Military Cryptanalytics, Part III

Schneier on Security

The NSA has just declassified and released a redacted version of Military Cryptanalytics , Part III, by Lambros D. Uncategorized cryptanalysis FOIA history of cryptography military NSA

APT Group Targeting Military Refines Its Tactics

Data Breach Today

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The US Military Buys Commercial Location Data

Schneier on Security

Vice has a long article about how the US military buys commercial location data worldwide. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned.

Spear-Phishing Campaign Uses Military-Themed Documents

Data Breach Today

Cisco Talos Researchers Find Hackers Using New Dropper Called IndigoDrop A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos. The analysts also found this campaign is using a previously unknown dropper called IndigoDrop to spread a weaponized version of Cobalt Strike

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. Attorney General Bill Barr said at a press conference today that the Justice Department doesn’t normally charge members of another country’s military with crimes (this is only the second time the agency has indicted Chinese military hackers). The U.S.

Australia Took Military System Offline Over Hack Fears

Data Breach Today

Defense Department Says No Data Was Compromised Australia reportedly took a sensitive military recruiting database offline for 10 days in February following concerns it may have been compromised. The Defense Department says there's no evidence data was stolen

NATO military command center should be fully operational in 2023

Security Affairs

The NATO military command center should be fully operational in 2023, every member states will contribute with its cyber capabilities to the military hub. The new NATO military command center should be fully operational in 2023, among its tasks the defense of the critical infrastructure of member states and the ability to carry out cyber attacks according to rules of engagement still to be defined. 31 at its military hub in Belgium.

Military, Nuclear Entities Under Target By Novel Android Malware

Threatpost

The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation. Hacks Malware Vulnerabilities

How Military Tactics Apply to Cybersecurity

eSecurity Planet

Former West Point professor Greg Conti explains how military doctrines apply to cyber security, and what lessons enterprises can learn from that

DOJ: Company Sold Gear With Security Flaws to US Military

Data Breach Today

military and other agencies for a decade and passing the gear off as American made Prosecutors Allege Firm Sold Chinese Surveillance Tech That Contained Vulnerabilities Federal prosecutors have charged a Long Island company, along with seven of its employees, with selling vulnerability-laden Chinese technology to the U.S.

Facebook Ad Services Let Anyone Target US Military Personnel

WIRED Threat Level

Researchers warn that an advertising platform with categories like “Army” and “United States Air Force Security Sources” could be abused. Security Security / Security News

Unsecure Database Exposed US Military Personnel Data: Report

Data Breach Today

military and other government personnel, according to a new report from two independent security researchers Exposed Database Owned by AutoClerk Hotel Reservation Management System An unsecure database belonging to a company that provides hotel reservation management technology exposed about 179 GB of customer data, including travel arrangements and other data for U.S.

Locating Secret Military Bases via Fitness Data

Schneier on Security

Over this weekend, someone realized that it could be used to locate secret military bases: just look for repeated fitness activity in the middle of nowhere. datacollection geolocation military secrecyIn November, the company Strava released an anonymous data-visualization map showing all the fitness activity by everyone using the app.

Report Outlines Military Health Facility Security Weaknesses

Data Breach Today

Watchdog Agency: Problems Put Patient Data at Risk Some military health facilities haven't consistently implemented security controls, putting patient data at risk, according to a new watchdog agency report. But security experts say the weaknesses are quite common at civilian health facilities as well

LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware

Threatpost

A recent malware campaign targeted victims at European and Middle East aerospace and military companies - via LinkedIn spear-phishing messages. Hacks Web Security aerospace espionage LinkedIn Middle East Military operation in(ter)ception Spear Phishing

UK printing company Doxzoo exposed US and UK military docs

Security Affairs

UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military. “There are potentially over 100,000 users affected by this data leak, with implications not only for copyright violations, but also American and British military data exposure.” Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.

How the US Military Can Better Keep Hackers

Schneier on Security

Interesting commentary : The military is an impossible place for hackers thanks to antiquated career management, forced time away from technical positions, lack of mission, non-technical mid- and senior-level leadership, and staggering pay gaps, among other issues. The model the author uses is military doctors. cybersecurity hacking military

Military Carrier Pigeons in the Era of Electronic Warfare

Schneier on Security

camouflage espionage militaryThey have advantages : Pigeons are certainly no substitute for drones, but they provide a low-visibility option to relay information. Considering the storage capacity of microSD memory cards, a pigeon's organic characteristics provide front line forces a relatively clandestine mean to transport gigabytes of video, voice, or still imagery and documentation over considerable distance with zero electromagnetic emissions or obvious detectability to radar.

Germany and the Netherlands agreded to build TEN, the first ever joint military internet

Security Affairs

The governments of Germany and The Netherlands agreed to build the first-ever joint military Internet, so-called TEN (Tactical Edge Networking). Government officials from Germany and the Netherlands signed an agreement for the building of the first-ever joint military Internet, so-called TEN (Tactical Edge Networking). “The name of this new Dutch-German military internet is the Tactical Edge Networking, or TEN, for short.” SecurityAffairs – TEN, military).

African American Women in the Military During WWII

Unwritten Record

For some great background information, be sure to visit our previous blog – Their War Too: Women in the Military During WWII. American citizens surged to enlist in all branches of the US Military and women wanted to serve their country too. Not only did black women face the hardship of discrimination outside of the military, but faced segregation within. The Black Press Pool helped monitor and speak out against discrimination in the military, including within the WAACs.

A Trickbot Assault Shows US Military Hackers' Growing Reach

WIRED Threat Level

Despite the operation's short-term effects, it sets new precedents for the scope of Cyber Command's mission. Security Security / Cyberattacks and Hacks

Chinese Military Wants to Develop Custom OS

Schneier on Security

Citing security concerns, the Chinese military wants to replace Windows with its own custom operating system : Thanks to the Snowden, Shadow Brokers, and Vault7 leaks, Beijing officials are well aware of the US' hefty arsenal of hacking tools, available for anything from smart TVs to Linux servers, and from routers to common desktop operating systems, such as Windows and Mac.

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. “It is unclear if the documents stolen by the criminals include military classified information, but files which have already been leaked online suggest the hackers had access to extremely sensitive data, including payroll and emails.”

China's Military Behind 2017 Equifax Breach: DoJ

Dark Reading

Four members of China's People Liberation Army hacked the information broker, leading to the theft of sensitive data on approximately 145 million citizens

Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns

Dark Reading

US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks

Apply Military Strategy to Cybersecurity at Black Hat Trainings Virginia

Dark Reading

This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to military strategy for cybersecurity

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

Security Affairs

The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. The post EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack appeared first on Security Affairs.

Gamaredon APT Improves Toolset to Target Ukraine Government, Military

Threatpost

Vitali Kremez, head of SentinelLabs, said in research released on Wednesday that he has been tracking an uptick in Gamaredon cyberattacks on Ukrainian military and security institutions that started in […]. Government Malware analysis apt gamaredon malware implant Microsoft.Vbe.Interop military targets national security russia sentinelabs ukraine

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Security Affairs

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. The post Chinese APT CactusPete targets military and financial orgs in Eastern Europe appeared first on Security Affairs.

Russian military plans to replace Windows with Astra Linux

Security Affairs

The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux. The post Russian military plans to replace Windows with Astra Linux appeared first on Security Affairs. The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux.

Machete cyber-espionage group targets Latin America military

Security Affairs

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. The group has been active since 2010 and hit military organizations and other high-profile targets worldwide.

Military justice

InfoGovNuggets

A Brigadier General in charge defending the accused at Guantanamo was arrested on the order of a military judge. Do military judges have more power than either they think they have or that they should? A new oxymoron. The General’s crime: allowing other civilian defense attorneys to resign after it was discovered the Government had bugged the room where the attorneys met with their clients. “Gitmo General Is Released,” The Wall Street Journal , November 4, 2017 A5.

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

“The data Our team viewed highly sensitive data exposing the personal details of government and military personnel, and their travel arrangements to locations around the world, both past and future.” The list of affected users includes the US government, military, and Department of Homeland Security (DHS). . One of the platforms exposed in the database was a contractor of the US government, military, and DHS.

The Police's Military Tactics Turn Peaceful Protests Violent

WIRED Threat Level

Research shows that calm and negotiation, not excessive force, reduces damage. So why are officers still turning to tear gas? Security Security / National Security

Program Looks to Tap Military Vets for Cyber-Jobs

Threatpost

Government Cisco cybersecurity workforce cybervets usa job training Maryland military veterans netapp public private partnership shortage skills gap transitionThe training and job-matching effort is a public-private partnership to address a growing workforce gap.

Their War Too: U.S. Women in the Military During WWII. Part I

Unwritten Record

This year, we are focusing on the role women played in the United States Military during World War II in a two-part blog post. They were recruited for service in the United States military for the first time. They served in each branch of the military in separate units. Another group of women served the military but were not recognized as service members during the war. She and several WASP members fought to have their contributions recognized as military service.

Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran

Security Affairs

The media reported a fire at the Natanz nuclear enrichment site and an explosion at the Parchin military complex near Tehran, the latter is suspected to be a government center for the production of missiles. The Iranian government is attempting to downplay the incidents, government officials declared that the explosion at the Parchin military complex was caused by a gas leak while the fire at the Natanz plant only impacted a warehouse that was under construction.

Opinion: Don't Let a Tech Slowdown Threaten Our Military

WIRED Threat Level

The right software and digital engineering can take military aircraft back to the future. Security Security / National Security Opinion

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. Security experts from MalwareHunterTeam have discovered a new version of the Ryuk Stealer malware that has been enhanced to allow its operators to steal a greater amount of confidential files related to the military, government, financial statements, and banking.

U.S. Military Members Catfished and Hooked for Thousands of Dollars

Threatpost

MilitaryPrisoners in South Carolina posed convincingly as beautiful women on social media platforms. Mobile Security Web Security catfish enforcement action ncis prisoners sextortion scam South Carolina U.S.