Document, Encryption, Military and Security - Information Management Today

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption

Encryption Military Phishing Communications

Ukraine’s GUR hacked the Russian Ministry of Defense

Security Affairs

MARCH 4, 2024

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. software used by the Russian Ministry of Defense to encrypt and protect its data.

Military

Military Encryption Data breaches Government

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

JUNE 6, 2020

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. Threat actors first compromised the Westech’s network, then stole the documents before encrypting them. The LGM-30 Minuteman is a U.S. Pierluigi Paganini.

Military

Military Ransomware Encryption Risk

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

MY TAKE: Rising geopolitical tensions suggest a dire need for tighter cybersecurity in 2024

The Last Watchdog

DECEMBER 27, 2023

Russia’s asymmetrical cyber-attacks have been a well-documented, rising global concern for most of the 2000s. We discussed how Russia in 2023 began synchronizing asymmetrical attacks with kinetic military operations — targeting Ukraine’s infrastructure with both missile strikes and advanced power grid hacks.

Cybersecurity

Cybersecurity Military Government Data Privacy

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. Network Elements Networks connect physical and virtual assets and control the data flow between them.

Security

Security Cloud Cybersecurity Risk

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Security Affairs

JANUARY 18, 2024

The ColdRiver APT (aka “ Seaborgium “, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group that has been targeting government officials, military personnel, journalists and think tanks since at least 2015. In November 2022, TAG spotted COLDRIVER sending targets benign PDF documents from impersonation accounts.

Phishing

Phishing Encryption Military Archiving

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. The attack chain begins with the deployment of a TCP downloader that fetches the next stage payload.

Military

Military Communications Libraries Encryption

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

Swiss army asks its personnel to use the Threema instant-messaging app

Security Affairs

JANUARY 9, 2022

All communication is end-to-end encrypted, and the app is open source. ” Recently media shared an FBI training document that reveals the surveillance capabilities of the US law enforcement detailing which data can be extracted from encrypted messaging apps. Source Property of the People. Pierluigi Paganini.

FOIA

FOIA Computer and Electronics IT Encryption

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

The Last Watchdog

JANUARY 18, 2019

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise.

Encryption

Encryption Authentication Military Government

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

The best news of the week with Security Affairs. European Commission has chosen the Signal app to secure its communications. Kr00k Wi-Fi Encryption flaw affects more than a billion devices. Data on Detection of Malicious Documents in Gmail are impressive. A new round of the weekly newsletter arrived! Pierluigi Paganini.

Security

Security Ransomware Military Data breaches

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

Energy and Utilities

Energy and Utilities Military Government Phishing

How to Ensure Your Digital Security During the Rugby World Cup

Thales Cloud Protection & Licensing

SEPTEMBER 12, 2019

Just a couple of months after that, World Rugby itself announced that one of its training websites had suffered a security breach that exposed subscribers’ account information. That’s why it announced it would pursue two measures designed to strengthen its national digital security posture ahead of these sporting events.

Security

Security IoT Personal data Military

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. It’s a surreal experience, paging through hundreds of top-secret NSA documents. I didn’t know either of them, but I have been writing about cryptography, security, and privacy for decades.

Computer and Electronics

Computer and Electronics Encryption Government Privacy

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) warns of phishing attacks aimed at organizations in the country using the topic “Azovstal” The phishing message use the subject “Azovstal” and a weaponized office document. Upon opening the attachment and enabling the macro, it will start the infection process.

Phishing

Phishing Military Ransomware Encryption

Dark Pink APT targets Govt entities in South Asia

Security Affairs

MARCH 13, 2023

The group focuses on military and government organizations to steal sensitive information, including confidential data and intellectual property. dll), and a decoy Microsoft Word document. “The ISO file also contains a decoy Word document that has an XOR-encrypted section.

Phishing

Phishing Encryption Military Government

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Krebs on Security

OCTOBER 5, 2018

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. The chips were alleged to have spied on users of the devices and sent unspecified data back to the Chinese military. Yesterday was one of those times.

Computer and Electronics

Computer and Electronics IT Security IoT

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. The attackers breached dozens of enterprises and in some cases compromised their IT infrastructure, taking over systems used to manage security solutions.

Encryption

Encryption Military Archiving Phishing

Maze Ransomware operators hacked the Xerox Corporation

Security Affairs

JULY 1, 2020

Xerox Corporation is the last victim of the Maze ransomware operators, hackers have encrypted its files and threaten of releasing them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. The company declared over $1.8 Pierluigi Paganini.

Ransomware

Ransomware Encryption Military IT

Donot Team cyberespionage group updates its Windows malware framework

Security Affairs

AUGUST 21, 2022

The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries. In the latest attacks, the group sent messages using RTF documents that trick users into enabling macros.

IT

IT Phishing Military Encryption

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

Krebs on Security

OCTOBER 7, 2020

When it came time for companies to sign legal documents, Bernard’s victims invariably interacted with a 40-something Inside Knowledge employee named “ Katherine Miller ,” who claimed to be his lawyer. and Secure Swiss Data Ltd (more on Secure Swiss data in a moment). Docklands Enterprise Ltd., John Bernard.

Communications

Communications Military Security Government

Onyx Ransomware Destroys Large Files Instead of Locking Them

eSecurity Planet

MAY 2, 2022

Cybersecurity researchers last week revealed that a new ransomware gang called Onyx is simply destroying larger files rather than encrypting them. The Onyx ransomware group doesn’t bother with encryption. Unlike with other ransomware strains, you can’t recover documents with a decryption key. 2 – for big files.

Ransomware

Ransomware Encryption Military Cybersecurity

Russia-linked Nobelium APT group uses custom backdoor to target Windows domains

Security Affairs

SEPTEMBER 28, 2021

.” The attackers use the version.dll DLL to load FoggyWeb which is stored in the encrypted file Windows.Data.TimeZones.zh-PH.pri. The loader uses the custom Lightweight Encryption Algorithm (LEA) routine to decrypt the backdoor directly in the memory. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Encryption

Encryption Military Government Access

Crypto AG Was Owned by the CIA

Schneier on Security

FEBRUARY 11, 2020

The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II. These spy agencies rigged the company's devices so they could easily break the codes that countries used to send encrypted messages. This isn't really news.

Military

Military Encryption Government IT

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

DECEMBER 7, 2019

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. ” reads the report published by Anomaly.

Military

Military Government Phishing Archiving

Maze ransomware gang leaked Canon USA’s stolen files

Security Affairs

AUGUST 14, 2020

The memo also reveals that the company has hired an external security firm to investigate the incident. BleepingComputer has obtained additional unpublished internal documents sent by the Canon IT department on August 10th to the employees about the restoration of services. Canon internal notice – Source BleepingComputer.

Ransomware

Ransomware Archiving Military Encryption

Russia-linked APT28 targets govt bodies with fake NATO training docs

Security Affairs

SEPTEMBER 23, 2020

Russia-linked cyberespionage group APT28 uses fake NATO training documents as bait in attacks aimed at government bodies. The malicious code creates a Windows scheduled task that runs every minute and sends data in obfuscated and encrypted form to the C2 server with post requests. ” reads the report published QuoIntelligence.

Military

Military Government Encryption Communications

Supply-Chain Security

Schneier on Security

MAY 10, 2018

Earlier this month, the Pentagon stopped selling phones made by the Chinese companies ZTE and Huawei on military bases because they might be used to spy on their users. But it's just one instance of the much larger issue of securing our supply chains. Supply-chain security is an incredibly complex problem. I could go on.

Security

Security Military Manufacturing Government

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Security Affairs

FEBRUARY 16, 2020

The amount requested for the Department of Defense in the “ DOD Releases Fiscal Year 2021 Budget Proposal ” is nearly the same one as last year for cyber operations that the US military will conduct in 2020. million for securing points of information and sharing; $198.5 The document includes another $2.2

Artificial Intelligence

Artificial Intelligence Military Cybersecurity Encryption

Crypto AG was spied for US, German intelligence agencies for decades

Security Affairs

FEBRUARY 12, 2020

Swiss authorities are investigating into allegations the company Crypto AG, a Switzerland-based maker of encryption devices, was a front company for the CIA and German intelligence. The investigation conducted by the media is based on documents from the CIA and Germany’s BND foreign intelligence agency. That’s not credible,” he said.

Military

Military Communications Encryption Government

8 Best Password Management Software & Tools for 2022

eSecurity Planet

SEPTEMBER 19, 2022

The boom in remote work due to the COVID-19 pandemic has further amplified the need to secure network endpoints , in which finding software to manage passwords plays a big role. Password manager tools allow organizations and their employees to seamlessly and securely handle login credentials. Best Password Manager Tools.

Passwords

Passwords Encryption Authentication Cloud

Maze Ransomware operators published data from LG and Xerox

Security Affairs

AUGUST 4, 2020

Maze ransomware operators have also breached the systems of the Xerox Corporation and stolen files before encrypting them. The company did not disclose the cyberattack, but early June the Maze ransomware operators published some screenshots that showed that a Xerox domain has been encrypted. The company declared over $1.8

Ransomware

Ransomware Encryption Military Data breaches

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

18, 2021, when an employee on a Windows computer opened a booby-trapped Microsoft Excel document in a phishing email that had been sent two days earlier. On 10 May 2021, security auditors first identified evidence of the attacker compromising systems within Hospital C and Hospital L. By then it was too late.

Ransomware

Ransomware Cybersecurity Phishing Security

New European Union Dual-Use Regulation Enters Into Force

Data Matters

SEPTEMBER 9, 2021

Dual-use items are sensitive goods, services, software, and technology that can be used for both civil and military purposes. Strengthened public security and human rights controls. military end uses in an embargoed country (so called ‘military end use’). New controls on technical assistance.

Military

Military Compliance Manufacturing Sales

Maze Ransomware gang breached the US chipmaker MaxLinear

Security Affairs

JUNE 17, 2020

system-on-chip maker MaxLinear disclosed a security incident, Maze ransomware operators infected some of its computing systems in May. “On May 24, 2020, we discovered a security incident affecting some of our systems. According to documents filed with the U.S. ” reads the data breach notification. Pierluigi Paganini.

Ransomware

Ransomware Data breaches Military Cybersecurity

Cell Phone Security and Heads of State

Schneier on Security

OCTOBER 30, 2018

Security experts have been talking about the potential security vulnerabilities in Trump's cell phone use since he became president. And President Barack Obama bristled at -- but acquiesced to -- the security rules prohibiting him from using a "regular" cell phone throughout his presidency. This should surprise no one.

Security

Security Manufacturing Communications Government

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

OCTOBER 17, 2018

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. The victim was one of the most important leaders in the field of security and defensive military grade Naval ecosystem in Italy. Stage1: Encrypted Content. 1 and OleObj.2.

Computer and Electronics

Computer and Electronics Encryption Military Security

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. “The main use of ComRAT is discovering, stealing and exfiltrating confidential documents. Thus, it is able to bypass some security controls because it doesn’t rely on any malicious domain.” Pierluigi Paganini.

Military

Military Communications Encryption Authentication

APT28 and Upcoming Elections: evidence of possible interference

Security Affairs

APRIL 12, 2019

In mid-March , a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild. This document actually is the first step of a more complex cyber attack.

Passwords

Passwords Metadata Military Government

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . ” The spam messages contain URLs to.ZIP files that serve VBS content designed to download the payload from one of six hardcoded encrypted URLs. . .

Passwords

Passwords Military Manufacturing Encryption

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. All of your files are encrypted with RSA-2048 and AES-128 ciphers.” Attackers will inform the victim that their data is encrypted. IMPORTANT INFORMATION !!! Screenshot example.

Ransomware

Ransomware Encryption Insurance Cloud

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. The document presents itself as a request for a DSOP FUND (Defence Services Officers Provident Fund ).

Military

Military Communications Encryption IT

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

IT Governance

NOVEMBER 1, 2022

We identified 102 security incidents throughout the month, which is the second largest figure so far this year – trailing only August (112). Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. Cyber attacks.

Data breaches

Data breaches Ransomware Insurance Phishing

North Korea-linked Konni APT uses Russian-language weaponized documents

Ukraine’s GUR hacked the Russian Ministry of Defense

Webinars

Trending Sources

Maze ransomware operators stole data from US military contractor Westech

Webinars

MY TAKE: Rising geopolitical tensions suggest a dire need for tighter cybersecurity in 2024

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Network Security Architecture: Best Practices & Tools

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Swiss army asks its personnel to use the Threema instant-messaging app

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

Security Affairs newsletter Round 253

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

How to Ensure Your Digital Security During the Rugby World Cup

Snowden Ten Years Later

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Dark Pink APT targets Govt entities in South Asia

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Chinese actors behind attacks on industrial enterprises and public institutions

Maze Ransomware operators hacked the Xerox Corporation

Donot Team cyberespionage group updates its Windows malware framework

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

Onyx Ransomware Destroys Large Files Instead of Locking Them

Russia-linked Nobelium APT group uses custom backdoor to target Windows domains

Crypto AG Was Owned by the CIA

Russia-linked Gamaredon group targets Ukraine officials

Maze ransomware gang leaked Canon USA’s stolen files

Russia-linked APT28 targets govt bodies with fake NATO training docs

Supply-Chain Security

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Crypto AG was spied for US, German intelligence agencies for decades

8 Best Password Management Software & Tools for 2022

Maze Ransomware operators published data from LG and Xerox

Inside Ireland’s Public Healthcare Ransomware Scare

New European Union Dual-Use Regulation Enters Into Force

Maze Ransomware gang breached the US chipmaker MaxLinear

Cell Phone Security and Heads of State

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

New Turla ComRAT backdoor uses Gmail for Command and Control

APT28 and Upcoming Elections: evidence of possible interference

Qbot uses a new email collector module in the latest campaign

Ransomware Protection in 2021

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

Stay Connected