Government, Information Security, Manufacturing and Military

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.

Military

Military Manufacturing Ransomware Mining

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Security Affairs

AUGUST 21, 2023

military procurement system. military procurement system and was spotted targeting Taiwan-based organizations The choice of the new targets in the latest campaign suggests a strategic interest of the People’s Republic of China according to the 2023 ODNI threat assessment. military server used for contract proposals and submissions.

Military

Military Manufacturing Government Access

Russian military plans to replace Windows with Astra Linux

Security Affairs

MAY 31, 2019

Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux. intelligence agencies.

Military

Military Government Manufacturing Data Privacy

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement.

Manufacturing

Manufacturing Information Security Military Authentication

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Defense contractor Belcan leaks admin password with a list of flaws

Security Affairs

AUGUST 22, 2023

US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions.

Passwords

Passwords Military Manufacturing Analytics

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military spacecraft. Treasury Department in July 2014 due to its support to the Russian government in attempting of destabilizing eastern Ukraine and its ongoing occupation of Crimea.

Military

Military Communications Manufacturing Phishing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The researchers pointed out that the use of the KV-Botnet is limited to China-linked actors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer). ” reads the post published by Cyble.

Military

Military Manufacturing Phishing Government

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs

NOVEMBER 27, 2023

. “The data obtained as a result of hacking and penetration of enemy information systems includes a list of daily reports of Rosaviatsiya for the entire Russian Federation for more than a year and a half.” ” Rosaviatsia is the government agency responsible for the oversight and regulation of civil aviation in Russia.

Military

Military Manufacturing Government Authentication

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence

Artificial Intelligence Security Ransomware Data breaches

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks. However, Macron said that France will favor European providers of 5G technology due to security concerns.

IT

IT Military Manufacturing Risk

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

” The MiCODUS MV720 GPS Tracker is a popular vehicle GPS tracker manufactured in China, which is used by consumers for theft protection and location management, and by organizations for vehicle fleet management. The analysis of the sector usage on a global scale revealed significant differences by continent in the typical user profile.

Passwords

Passwords Manufacturing Military Authentication

The US Gov is testing high-altitude balloons for surveillance

Security Affairs

AUGUST 4, 2019

The US government is testing high-altitude balloons manufactured by Sierra Nevada to conduct surveillance over American soil. The US government is planning to use high-altitude balloons to conduct surveillance over Americans. ” states The Guardian. ” states the authorization.

Military

Military Manufacturing Communications Government

Feel Good Ukraine Tractor Story Highlights Ag Cyber Risk

The Security Ledger

MAY 3, 2022

CISA, the Cybersecurity and Infrastructure Security Agency, has warned repeatedly about the possibility of devastating Russian cyber attacks on U.S. and Western nations’ military support of Ukraine’s army. “(Deere) basically has remote desktop access to the equipment,” he told Security Ledger.

Agriculture

Agriculture Risk Military Manufacturing

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

Mitsubishi Electric had also already notified members of the Japanese government and the Ministry of Defense. ” The advanced prototype missile was designed to be deployed in Japan’s remote islands as a deterrence to military activities conducted by China in the area. . ” states the AP press agency.

Security

Security Military Manufacturing Personal data

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

In the final days of February, there were a flurry of security incidents related, either directly or indirectly, to the Ukraine conflict. First, Russia targeted banks and government departments, then Ukraine hit back, attacking the Moscow stock exchange.

Data breaches

Data breaches Ransomware Government Blockchain

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. The malware samples analyzed impersonated the applications of telecommunications companies or smartphone manufacturers.

Military

Military Manufacturing Government Security

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). .” Most of exploit attempts targeted organizations in Turkey (19%), followed by United States (18%) and Italy (10%).

Authentication

Authentication Military Ransomware Manufacturing

MICROCHIPS Act aims at improving tech supply chain

Security Affairs

AUGUST 1, 2019

2316 ) – Two US Senators have introduced a bill to protect US government supply chain against foreign sabotage and cyber espionage. Two US senators have introduced legislation a bill, dubbed Manufacturing, Investment and Controls Review for Computer Hardware, Intellectual Property and Supply ACT (MICROCHIPS Act – S.

Military

Military Manufacturing Government Security

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . The researchers estimate that one of these campaigns that took place in July impacted roughly 5% of organizations worldwide.

Passwords

Passwords Military Manufacturing Encryption

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Security Affairs

MARCH 15, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Security experts pointed out that the flaws are actively exploited to deliver web shells, and more recently ransomware such as the DearCry ransomware.

Military

Military Ransomware Manufacturing Security

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

Data Matters

DECEMBER 9, 2021

prohibition, mitigation) on any acquisition, importation, transfer, installation, dealing in, or use of ICTS that has been designed, developed, manufactured, or supplied by parties owned by, controlled by, or subject to the jurisdiction or direction of “foreign adversaries.” The risk factors include.

Communications

Communications Manufacturing Risk Data collection

Vladimir Putin ‘s computers still run Windows XP, Media reports

Security Affairs

DECEMBER 30, 2019

Open Media pointed out that that Windows XP is the last operating system developed by Microsoft that was approved by the Kremlin for use on official Russian government computers. Microsoft Windows 10 is only allowed only for government systems that don’t manage secret information. intelligence agencies.

Government

Government Communications Military Manufacturing

Weekly podcast: TSB, hotel locks and NATO exercise

IT Governance

APRIL 27, 2018

This week, we discuss TSB’s chaotic system upgrade, a security flaw in electronic hotel locks and a major NATO cyber security exercise. Hello and welcome to the IT Governance podcast for Friday, 27 April 2018. Until next time you can keep up with the latest information security news on our blog.

Military

Military Manufacturing Information Security Access

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

DLA Piper Privacy Matters

JUNE 4, 2021

The Chinese cybersecurity authorities have published new draft rules clarifying data and cyber compliance obligations for the automobile industry, including a push towards most personal information and important data being kept in China. other data that may affect national security and public interests. outside of the vehicle; and.

Big data

Big data Compliance Personal data Insurance

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Security Affairs

MAY 14, 2019

Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea. The hackers targeted organizations in the chemicals, manufacturing, electronics, aerospace, healthcare, and automotive sectors. Kaspersky first documented the operations of the group in 2016.

IT

IT Military Manufacturing Government

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. Hello and welcome to the final IT Governance podcast of 2018. For more information on each story, simply follow the links in the transcript on our blog. Patches were rushed out , but many.

Data breaches

Data breaches Personal data Access GDPR

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security. But these were far from the only notable cyber security headlines of the year. Tensions rose throughout February as the Russian military amassed across the Ukrainian border.

Security

Security Data breaches Ransomware Military

US govt is hunting a Chinese malware that can interfere with its military operations

Security Affairs

AUGUST 1, 2023

The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict. The US newspaper refers to the malware as a “ticking time bomb” that could be activated to disrupt the military. ” states The New York Times. ” states The New York Times.

Military

Military IT Communications Government

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Our military systems are vulnerable. We need to face that reality by halting the purchase of insecure weapons and support systems and by incorporating the realities of offensive cyberattacks into our military planning. Over the past decade, militaries have established cyber commands and developed cyberwar doctrine.

Military

Military Cybersecurity Communications Manufacturing

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. We also found 14 organisations providing a significant update on a previously disclosed incident. Organisation(s) Sector Location Data breached? TB Paysign, Inc.

Data Privacy

Data Privacy Privacy Security Data breaches

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. ” So it’s not surprising that this recording coincided with another major security event. .” Now, our government.

IT

IT Manufacturing Government Paper

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. ” So it’s not surprising that this recording coincided with another major security event. .” Now, our government.

IT

IT Manufacturing Government Paper

DJI drone tracking data exposed in the US

Security Affairs

OCTOBER 14, 2022

Over 80,000 drone IDs were exposed in the leak of a database containing information from airspace monitoring devices manufactured by DJI. Used by the military, businesses, and consumers, drones are “fundamentally changing aviation.” Original post at CyberNews: [link]. The surveillance race.

Military

Military Manufacturing Marketing Risk

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 3, 2024

Private Plane Owners’ Data Linked to LA Intl.

Security

Security Ransomware Retail Artificial Intelligence

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

Today Merit supplies IT infrastructure to schools, universities, government and other entities across the state. Meanwhile, Pinckney’s Darga has taken the initiative to spearhead efforts to cater to military veterans and to disabled individuals, as well, particularly persons with autism.

Cybersecurity

Cybersecurity Systems administration Military Manufacturing

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

The development of the deadly cyber weapon started under the administration of George Bush Junior as part of a military operation named “ Olympic Games ”, but the Obama administration has been pushing a more energetic on the offensive program. The Olympic Games operation was carried out by a joint U. intelligence.

Military

Military Manufacturing Access Security

GUEST POST: How China’s updated digital plans impacts U.S. security and diplomacy

The Last Watchdog

SEPTEMBER 7, 2021

Strategic investments made on behalf of the Chinese government to the technology industry, in the form of annual 7% increases and billion-dollar loans, will move China closer to their goals of technological independence and global influence. Those providers will be discussed in detail in the following blog.

Security

Security Government Military Marketing

Russian APT29 conducts phishing attacks through Microsoft Teams

Security Affairs

AUGUST 3, 2023

Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks. Below is the step-by-step attack chain: The attackers send a Microsoft Teams message request to the victim, the message is sent from an external user masquerading as a technical support or security team.

Phishing

Phishing Authentication Military Government

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Webinars

Trending Sources

Russian military plans to replace Windows with Astra Linux

Webinars

The German BSI agency recommends replacing Kaspersky antivirus software

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

US indicted 4 Russian government employees for attacks on critical infrastructure

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Defense contractor Belcan leaks admin password with a list of flaws

China-linked APT Curious Gorge targeted Russian govt agencies

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

FBI chief says China is preparing to attack US critical infrastructure

Researchers found alleged sensitive documents of NATO and Turkey

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

France will not ban Huawei from its upcoming 5G networks

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

The US Gov is testing high-altitude balloons for surveillance

Feel Good Ukraine Tractor Story Highlights Ag Cyber Risk

Japan suspects HGV missile data leak in Mitsubishi security breach

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Researchers warn of a surge in cyber attacks against Microsoft Exchange

MICROCHIPS Act aims at improving tech supply chain

Qbot uses a new email collector module in the latest campaign

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

Vladimir Putin ‘s computers still run Windows XP, Media reports

Weekly podcast: TSB, hotel locks and NATO exercise

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Weekly podcast: 2018 end-of-year roundup

2022 Cyber Security Review of the Year

US govt is hunting a Chinese malware that can interfere with its military operations

Vulnerabilities in Weapons Systems

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

DJI drone tracking data exposed in the US

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

GUEST POST: How China’s updated digital plans impacts U.S. security and diplomacy

Russian APT29 conducts phishing attacks through Microsoft Teams

Stay Connected