication Military Government

Machete cyber-espionage group targets Latin America military

Security Affairs

AUGUST 5, 2019

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. ” reads the analysis from ESET.

Military

Military Archiving Security Government

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

The Last Watchdog

NOVEMBER 14, 2023

Related: How ‘Internet Access Brokers’ fuel ransomware I happened to be in the audience at Stanford University when President Obama took to the stage to issue an executive order challenging the corporate sector and federal government to start collaborating as true allies. Yet, there remains much leeway for improvements.

Ransomware

Ransomware Military Government Security

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs

MARCH 4, 2024

Threat actors stole sensitive information from the company, including military and government documents, revealed Taiwan’s Defense Ministry. TeraBytes of data” that included government contracts. We have asked the contractor involved to strengthen its information security control to prevent any further incidents.”

Military

Military Sales Government Information Security

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Being Used to Phish So Many of Us?

Security

Security Ransomware Data breaches IoT

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Artificial Intelligence

Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

Security Affairs

OCTOBER 25, 2023

The Winter Vivern group was first analyzed in 2021, it has been active since at least 2020 and it targets governments in Europe and Central Asia. The analysis of the email HTML source code revealed the presence of a SVG tag at the end, which contains a base64-encoded payload. ” reads the analysis published by ESET.

Military

Military Government Phishing IT

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Pierluigi Paganini.

Government

Government Military Phishing Access

LUCKY ELEPHANT campaign targets South Asian governments

Security Affairs

MARCH 27, 2019

The NETSCOUT Threat Intelligence team uncovered a credential harvesting campaign tracked as LUCKY ELEPHANT targeting mostly South Asian governments. Security experts at NETSCOUT Threat Intelligence team uncovered a credential harvesting campaign, tracked as LUCKY ELEPHANT, targeting mostly South Asian governments.

Government

Government Military Phishing Security

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

The Last Watchdog

JULY 5, 2022

At any point the external environment can throw a curve ball – new government regulations, changes in political and social dynamics, or trends in sustainability to name a few. Cyber security keeps the C-suite up at night and perhaps that’s no surprise. Cyber security should also be viewed in a wider business context.

Risk

Risk Military Marketing Data Privacy

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. As the United States and other nations condemn Russia’s actions, the odds of Russian cyber actors targeting the U.S.,

Cybersecurity

Cybersecurity Military Passwords Education

China's AI Strategy and its Security Implications

Schneier on Security

FEBRUARY 7, 2019

Allen at the Center for a New American Security has a new report with some interesting analysis and insights into China's AI strategy, commercial, government, and military. There are numerous security -- and national security -- implications.

Military

Military Security IT Government

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to CERT-UA, this campaign targeted more than 40 Ukrainian organizations, including government entities.

Military

Military Phishing Government Communications

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

Military

Military Phishing File names Government

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . TAG sent a above average batch of government-backed security warnings yesterday. So why do we do these government warnings then?

Phishing

Phishing Military Government Security

Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

Security Affairs

NOVEMBER 18, 2023

The Gamaredon APT group continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. ” reads the analysis published by CheckPoint.

Military

Military Communications IT Government

NYT report states that ToTok app is a government spy tool.

Security Affairs

DECEMBER 24, 2019

According to a report published by the New York Times, the popular app ToTok was used by the UAE government as a surveillance tool. The report said US intelligence officials and a security researcher determined the app was being used by the UAE government for detailed surveillance. ” reads the analysis published by Wardle.

Government

Government Military Security IT

A brief history of cryptography: Sending secret messages throughout time

IBM Big Data Hub

JANUARY 5, 2024

From securing everyday personal messages and the authentication of digital signatures to protecting payment information for online shopping and even guarding top-secret government data and communications—cryptography makes digital privacy possible. In modern times, cryptography has become a critical lynchpin of cybersecurity.

Encryption

Encryption Communications Military Government

Google TAG details cyber activity with regard to the invasion of Ukraine

Security Affairs

MARCH 31, 2022

The Google Threat Analysis Group (TAG) provided an update about nation-state attacks related ongoing Russian invasion of Ukraine, the experts spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine. a threat actor impersonated military personnel to extort money for rescuing relatives in Ukraine.

Military

Military Phishing Government Ransomware

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

In recent years, the researchers observed the group expanding its operations to include financial institutions and government entities. ” reads the analysis published by Unit 42. Analysis of the C2 for a second Sword2033 sample revealed that the domain *.saspecialforces.co[.]za org over port 8443 for C2. softether[.]net

Communications

Communications Military Government Libraries

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

eSecurity Planet

MARCH 7, 2022

A SaaS security company says a spike in cyber attacks from Russia and China in recent weeks suggests the two countries may be coordinating their cyber efforts. Per analysis available from SaaS Alerts, attack trend lines that compare Russia and China show almost the exact same pattern.” SaaS Apps Under Attack.

Security

Security Risk Military Cybersecurity

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group. The government agencies recommend that US organizations update any Linux system to a version running kernel version 3.7 Pierluigi Paganini.

Military

Military IoT Phishing Government

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. Researchers from cybersecurity firm Synacktiv published a technical analysis of a Rust malware, named KrustyLoader, that was delivered by threat actors exploiting the above vulnerabilities.

Authentication

Authentication Military Communications Security

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The malicious macro attachment used the Emergency Meeting of the NATO Security Council held on February 23, 2022, as bait. ” reads the analysis published by ProofPoint. Pierluigi Paganini.

Phishing

Phishing Military Government Communications

A zero-click vulnerability in Windows allows stealing NTLM credentials

Security Affairs

MAY 11, 2023

Researchers shared technical details about a flaw in Windows MSHTML platform, tracked as CVE-2023-29324 , that could be abused to bypass security protections. Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows MSHTML platform. We are in the final!

Military

Military Cybersecurity Security Government

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military spacecraft. Treasury Department in July 2014 due to its support to the Russian government in attempting of destabilizing eastern Ukraine and its ongoing occupation of Crimea. The Russian firm was sanctioned by the U.S.

Military

Military Communications Manufacturing Phishing

Cybersecurity Services combat an APT with NDR

OpenText Information Management

MARCH 28, 2024

Environmental Protection Agency and National Security Agency have requested that each U.S. DNS Exfil, SCADA controls, DGA), but also need the additional layer of security that may be missed by using only endpoint protection (e.g. State carry out comprehensive assessments of their cybersecurity services and practices.

Cybersecurity

Cybersecurity Military IoT Security

Internet Backbone Giant Lumen Shuns.RU

Krebs on Security

MARCH 8, 2022

.” “We decided to disconnect the network due to increased security risk inside Russia,” the statement continues. At the same time, the Russian government has blocked Facebook and partly blocked Twitter , while other platforms like TikTok have suspended services in the country.

Military

Military Government Risk Business Services

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. The post Phishing attacks using the topic “Azovstal” targets entities in Ukraine appeared first on Security Affairs. To nominate, please visit:?

Phishing

Phishing Military Ransomware Encryption

Nobelium APT uses new Post-Compromise malware MagicWeb

Security Affairs

AUGUST 25, 2022

Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments. ” reads the analysis published by Microsoft. ” concludes the report. Pierluigi Paganini.

Authentication

Authentication Military Access Government

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG). ” reads the report published by the Google TAG. ” concludes the report.

Phishing

Phishing Military Ransomware Education

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Webinars

Trending Sources

A new piece of Ryuk Stealer targets government, military and finance sectors

Webinars

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Taiwan Government faces 5 Million hacking attempts daily

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

No Surprise: China Blamed for 'Big Data' Hack of Equifax

Google blocked China-linked APT31’s attacks targeting U.S. Government

Gamaredon APT Improves Toolset to Target Ukraine Government, Military

Autoclerk travel reservations platform data leak also impacts US Government and military

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Machete cyber-espionage group targets Latin America military

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

Russian APT groups target European governments ahead of May Elections

LUCKY ELEPHANT campaign targets South Asian governments

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

China's AI Strategy and its Security Implications

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

China-linked APT Curious Gorge targeted Russian govt agencies

Google warns of APT28 attack attempts against 14,000 Gmail users

Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

NYT report states that ToTok app is a government spy tool.

A brief history of cryptography: Sending secret messages throughout time

Google TAG details cyber activity with regard to the invasion of Ukraine

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

FBI and NSA joint report details APT28’s Linux malware Drovorub

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

A zero-click vulnerability in Windows allows stealing NTLM credentials

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Cybersecurity Services combat an APT with NDR

Internet Backbone Giant Lumen Shuns.RU

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Nobelium APT uses new Post-Compromise malware MagicWeb

Google TAG warns of Russia-linked APT groups targeting Ukraine

Stay Connected