Education, Government, IT and Military - Information Management Today

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

Military

Military File names Education Phishing

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. Yet, there’s still work to be done to make this path more accessible and known among the veteran and transitioning military community. Veterans have the characteristics that make them ideal for these roles. And it works.

Cybersecurity

Cybersecurity Military Education Government

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Security Affairs

FEBRUARY 24, 2023

This year, 750 cyber specialists have participated in the military cyberwarfare exercise. We must innovate to stay ahead of those that would wish us harm and Defence Cyber Marvel 2 is the next evolution of our pioneering collective education.” ” reads the press release published by the UK Ministry of Defence. .

Military

Military Education Government IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Another Massive Russian Hack of US Government Networks

Schneier on Security

DECEMBER 15, 2020

The press is reporting a massive hack of US government networks by sophisticated Russian hackers. Officials said a hunt was on to determine if other parts of the government had been affected by what looked to be one of the most sophisticated, and perhaps among the largest, attacks on federal systems in the past five years.

Government

Government Military Education IT

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats.

IT

IT Military Phishing Passwords

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Educate your employees on threats and risks such as phishing and malware. Cyber attack targets.

Cybersecurity

Cybersecurity Military Passwords Education

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

The program also commits to providing free training for transitioning military, first responders, veterans, military spouses, women, underrepresented minorities, and government personnel. They then attend Access Living’s disability centered technology training course and receive one-on-one support.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. . “the U.S. In fact, the U.S. ” continues the alert. ” U.S. ” U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Catches of the Month: Phishing Scams for March 2022

IT Governance

MARCH 8, 2022

The Ukrainian government and its military were targeted by DDoS (distributed denial-of-service) attacks, while a pro-Ukrainian group attacked the Belarusian railway system with ransomware after discovering that it was being used by Russia to transport tanks and weapons. Beware of remote access takeover scams.

Phishing

Phishing Military Access Education

Wings for This Man: Celebrating the Tuskegee Airmen

Unwritten Record

FEBRUARY 6, 2024

The country needed to quickly increase the number of soldiers in the military while also increasing the production of wartime goods and manufacturing. To do this, the United States Government employed several strategies to garner the support of the American people. The First Motion Picture Unit, part of the U.S.

Military

Military Government Manufacturing Education

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. Russia-linked APT28 group is targeting Ukrainian government bodies with fake ‘Windows Update’ guides, Computer Emergency Response Team of Ukraine (CERT-UA) warns. ” continues the alert.

Systems administration

Systems administration Military Phishing Government

Ministry of Defence academy hit by state-sponsored hackers

Security Affairs

MARCH 22, 2021

The Defence Academy of the United Kingdom provides higher education for personnel in the British Armed Forces, Civil Service, other government departments and service personnel from other nations. “Staff were told the hack was by a foreign power, making Russia and China suspects.” a source told The Sun.

Education

Education Military Government IT

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. DataLocker actually got traction, early on, selling to the military. Related: How DataLocker got its start h. Park: Exactly.

Encryption

Encryption Military Passwords Authentication

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. The group targeted multiple sectors, including government, defense, energy, transportation/logistics, education, and humanitarian organizations.

Phishing

Phishing Military Ransomware Education

Government By Numbers: Some Interesting Insights

John Battelle's Searchblog

OCTOBER 28, 2011

Examples include identity (from driver’s licenses and SSNs to Visa, MasterCard, Amex, and Facebook), delivery of important information and items (from the Post Office to Telcos, Internet, and FedEx and UPS), and protection (outsourcing both prisons and military jobs to private companies). Very interesting.

Government

Government Education Military Financial Services

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Michigan is known as the Wolverine State in deference to the ornery quadruped that roams its wild country. However, after a recent visit to Detroit, Ann Arbor and Grand Rapids as a guest of the Michigan Economic Development Corp., or MEDC, I’m prepared to rechristen Michigan the Cybersecurity Best Practices State. But it does fit like a glove.

Cybersecurity

Cybersecurity Military Education Government

Introducing Films of State, a Conference on Government Films

Unwritten Record

MARCH 11, 2021

Today I am thrilled to tell you about something we’ve been working on: Films of State, a three day online conference focused on government films and NARA’s holdings, scheduled for April 7-9, 2021. The National Archives and Records Administration is the archival repository of the United States government. Government and the People.

Government

Government Archiving Military Libraries

International Holocaust Remembrance Day

Unwritten Record

JANUARY 24, 2023

The purpose of International Holocaust Remembrance Day is to serve as a date for the official commemoration of the victims of the Nazi regime and to promote Holocaust education. We here at the Unwritten Record wanted to share past blogs about the Holocaust in an effort to help promote education on the topic.

Military

Military Education Archiving Libraries

UK Foreign Office targeted by ‘serious’ cyber attack

IT Governance

FEBRUARY 10, 2022

When governments are targeted by cyber attacks, the blame almost immediately falls on nation states. Russia and China have both recently been linked to cyber espionage and sabotage aimed at government agencies – with Russia accused last month of a widespread attack on the Ukrainian government website. on 12 January.

Military

Military Government Paper Security

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

Notably, the Order requires private companies to share with the federal government the results of “red-team” safety tests for foundation models that pose certain risks, directs the development of new AI standards to guide government agencies’ acquisition and use of AI, creates a new National AI Research Resource to foster U.S.

Risk

Risk Artificial Intelligence Privacy Military

Kevin Mitnick, Hacker Turned Cybersecurity Leader, Dies at 59

eSecurity Planet

JULY 20, 2023

military systems and launch nuclear missiles through mere whistling. Mitnik claimed that the government was less worried about the accuracy of the charges and more worried about making an example of Mitnik to discourage other hackers. government to track down offenders or impose punishments. Mitnick’s Legacy The U.S.

Cybersecurity

Cybersecurity Education Military Government

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

In recent years, the researchers observed the group expanding its operations to include financial institutions and government entities. This domain has been hosted on eight other IPs throughout its history, none of these IPs were directly affiliated with the South African government. org over port 8443 for C2. saspecialforces.co[.]za

Communications

Communications Military Government Libraries

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

The Draft includes seven sections and 55 articles in total, covering data security and industrial development, the data security regulatory system, data security protection obligations and government data security and access. The Central Military Commission will develop the measures regulating military Data Activities.

Security

Security Military Government Risk

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . Threat actors carried out a highly-sophisticated supply chain attack.

Military

Military Cybersecurity Communications Government

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. government institutions, and about 250 Ukrainian victims. ” reads the joint advisory. ” continues the advisory.

Military

Military Access Cybersecurity Education

What Role Government?

John Battelle's Searchblog

NOVEMBER 4, 2011

( image ) As I begin to dig into the work of my next book, I’ve found myself thinking about politics and government far more than I anticipated. For initial thoughts and stats, see Government By Numbers: Some Interesting Insights ). There, our identity is not managed by the government. Certainly the Occupy Wall St.

Government

Government Education Military Communications

We Can Do It!: World War II Posters at the Still Picture Branch

Unwritten Record

SEPTEMBER 22, 2020

The Still Picture Branch at the National Archives and Records Administration houses a multitude of posters used during World War II by the United States Government. The Still Picture Branch at the National Archives and Records Administration houses a multitude of posters used during World War II by the United States Government.

Archiving

Archiving IT Military Government

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. The China-linked APT group Thrip is continuing to target entities in Southeast Asia even after its activity was uncovered by Symantec. ” concludes the report.

Military

Military Communications Government Education

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs

APRIL 19, 2023

Mint Sandstorm targets both private and public organizations, including political dissidents, journalists, activists, the Defense Industrial Base (DIB), and employees from multiple government agencies, including individuals protesting oppressive regimes in the Middle East. ” reads the report published by Microsoft.

Energy and Utilities

Energy and Utilities Military Education Phishing

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

JUNE 22, 2020

The law also allows operators to use covered information to comply with applicable law or for legitimate research purposes (in certain circumstances), and to disclose covered information to a State or local educational agency for PreK-12 school purposes, as permitted by State or federal law.

Data breaches

Data breaches Privacy Education Data Privacy

Is the federal government ready for robotic process automation?

CGI

JULY 19, 2018

Is the federal government ready for robotic process automation? Don’t think of the shambling, clanking humanoid automatons from 1950s sci-fi, or even the sleek bomb-disposal robots used today by the military and police departments. harini.kottees…. Thu, 07/19/2018 - 04:38.

Government

Government Digital transformation Military Education

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

First, Russia targeted banks and government departments, then Ukraine hit back, attacking the Moscow stock exchange. You can find out more about the cyber security implications of the Ukraine by registering for our special presentation hosted by IT Governance’s founder and executive chairman, Alan Calder.

Data breaches

Data breaches Ransomware Government Blockchain

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere.

Phishing

Phishing Passwords Military Education

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates. The best news of the week with Security Affairs.

Security

Security Ransomware Military Data breaches

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

CyberheistNews Vol 13 #14 | April 4th, 2023 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam. KnowBe4 Mobile Learner App - Users can now train anytime, anywhere!

Phishing

Phishing Security awareness Cybersecurity Education

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries. In some attacks, the threat actors used weaponized Excel documents as a downloader. ” continues the report.

Manufacturing

Manufacturing Phishing Military Retail

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

IoT

IoT Military Access Education

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

IT Governance

SEPTEMBER 1, 2020

There were a massive 99 data breaches and cyber attacks in August, making it the third-biggest monthly total of the year by number of security incidents. But, by contrast, only 36,673,575 records were confirmed to have been leaked, which is the fewest we’ve recorded since May 2018. Cyber attacks. Hitachi Chemical Co. Cyber attacks. Cyber attacks.

Data breaches

Data breaches Ransomware Insurance Manufacturing

Driving Conversations Around Careers In Telematics

Information Governance Perspectives

APRIL 5, 2023

In 2015, he successfully transitioned from a military career as a trial attorney for the JAG Corps to working in telematics in corporate America for State Farm Insurance. In the military, he got his first exposure to telematics when they asked him what he wanted to do after being a prosecutor, and he exclaimed, “convoys!”

Insurance

Insurance Military Artificial Intelligence Manufacturing

Preservica - 2022 highlights & momentum looking ahead

Preservica

DECEMBER 29, 2022

From academic institutions and government agencies to corporate businesses and the health sector, 2022 was full of world events that will shape our history forever. Preserving our digital memory is the backbone of how we educate ourselves, advocate for change, and support each other and our institutions for future generations to come.

Digital preservation

Digital preservation Archiving Records Management e-Discovery

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes.

Encryption

Encryption Military Education Communications

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

Webinars

Trending Sources

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Webinars

Another Massive Russian Hack of US Government Networks

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

FBI chief says China is preparing to attack US critical infrastructure

Catches of the Month: Phishing Scams for March 2022

Wings for This Man: Celebrating the Tuskegee Airmen

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Ministry of Defence academy hit by state-sponsored hackers

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

Google TAG warns of Russia-linked APT groups targeting Ukraine

Government By Numbers: Some Interesting Insights

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

Introducing Films of State, a Conference on Government Films

International Holocaust Remembrance Day

UK Foreign Office targeted by ‘serious’ cyber attack

Biden AI Order Enables Agencies to Address Key Risks

Kevin Mitnick, Hacker Turned Cybersecurity Leader, Dies at 59

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

China Issues Draft Data Security Law

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

What Role Government?

We Can Do It!: World War II Posters at the Still Picture Branch

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Is the federal government ready for robotic process automation?

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs newsletter Round 253

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

Driving Conversations Around Careers In Telematics

Preservica - 2022 highlights & momentum looking ahead

GCHQ implements World War II cipher machines in encryption app CyberChef

Stay Connected