APT Group Targeting Military Refines Its Tactics

Data Breach Today

Spear-Phishing Campaign Uses Military-Themed Documents

Data Breach Today

Cisco Talos Researchers Find Hackers Using New Dropper Called IndigoDrop A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos. The analysts also found this campaign is using a previously unknown dropper called IndigoDrop to spread a weaponized version of Cobalt Strike

Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government

Threatpost

Government Malware Vulnerabilities apt crimson RAT Cyberattacks cyberespionage data theft military targets Spear Phishing spy campaign transparent tribe usbwormThe group has added a management console and a USB worming function to its main malware, Crimson RAT.

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. military against foreign targets, Barr said the DOJ did so in this case because the accused “indiscriminately” targeted American civilians on a massive scale. The U.S.

Australia Took Military System Offline Over Hack Fears

Data Breach Today

Defense Department Says No Data Was Compromised Australia reportedly took a sensitive military recruiting database offline for 10 days in February following concerns it may have been compromised. The Defense Department says there's no evidence data was stolen

NATO military command center should be fully operational in 2023

Security Affairs

The NATO military command center should be fully operational in 2023, every member states will contribute with its cyber capabilities to the military hub. NATO alliance is aware of growing threats in the cyberspace and the new NATO military command center aims to respond them.

LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware

Threatpost

A recent malware campaign targeted victims at European and Middle East aerospace and military companies - via LinkedIn spear-phishing messages. Hacks Web Security aerospace espionage LinkedIn Middle East Military operation in(ter)ception Spear Phishing

China's Military Behind 2017 Equifax Breach: DoJ

Dark Reading

Four members of China's People Liberation Army hacked the information broker, leading to the theft of sensitive data on approximately 145 million citizens

DOJ: Company Sold Gear With Security Flaws to US Military

Data Breach Today

military and other agencies for a decade and passing the gear off as American made Prosecutors Allege Firm Sold Chinese Surveillance Tech That Contained Vulnerabilities Federal prosecutors have charged a Long Island company, along with seven of its employees, with selling vulnerability-laden Chinese technology to the U.S.

Unsecure Database Exposed US Military Personnel Data: Report

Data Breach Today

military and other government personnel, according to a new report from two independent security researchers Exposed Database Owned by AutoClerk Hotel Reservation Management System An unsecure database belonging to a company that provides hotel reservation management technology exposed about 179 GB of customer data, including travel arrangements and other data for U.S.

How Military Tactics Apply to Cybersecurity

eSecurity Planet

Former West Point professor Greg Conti explains how military doctrines apply to cyber security, and what lessons enterprises can learn from that

Gamaredon APT Improves Toolset to Target Ukraine Government, Military

Threatpost

Vitali Kremez, head of SentinelLabs, said in research released on Wednesday that he has been tracking an uptick in Gamaredon cyberattacks on Ukrainian military and security institutions that started in […].

Locating Secret Military Bases via Fitness Data

Schneier on Security

Over this weekend, someone realized that it could be used to locate secret military bases: just look for repeated fitness activity in the middle of nowhere. datacollection geolocation military secrecyIn November, the company Strava released an anonymous data-visualization map showing all the fitness activity by everyone using the app.

Report Outlines Military Health Facility Security Weaknesses

Data Breach Today

Watchdog Agency: Problems Put Patient Data at Risk Some military health facilities haven't consistently implemented security controls, putting patient data at risk, according to a new watchdog agency report. But security experts say the weaknesses are quite common at civilian health facilities as well

UK printing company Doxzoo exposed US and UK military docs

Security Affairs

UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military. “There are potentially over 100,000 users affected by this data leak, with implications not only for copyright violations, but also American and British military data exposure.” Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.

Military Carrier Pigeons in the Era of Electronic Warfare

Schneier on Security

camouflage espionage militaryThey have advantages : Pigeons are certainly no substitute for drones, but they provide a low-visibility option to relay information. Considering the storage capacity of microSD memory cards, a pigeon's organic characteristics provide front line forces a relatively clandestine mean to transport gigabytes of video, voice, or still imagery and documentation over considerable distance with zero electromagnetic emissions or obvious detectability to radar.

Chinese Military Wants to Develop Custom OS

Schneier on Security

Citing security concerns, the Chinese military wants to replace Windows with its own custom operating system : Thanks to the Snowden, Shadow Brokers, and Vault7 leaks, Beijing officials are well aware of the US' hefty arsenal of hacking tools, available for anything from smart TVs to Linux servers, and from routers to common desktop operating systems, such as Windows and Mac.

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. “It is unclear if the documents stolen by the criminals include military classified information, but files which have already been leaked online suggest the hackers had access to extremely sensitive data, including payroll and emails.”

African American Women in the Military During WWII

Unwritten Record

For some great background information, be sure to visit our previous blog – Their War Too: Women in the Military During WWII. American citizens surged to enlist in all branches of the US Military and women wanted to serve their country too. Not only did black women face the hardship of discrimination outside of the military, but faced segregation within. The Black Press Pool helped monitor and speak out against discrimination in the military, including within the WAACs.

Germany and the Netherlands agreded to build TEN, the first ever joint military internet

Security Affairs

The governments of Germany and The Netherlands agreed to build the first-ever joint military Internet, so-called TEN (Tactical Edge Networking). Government officials from Germany and the Netherlands signed an agreement for the building of the first-ever joint military Internet, so-called TEN (Tactical Edge Networking). “The name of this new Dutch-German military internet is the Tactical Edge Networking, or TEN, for short.” SecurityAffairs – TEN, military).

Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran

Security Affairs

The media reported a fire at the Natanz nuclear enrichment site and an explosion at the Parchin military complex near Tehran, the latter is suspected to be a government center for the production of missiles.

The Police's Military Tactics Turn Peaceful Protests Violent

WIRED Threat Level

Research shows that calm and negotiation, not excessive force, reduces damage. So why are officers still turning to tear gas? Security Security / National Security

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Security Affairs

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. The post Chinese APT CactusPete targets military and financial orgs in Eastern Europe appeared first on Security Affairs.

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. The post A new piece of Ryuk Stealer targets government, military and finance sectors appeared first on Security Affairs.

Apply Military Strategy to Cybersecurity at Black Hat Trainings Virginia

Dark Reading

This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to military strategy for cybersecurity

Russian military plans to replace Windows with Astra Linux

Security Affairs

The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux. The post Russian military plans to replace Windows with Astra Linux appeared first on Security Affairs. The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux.

Opinion: Don't Let a Tech Slowdown Threaten Our Military

WIRED Threat Level

The right software and digital engineering can take military aircraft back to the future. Security Security / National Security Opinion

Military justice

InfoGovNuggets

A Brigadier General in charge defending the accused at Guantanamo was arrested on the order of a military judge. Do military judges have more power than either they think they have or that they should? A new oxymoron. The General’s crime: allowing other civilian defense attorneys to resign after it was discovered the Government had bugged the room where the attorneys met with their clients. “Gitmo General Is Released,” The Wall Street Journal , November 4, 2017 A5.

Program Looks to Tap Military Vets for Cyber-Jobs

Threatpost

Government Cisco cybersecurity workforce cybervets usa job training Maryland military veterans netapp public private partnership shortage skills gap transitionThe training and job-matching effort is a public-private partnership to address a growing workforce gap.

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

“The data Our team viewed highly sensitive data exposing the personal details of government and military personnel, and their travel arrangements to locations around the world, both past and future.” The list of affected users includes the US government, military, and Department of Homeland Security (DHS). . One of the platforms exposed in the database was a contractor of the US government, military, and DHS.

Their War Too: U.S. Women in the Military During WWII. Part I

Unwritten Record

This year, we are focusing on the role women played in the United States Military during World War II in a two-part blog post. They were recruited for service in the United States military for the first time. They served in each branch of the military in separate units. Another group of women served the military but were not recognized as service members during the war. She and several WASP members fought to have their contributions recognized as military service.

U.S. Military Members Catfished and Hooked for Thousands of Dollars

Threatpost

MilitaryPrisoners in South Carolina posed convincingly as beautiful women on social media platforms. Mobile Security Web Security catfish enforcement action ncis prisoners sextortion scam South Carolina U.S.

Machete cyber-espionage group targets Latin America military

Security Affairs

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. The group has been active since 2010 and hit military organizations and other high-profile targets worldwide.

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Security Affairs

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The four members of the Chinese military unit are Wu Zhiyong (???), were members of the PLA’s 54 th Research Institute, a component of the Chinese military.

Malware Linked to Ryuk Targets Financial & Military Data

Dark Reading

A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information

Global Crime Ring Bilks U.S. Military Members, Vets Out of Millions

Threatpost

Military veterans veterans affairsAn elaborate fraudster ring stole PII then allegedly used DoD and VA benefits portals to steal payments and funds from bank accounts. Government Hacks Privacy Web Security Bank Accounts benefits portals Department of Justice Fraud global crime ring ID theft Money Laundering theft U.S.

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Security Affairs

Chinese threat actors, tracked as Tropic Trooper and KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines. Chinese APT group Tropic Trooper, aka KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines, Trend Micro researchers reported. The threat actor targeted government offices, military, healthcare, transportation, and high-tech industries in Taiwan , the Philippines, and Hong Kong.

Strava Data Heat Maps Expose Military Base Locations Around the World

WIRED Threat Level

The US military is reexamining security policies after fitness tracker data shared on social media revealed bases and patrol routes. Security

Polar Fitness App Exposes Location of ‘Spies’ and Military Personnel

Threatpost

The fitness app Polar Flow exposes the whereabouts of some of its high-profile users, including “spies” and those with sensitive positions in the military. Hacks Mobile Security Privacy Fitness tracker geolocation data IoT military personnel polar polar fitness Polar Flow spies

Report: Chinese Hackers Siphon Off ‘Massive’ Amounts of Undersea Military Data

Threatpost

Critical Infrastructure Cryptography Featured Government Hacks China espionage Hackers military contractor military secrets navy sea dragon submarines underseaThe stolen data included "secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020," American officials said.