Russian military plans to replace Windows with Astra Linux

Security Affairs

The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux. Astra Linux is a Debian-based distro developed in Russia by the Scientific/Manufacturing Enterprise Rusbitech RusBITech about ten years ago. The post Russian military plans to replace Windows with Astra Linux appeared first on Security Affairs.

From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military

The Security Ledger

government: selling Chinese manufactured cameras and other gear to the U.S. Military, the Department of Energy and other government agencies that it claimed were "Made in the U.S.A". A complaint unsealed by the Department of Justice on Thursday alleges a New York firm engineered a years-long scheme to deceive the U.S. Related Stories DoJ Charges Huawei Execs in Broad Indictment Spanning 10 Years of Criminal Activity Episode 165: Oh, Canada!

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Vulnerabilities in Weapons Systems

Schneier on Security

Our military systems are vulnerable. We need to face that reality by halting the purchase of insecure weapons and support systems and by incorporating the realities of offensive cyberattacks into our military planning.

Captured on Film: Armistice Day 1918

Unwritten Record

More than 350,00 African Americans served in segregated units in the United States military during World War I. “Our Wings of Victory,” the Manufacture of Military Aeroplanes During WWI. African American History Digitization Films Military Motion Pictures U.S. This Veterans Day , November 11th, is the 100th anniversary of the armistice of World War I.

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Security Affairs

The MoD is offering a salary of £33k to “work alongside some of the best scientists and engineers within defence and will be tasked with delivering prototype solutions directly to the soldiers and officers of a unique and specialized military unit.”

McAfee Finds Years-Long Attack by Chinese-Linked APT Groups

eSecurity Planet

The exfiltrated data would have either been part of an intellectual property theft for economic purposes and/or would have provided insights that would be beneficial in case of military interventions.

New European Union Dual-Use Regulation Enters Into Force

Data Matters

Dual-use items are sensitive goods, services, software, and technology that can be used for both civil and military purposes. military end uses in an embargoed country (so called ‘military end use’).

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

“For example, UNC2529 used a unique username, masquerading as an account executive for a small California-based electronics manufacturing company, which Mandiant identified through a simple Internet search.”

Sweden bans Huawei and ZTE from building its 5G infrastructure

Security Affairs

The decision is the result of assessments made by the Swedish military and security service. Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei.

IT 106

GUEST POST: How China’s updated digital plans impacts U.S. security and diplomacy

The Last Watchdog

President Xi also stated that China should “use existing global dependencies (on China) as a counterweight to pressures to shift manufacturing out of China” and to “use the pull of China’s markets to attract global resources and deepen global dependence on China”. Nations such as Jamaica in the Caribbean region have been targeted by China’s government through donations of security equipment to military and police forces.

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. The huge trove of data includes sensitive documents related to military equipment designed by Lockheed-Martin (i.e.

Supply-Chain Security

Schneier on Security

Earlier this month, the Pentagon stopped selling phones made by the Chinese companies ZTE and Huawei on military bases because they might be used to spy on their users. We have to trust the country where the software is written -- and the countries where all the components are manufactured. Pretty much every US technology company manufactures its hardware in countries such as Malaysia, Indonesia, China and Taiwan. They just can't buy them on US military bases.

Adding Backdoors at the Chip Level

Schneier on Security

Interesting research into undetectably adding backdoors into computer chips during manufacture: " Stealthy dopant-level hardware Trojans: extended version ," also available here : Abstract: In recent years, hardware Trojans have drawn the attention of governments and industry as well as the scientific community.

China passes the Personal Information Protection Law

Data Protection Report

China passed its Personal Information Protection Law (PIPL) on 20 August 2021. The new law will take effect from 1 November 2021 allowing companies just over 2 months to prepare themselves. The full text has not been made public yet.

Australia banned Huawei from 5G network due to security concerns

Security Affairs

The US was the first country that warned of the security risks associated with the usage of the products manufactured by the Chinese telecommunications giant. In May, the Pentagon ordered retail outlets on US military bases to stop selling Huawei and ZTE products due to unacceptable security risk they pose. Chinese-owned telecommunications firm Huawei has been banned from Australia’s 5G network due to security concerns.

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

The two malware were used to spy on personnel linked to Pakistan’s military, nuclear authorities, and Indian election officials in Kashmir. Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius.

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. This could be in high security areas, relating to the government or military, or you might be in different countries, where secure Internet connections are not available. DataLocker actually got traction, early on, selling to the military.

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

“The suspected leak involves sensitive information about a prototype of a cutting-edge high speed gliding missile intended for deployment for the defense of Japan’s remote islands amid China’s military assertiveness in the region.”

France will not ban Huawei from its upcoming 5G networks

Security Affairs

Anyway, the French government will not allow the Chinese giant to provide equipment that will be used in protect military bases, nuclear installations and other sensitive and critical infrastructures.

IT 110

BIS Issues Long-Awaited Notice on Controls on Foundational Technologies, Adds New Entities to Entity List

Data Matters

businesses involved in the production, design, testing, manufacturing, fabrication, or development of “critical technologies,” even when such investments do not give the foreign investor control over the U.S. 4) The Foundational Technologies ANPRM signals potential expansion of controls on items currently subject to military end-use and end-user restrictions. The U.S.

The US Gov is testing high-altitude balloons for surveillance

Security Affairs

The US government is testing high-altitude balloons manufactured by Sierra Nevada to conduct surveillance over American soil. The high-altitude balloons are manufactured by Sierra Nevada Corporation, they will cover a large area in the United States’ Midwest. “The US military is conducting wide-area surveillance tests across six midwest states using experimental high-altitude balloons, documents filed with the Federal Communications Commission (FCC) reveal.”

Airbus suppliers were hit by four major attack in the last 12 months

Security Affairs

“The group has long been considered a tempting target because of the cutting-edge technologies that have made it one of the world’s biggest commercial plane manufacturers, as well as a strategic military supplier.” ” Early 2019, the European airplane manufacturer Airbus announced to have suffered a data breach, hackers broke into the company “Commercial Aircraft business” information systems and gained access to some of its employees’ personal information.

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

Touhill “Adversaries should remember that our military doctrine identifies cyber as one of our combined arms capabilities,” says Greg Touhill, president of AppGate Federal Group , a Florida-based supplier of software perimeter security systems. “To

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

The Last Watchdog

That May 10th air strike by the Israel Defense Force marked the first use of military force in direct retaliation for cyber spying. This comes as no surprise to anyone in the military or intelligence communities. Russia explicitly recruits folks already engaged in criminal activities, and once recruited, they are contracted and connected to military organizations for direction and oversight,” Bort told me.

Swedish court suspended the ban on Huawei equipment

Security Affairs

The decision is the result of assessments made by the Swedish military and security service. Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei.

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Researchers warn of a surge in cyber attacks against Microsoft Exchange servers exploiting the recently disclosed ProxyLogon vulnerabilities.

Dutch expelled two Russian spies over hack plan on Swiss lab working on Skripal case

Security Affairs

According to Dutch-based NRC newspaper and Swiss daily Tages-Anzeiger, Dutch intelligence services arrested two alleged Russian spies working for Russia’s GRU military intelligence service on suspicion of planning to hack the Spiez laboratory near Bern. “The two were detained “early this year” by Dutch military intelligence (MIVD) working together with several other countries, and then expelled from the Netherlands, the newspapers reported.”

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Security Affairs

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%).

Archives*RM Testimonial #5

The Schedule

There are now over 300 tenant businesses in the sectors of manufacturing, design, and art. This testimonial about the intersections of archives and records management comes from Elizabeth McGorty, Archivist & Records Manager for Brooklyn Navy Yard Development Corporation.

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. But don’t be fooled by that number – it comes from 106 incidents, which is roughly average for the year.

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities.

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector.

Security Affairs newsletter Round 264

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

The Last Watchdog

I have a Yahoo email account, I’ve shopped at Home Depot and Target , my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management , I’ve had insurance coverage from Premera Blue Cross and I’ve stayed at the Marriott Marquis in San Francisco. Related: Uber hack shows DevOps risk.

It is time to re-evaluate Cyber-defence solutions

Security Affairs

The Brazilian aerospace giant Embrarer manufactures commercial, executive and military aircraft and are the world’s third largest aircraft manufacturer after Boeing and Airbus.

Qbot uses a new email collector module in the latest campaign

Security Affairs

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. .

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

IT Governance

There were a massive 99 data breaches and cyber attacks in August, making it the third-biggest monthly total of the year by number of security incidents. But, by contrast, only 36,673,575 records were confirmed to have been leaked, which is the fewest we’ve recorded since May 2018.

Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk

The Security Ledger

» Related Stories From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military Episode 165: Oh, Canada! That decision followed years of warnings from security professionals about security vulnerabilities, back door accounts and suspicious patterns of behavior from cameras and other technology manufactured in the People Republic of China.

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

” The Jiangsu Province Ministry of State Security (JSSD) is a foreign intelligence unit that is coordinated by China’s Ministry of State Security (MSS), the agency that is tasked for non-military foreign intelligence and domestic counterintelligence operations. The turbofan engine was manufactured by a French aerospace company, which also had offices in the Jiangsu province with a U.S.-based According to the U.S.

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

DLA Piper Privacy Matters

The Draft Provisions apply across the industry, not just to vehicle designers and manufacturers, but also parts and software providers, dealers, maintenance and repair agencies, online car hailing organisations and insurance companies. Authors: Carolyn Bigg , Venus Cheung and Fangfang Song.