U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. military against foreign targets, Barr said the DOJ did so in this case because the accused “indiscriminately” targeted American civilians on a massive scale. The U.S.

Nation-State Spear Phishing Attacks Remain Alive and Well

Data Breach Today

Russians Tied to Hack Attacks, But 'Two-Factor' No Silver Bullet, Google Warns Spear phishing attacks are in the news again following the Justice Department's indictment of Russian military intelligence officers for alleged attacks against U.S. Here's how to play better phishing defense

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: Let’s not lose sight of why Iran is pushing back with military, cyber strikes

The Last Watchdog

cybersecurity vendors CrowdStrike and FireEye point to Iran-backed hacking collectives targeting US government agencies, as well as finance and energy companies with spear-phishing emails. companies about increased cyber-activity from Iranian hackers, and urged them to take proactive steps to detect and deter data-wiping malware, credential stuffing attacks, password spraying and spear-phishing.

Russia Linked Group Resurfaces With Large-Scale Phishing Campaign

Dark Reading

APT29/Cozy Bear is targeting individuals in military, government, and other sectors via email purporting to be from US State Department

Catches of the month: Phishing scams for February 2020

IT Governance

We’re back for our second ‘catches of the month’ feature of the new decade, where we review recent phishing attacks and help you understand the threat of cyber crime. This month, we look at a school district that was scammed out of millions of dollars thanks to a phony invoice, an attack allegedly tied to the 2020 US presidential election, and a report that found that the number of phishing attacks being disclosed in the UK is on the rise. million in phishing scam.

US Air Force Veteran Charged in Iran Hacking Scheme

Data Breach Today

Monica Witt Allegedly Aided Spear-Phishing Attacks Against US Military A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents.

Phishing: The simple attack that shreds the defenses of sensitive networks

Information Management Resources

Diplomatic networks carry some of the world’s most sensitive information: communications between world leaders, key technical intellectual property, trade strategies and military plans. Data security Cyber security Cyber attacks

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement.

LUCKY ELEPHANT campaign targets South Asian governments

Security Affairs

The campaign was discovered in early March 2019, threat actors behind the LUCKY ELEPHANT campaign use doppelganger webpages to mimic legitimate entities such as foreign governments, telecommunications, and military.

DHS – Russian APT groups are inside US critical infrastructure

Security Affairs

Russians APT Groups carried out spear-phishing attacks against utilities’ equipment vendors and sub subtractors to gather intelligence and collect information to penetrate the infrastructure.

Suit against Estée Lauder spotlights 401k Distribution Fraud

The Security Ledger

ZestAI’s Quest to make Artificial Intelligence Explainable Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military.

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

” The Jiangsu Province Ministry of State Security (JSSD) is a foreign intelligence unit that is coordinated by China’s Ministry of State Security (MSS), the agency that is tasked for non-military foreign intelligence and domestic counterintelligence operations. According to the U.S.

MY TAKE: Why we should all now focus on restoring stability to US-Iran relations

The Last Watchdog

27 rocket attack on a military base in northern Iraq killed an American contractor and a number of service members. President Trump then retaliated by ordering a drone strike that killed a top Iranian military leader, Gen. As tensions escalate between the U.S.

NATO will send a counter-hybrid team to Montenegro to face Russia’s threat

Security Affairs

The Chairman of the NATO Military Committee announced that the alliance has sent a counter-hybrid team to Montenegro to face Russian hybrid attacks. United States Army General Mark Milley, the highest military officer and military adviser to the President, Minister of Defence and U.S.

Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma?

Security Affairs

The Russian cyberspie s , operating under Russia’s GRU military intelligence agency (aka Fancy Bear ) carried out a spear-phishing campaign in November aimed at accessing the email of Burisma Holdings employees.

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Military targets in Europe.

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors.

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Hackers are launching spear-phishing attacks in the attempt of stealing employee credentials and deliver malware.

Russian APT groups target European governments ahead of May Elections

Security Affairs

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America. FireEye revealed that the two Russia-linked APT groups carried out spear-phishing attacks to trick victims into revealing government information and credentials.

A new Fancy Bear backdoor used to target political targets

Security Affairs

The Fancy Bear APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” The threat actors used phishing messages containing a malicious attachment that launches a long chain of downloaders , ending with a backdoor.

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

Adam Levin

drone attack that killed Iranian military commander Qassem Suleimani. Immediately following Iran’s counterstrike against American military posts in Iraq, a tweet circulated claiming that more than 20 American soldiers had been killed. More Phishing Attacks.

Russian APT28 espionage group targets democratic Senator Claire McCaskill

Security Affairs

The Russian APT group tracked as Fancy Bear (aka APT28 , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ), that operated under the Russian military agency GRU, continues to target US politicians.

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Security Affairs

” The attackers used spear-phishing messages sent to government officials, they posed as a journalist, an individual from a trade publication, or individuals from a relevant military organization or non-governmental organization (NGO).

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace. Phishing remains one of the key methods used by criminals to steal bank card data.

Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

Security Affairs

The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent wave of attacks aimed at many important US entities, such as military agencies, law enforcement, defense contractors , media companies and pharmaceutical companies.

The Dangers of Using Unsecured Wi-Fi Networks

Security Affairs

It enables them to access and rake through your emails, target you with specific phishing mails, call you with targeted messages and even capture and exploit your payment card details if you happened to buy something online when using public Wi-Fi. Isn’t public Wi-Fi great?

Recently Cloud Atlas used a new piece of polymorphic malware

Security Affairs

“From the beginning of 2019 until July, we have been able to identify different spear-phishing campaigns related to this threat actor mostly focused on Russia, Central Asia and regions of Ukraine with ongoing military conflicts.”

Cloud 104

Security Affairs newsletter Round 226

Security Affairs

Fraudster stole $870,000 from 2 US universities with spear-phishing mails. Machete cyber-espionage group targets Latin America military. A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs.

Fancy Bear continues to target sporting and anti-doping organizations

Security Affairs

The TTPs used in the most recent attacks are similar to those observed in attacks against governments, militaries, think tanks, law firms, human rights organizations, financial firms and universities around the world.

MY TAKE: Cyber attacks on industrial controls, operational technology have only just begun

The Last Watchdog

And by compromising activities on the IT side, stealing credentials, deploying phishing emails, and infecting websites with drive-by malware, criminals can infiltrate the OT network. Countries with limited military might and financial resources can create a more level battleground for themselves by engaging in cyber battles. It’s unknown how far nation-states will gamble on digital intimidation in the face of military retaliation. “May you live in interesting times.”

Operation Shaheen – Pakistan Air Force members targeted by nation-state attackers

Security Affairs

” As part of Operation Shaheen, White Company hackers targeted members of the Pakistan Air Force with spear-phishing messages that weaponized lure files with names referenced events, government documents, or news articles of interest for the targets (i.e. the Pakistani Air Force, the Pakistani government, and Chinese Military and advisers in Pakistan).

Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29

Security Affairs

The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent wave of attacks aimed at many important US entities, such as military agencies, law enforcement, defense contractors , media companies and pharmaceutical companies.

DHS report – Voting systems in North Carolina county in 2016 were not hacked

Security Affairs

“After voter check-in software failed, federal authorities conducted a forensic analysis of the county’s electronic poll books to see if Russian military hackers who targeted the software provider may have tampered with registration information to disrupt voting.”

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Security Affairs

CENTCOM requisition form for use of military aircraft. A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis.

Security Affairs newsletter Round 237

Security Affairs

Autoclerk travel reservations platform data leak also impacts US Government and military. Spear-phishing attacks target United Nations and NGOs. A new round of the weekly newsletter arrived! The best news of the week with Security Affairs.

Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign

Security Affairs

Gamaredon Group is a Cyber Espionage persistent operation attributed to Russians FSB ( Federal Security Service ) in a long-term military and geo-political confrontation against the Ukrainian government and more in general against the Ukrainian military power. .

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes.

List of data breaches and cyber attack in March 2019 – 2.1 billion records leaked

IT Governance

Chinese hackers target universities in pursuit of maritime military secrets (unknown). California-based Carmel Unified School District warns employees about phishing scam (unknown). Frederick Regional Health System discloses phishing incident affecting hospice patients (unknown).

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

The Last Watchdog

I have a Yahoo email account, I’ve shopped at Home Depot and Target , my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management , I’ve had insurance coverage from Premera Blue Cross and I’ve stayed at the Marriott Marquis in San Francisco. Related: Uber hack shows DevOps risk.

Kaspersky links GreyEnergy and Zebrocy activities

Security Affairs

The Zebrocy malware was used by Russia-linked APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ), that operates under the Russian military agency GRU.