Military Cryptanalytics, Part III

Schneier on Security

The NSA has just declassified and released a redacted version of Military Cryptanalytics , Part III, by Lambros D. 20, “The Analysis of Systems Employing Long or Continuous Keys”; Monograph No. 15, “An Introduction to Teleprinter Key Analysis”; and Monograph No.

Analysis: Indictments in Equifax Hack

Data Breach Today

The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. military against foreign targets, Barr said the DOJ did so in this case because the accused “indiscriminately” targeted American civilians on a massive scale. ANALYSIS. The U.S.

Analysis: Can Russia's Cyber Destruction Appetite Be Curbed?

Data Breach Today

indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction. Indictments Are Just a First Step Toward a Crackdown The U.S.

Gamaredon APT Improves Toolset to Target Ukraine Government, Military

Threatpost

Vitali Kremez, head of SentinelLabs, said in research released on Wednesday that he has been tracking an uptick in Gamaredon cyberattacks on Ukrainian military and security institutions that started in […].

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. ” reads the technical analysis of the malware.

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Security Affairs

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. reads the analysis published by Kaspersky.

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. At the time of the analysis, both sites were not reachable at the time of the analysis.

Machete cyber-espionage group targets Latin America military

Security Affairs

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. The group has been active since 2010 and hit military organizations and other high-profile targets worldwide. ” reads the analysis from ESET.

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

” reads the analysis published by vpnMentor. “The data Our team viewed highly sensitive data exposing the personal details of government and military personnel, and their travel arrangements to locations around the world, both past and future.” The list of affected users includes the US government, military, and Department of Homeland Security (DHS). . One of the platforms exposed in the database was a contractor of the US government, military, and DHS.

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. ” reads the analysis published by the experts.

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. ” reads the analysis published by ESET.

Kaspersky Analysis Shines Light on DarkUniverse APT Group

Dark Reading

Threat actor was active between 2009 and 2017, targeting military, government, and private organizations

Kaspersky Lab Analysis Shines Light on DarkUniverse APT Group

Dark Reading

Threat actor was active between 2009 and 2017, targeting military, government, and private organizations

Forward Progress: Congress Requires DOD to Digitize DD-214 Military Service Records

Archives Blogs

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Security Affairs

A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis. Experts at the threat intelligence firm Cyjax analyzed file uploaded by organizations via malware analysis sandboxes and discovered that they were exposing sensitive data. One of the files exposed via the malware analysis sandboxes appeared to be a U.S. CENTCOM requisition form for use of military aircraft.

Analysis: Threat Posed by Pro-Iranian Hackers

Data Breach Today

businesses and government agencies to remember that as they anticipate reprisals from Tehran after President Donald Trump ordered the assassination of an Iranian military leader

No Surprise: China Blamed for 'Big Data' Hack of Equifax

Data Breach Today

Analysis: Equifax Failed on Security, But Only Governments Can Hold Each Other to Account Who's surprised Chinese military hackers allegedly hacked Equifax?

APT15 Pokes Its Head Out With Upgraded MirageFox RAT

Threatpost

government and military in 2017 (which wasn't made public until 2018). Hacks Malware APT15 Chinese government intezer Malware analysis miragefox new campaign RATThis is the first evidence of the China-linked threat actor's activity since hacked the U.K.

DHS – Russian APT groups are inside US critical infrastructure

Security Affairs

They got to the point where they could have thrown switches,” Jonathan Homer, chief of industrial control system analysis for Homeland Security, told the paper. APT Breaking News Cyber warfare Hacking Intelligence Malware critical infrastructure DHS military Pierluigi Paganini Russia Security AffairsThe US Government is warning of continuous intrusions in National critical infrastructure and it is blaming the Kremlin for the cyber attacks.

China's AI Strategy and its Security Implications

Schneier on Security

Allen at the Center for a New American Security has a new report with some interesting analysis and insights into China's AI strategy, commercial, government, and military. Gregory C. There are numerous security -- and national security -- implications

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Security Affairs

The MoD is offering a salary of £33k to “work alongside some of the best scientists and engineers within defence and will be tasked with delivering prototype solutions directly to the soldiers and officers of a unique and specialized military unit.”

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan.

Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months

Security Affairs

The Transparent Tribe cyber-espionage group continues to improve its arsenal while targets Military and Government entities. The Transparent Tribe APT group is carrying out an ongoing cyberespionage campaign aimed at military and diplomatic targets worldwide.

McAfee Finds Years-Long Attack by Chinese-Linked APT Groups

eSecurity Planet

The exfiltrated data would have either been part of an intellectual property theft for economic purposes and/or would have provided insights that would be beneficial in case of military interventions.

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

” The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Operation North Star – North-Korea hackers targeted US defense and aerospace companies

Security Affairs

The threat actors’ job postings messages were crafted to target the following specific US defense programs and groups: F-22 Fighter Jet Program Defense, Space and Security (DSS) Photovoltaics for space solar cells Aeronautics Integrated Fighter Group Military aircraft modernization programs.

New US Electronic Warfare Platform

Schneier on Security

The military wants to move away from traditional high-powered jamming, which filled the frequencies the enemy used with blasts of static, to precisely targeted techniques , designed to subtly disrupt the enemy's communications and radar networks without their realizing they're being deceived.

The return of TA402 Molerats APT after a short pause

Security Affairs

Most of the victims of the threat actor were located in Israel and Palestine, they belong to multiple industries including governments, telecommunications, finance, military, universities, and technology. ” reads the analysis published by Proofpoint.

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . ” reads the analysis published by FireEye.

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

” states the analysis published by FireEye. The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries.

Estonia's Volunteer Cyber Militia

Schneier on Security

The volunteers, who've inspired a handful of similar operations around the world, are readying themselves to defend against the kind of sustained digital attack that could cause mass service outages at hospitals, banks, and military bases, and with other critical operations, including voting systems. Interesting -- although short and not very detailed -- article about Estonia's volunteer cyber-defense militia.

Gamaredon group uses a new Outlook tool to spread malware

Security Affairs

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. Additional details are included in the analysis published by ESET.

Crooks use software skimmer that pretends to be a security firm

Security Affairs

The analysis of the software skimmer revealed that the first 109 lines in its code don’t contain any content, while line #110 contains a base64-encoded Javascript ( eval(atob(… ). ” reads the analysis published by Sucuri.

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to experts from Symantec, the group is now actively conducting cyber espionage campaigns against government and military organizations in Europe and South America. ” reads the analysis published by Symantec. Military targets in Europe.

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Iran-linked APT35 accidentally exposed 40 GB associated with their operations

Security Affairs

” reads the analysis published by IBM. IBM X-Force IRIS did not find evidence of the two military members’ professional network credentials being compromised, and no professional information appears to have been included.”

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement.

Russian APT groups target European governments ahead of May Elections

Security Affairs

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America. Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections.

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. According to researchers from Symantec, who first spotted the threat actor, the group has launched attacks on several overseas embassies of an unnamed Eastern European country, and military and defense organizations in the Middle East.