Archiving, Military and Phishing - Information Management Today

UAC-0142 APT targets Ukraine’s Delta military intelligence program

Security Affairs

DECEMBER 20, 2022

Ukraine’s CERT-UA revealed the national Delta military intelligence program has been targeted with a malware-based attack. The spear phishing messages were sent from a compromised e-mail address belonging to an employee of the Ministry of Defense, as well as messengers. ” states the Ukrainian military. .

Military

Military Archiving Phishing Government

Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

Security Affairs

AUGUST 3, 2024

A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. The campaign began around March 2024, the attackers leveraged phishing tactics that have been effective against diplomats for years, exploiting themes that prompt targets to engage with malicious content.

Sales

Sales Phishing Military Archiving

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” The group targeted government and military organizations in Ukraine.

Military

Military Phishing File names Archiving

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Archiving

Archiving Military Communications Phishing

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Security Affairs

MARCH 28, 2022

Ukraine CERT-UA uncovered a spear-phishing campaign conducted by Belarus-linked GhostWriter APT group targeting Ukrainian state entities with Cobalt Strike Beacon. The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” Pierluigi Paganini.

Archiving

Archiving CMS File names Phishing

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. The attack chain commences with spear-phishing emails with malicious attachments (.docx,rar,sfx

Military

Military File names Archiving Phishing

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

MAY 16, 2021

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. ” read the analysis published Cisco Talos.

Military

Military IT Phishing Archiving

Russia-linked InvisiMole APT targets state organizations of Ukraine

Security Affairs

MARCH 21, 2022

Ukraine CERT (CERT-UA) warns of spear-phishing ??attacks The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. The messages use an archive named “501_25_103.zip”, Pierluigi Paganini.

Phishing

Phishing Military Archiving Government

RomCom RAT campaigns abuses popular brands like KeePass and SolarWinds NPM

Security Affairs

NOVEMBER 4, 2022

The attacks were spotted while analyzing network artifacts associated with RomComRAT infections resulting from attacks targeting Ukrainian military institutions. Then they trojanizing a legitimate application and distributed it through the decoy website, deploying targeted phishing emails to the victims.

Passwords

Passwords Military Ransomware Archiving

Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign

Security Affairs

FEBRUARY 17, 2020

Gamaredon Group is a Cyber Espionage persistent operation attributed to Russians FSB ( Federal Security Service ) in a long-term military and geo-political confrontation against the Ukrainian government and more in general against the Ukrainian military power. . Information about first SFX archive. cmd” and “28847”.

Archiving

Archiving Military IT Phishing

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. China-linked threat actors targeted dozens of industrial enterprises and public institutions in Afghanistan and Europe.

Encryption

Encryption Military Archiving Phishing

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

DECEMBER 7, 2019

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon group.

Military

Military Government Phishing Archiving

A new Fancy Bear backdoor used to target political targets

Security Affairs

SEPTEMBER 24, 2019

The Fancy Bear APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” The threat actors used phishing messages containing a malicious attachment that launches a long chain of downloaders , ending with a backdoor. dotm hosted at Dropbox. .

Phishing

Phishing Military Archiving Security

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The backdoor deploys an SFX archive containing a Windows task installation script. ” reads the analysis publisjed by Kaspersky.

IT

IT Archiving Encryption Passwords

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. The macro creates two folders inside %PROGRAMDATA% path, “ systemidleperf ” and “ SppExtComTel ”.

Military

Military Communications Encryption IT

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Security Affairs

JANUARY 18, 2024

The ColdRiver APT (aka “ Seaborgium “, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group that has been targeting government officials, military personnel, journalists and think tanks since at least 2015. The nation-state actor is carrying out spear-phishing attacks for cyberespionage purposes.

Phishing

Phishing Encryption Military Archiving

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

The Last Watchdog

DECEMBER 3, 2018

I have a Yahoo email account, I’ve shopped at Home Depot and Target , my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management , I’ve had insurance coverage from Premera Blue Cross and I’ve stayed at the Marriott Marquis in San Francisco.

Authentication

Authentication Military Access Insurance

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

Security Affairs

DECEMBER 11, 2018

Government employees, military and civilian citizens who had accounts on official government portals of France ( gouv.fr ), Hungary ( gov.hu ) and Croatia ( gov.hr ) became victims of this data compromise. Phishing emails were sent to personal and corporate email accounts.

Government

Government Passwords Military Archiving

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

IT Governance

APRIL 9, 2024

Police launch investigation into spear phishing attack on MPs Leicestershire Police have begun an inquiry after 12 people working in Westminster reported that they had received unsolicited WhatsApp messages. It’s also started automatically blocking bulk emails to help prevent spam and phishing campaigns.

Data Privacy

Data Privacy Privacy Security Manufacturing

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

IT Governance

APRIL 22, 2024

International law enforcement operation disrupts LabHost phishing-as-a-service platform A law enforcement operation involving 19 countries has disrupted LabHost, one of the world’s largest phishing-as-a-service platforms. Alternatively, you can view our full archive.

Data Privacy

Data Privacy Privacy Manufacturing Security

List of Data Breaches and Cyber Attacks in August 2023 – 79,729,271 Records Breached

IT Governance

SEPTEMBER 6, 2023

It also breaks down each month’s cyber security incidents and provides more information about the biggest and most notable breaches of the month. – JDSupra (unknown) VNS Health Confirms Data Breach at TMG Health Resulted in Data of 103,775 Consumers Being Leaked | Console and Associates, P.C.

Data breaches

Data breaches Ransomware Insurance Privacy

The return of TA402 Molerats APT after a short pause

Security Affairs

JUNE 18, 2021

Most of the victims of the threat actor were located in Israel and Palestine, they belong to multiple industries including governments, telecommunications, finance, military, universities, and technology. The lure is usually based on a geopolitical topic related to the situation in the Middle East, especially the Gaza conflict.

Archiving

Archiving Passwords Government Military

Information Management Today

UAC-0142 APT targets Ukraine’s Delta military intelligence program

Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

Webinars

Trending Sources

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Webinars

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Pakistan-linked Transparent Tribe APT expands its arsenal

Russia-linked InvisiMole APT targets state organizations of Ukraine

RomCom RAT campaigns abuses popular brands like KeePass and SolarWinds NPM

Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign

Chinese actors behind attacks on industrial enterprises and public institutions

Russia-linked Gamaredon group targets Ukraine officials

A new Fancy Bear backdoor used to target political targets

The Platinum APT group adds the Titanium backdoor to its arsenal

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

List of Data Breaches and Cyber Attacks in August 2023 – 79,729,271 Records Breached

The return of TA402 Molerats APT after a short pause

Stay Connected