2007, Government and Military - Information Management Today

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

Security Affairs

OCTOBER 22, 2020

The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. The 85th Main Centre for Special Services (GTsSS) is the military unit of the Russian government also tracked as APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ).

Military

Military Government IT Security

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Emerging in 2007 as a banking trojan, QakBot (a.k.a. government has used court orders to remotely disinfect systems compromised with malware.

Ransomware

Ransomware Government Military Access

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Pierluigi Paganini.

Government

Government Military Phishing Access

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

Co-founder Jay took a business trip to South Korea in the fall of 2007. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. LW: Makes sense. and are TAA compliant.

Encryption

Encryption Military Passwords Authentication

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

The compromise of networks associated with Ukraine’s Ministry of Defence and European railway systems could allow attackers to gather intelligence to influence battlefield tactics and broader military strategies. Insikt Group speculates the operation is aimed at influencing regional and military dynamics.

Military

Military Phishing Authentication Government

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

Military

Military File names Education Phishing

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The Government experts pointed out that in some cases the group did not deployed any backdoor in the compromised systems.

Military

Military Government Phishing Authentication

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Our military systems are vulnerable. We need to face that reality by halting the purchase of insecure weapons and support systems and by incorporating the realities of offensive cyberattacks into our military planning. Over the past decade, militaries have established cyber commands and developed cyberwar doctrine.

Military

Military Cybersecurity Communications Manufacturing

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

.” The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military IoT Phishing Government

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Phishing Security

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

OCTOBER 7, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to experts from Symantec, the group is now actively conducting cyber espionage campaigns against government and military organizations in Europe and South America. .”

Military

Military Government Phishing Security

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The Government experts pointed out that in some cases the group did not deployed any backdoor in the compromised systems.

Military

Military Government Access Phishing

Russia-linked APT28 targets govt bodies with fake NATO training docs

Security Affairs

SEPTEMBER 23, 2020

Russia-linked cyberespionage group APT28 uses fake NATO training documents as bait in attacks aimed at government bodies. The Russia-linked cyberespionage group APT28 is behind a string of attacks that targeting government bodies with Zebrocy Delphi malware. ” reads the report published QuoIntelligence.

Military

Military Government Encryption Communications

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . TAG sent a above average batch of government-backed security warnings yesterday. So why do we do these government warnings then? ” Huntley added. “At

Phishing

Phishing Military Government Security

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

The French National Agency for the Security of Information Systems ANSSI (Agence Nationale de la sécurité des systèmes d’information) warns that the Russia-linked APT28 group has been targeting multiple French organizations, including government entities, businesses, universities, and research institutes and think tanks.

Military

Military Phishing Government Security

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The cyberespionage group continues to target members of defense companies, embassies, governments, and the military.

Phishing

Phishing Military Government Passwords

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Zebrocy is mainly used against governments and commercial organizations engaged in foreign affairs.

Phishing

Phishing Healthcare Military Data collection

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Security Affairs

JUNE 28, 2022

Non-state actors include multinational corporations, collectives of hacktivists, non-governmental organizations (NGOs), cybercrime syndicates, private military organizations, media outlets, terrorist groups, labor unions, organized ethnic groups, lobby groups, criminal organizations, private businesses, and others.

Paper

Paper Military Government Security

Mandiant identifies 3 hacktivist groups working in support of Russia

Security Affairs

SEPTEMBER 27, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” Mandiant concludes.

Military

Military Phishing Government Security

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to CERT-UA, this campaign targeted more than 40 Ukrainian organizations, including government entities.

Military

Military Phishing Government Communications

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Garda and military intelligence agencies believe the Russian agents were sent by the military intelligence branch of the Russian armed forces, the GRU. Ireland is a strategic place for intercontinental communications because it represents the place where undersea cables which carry internet traffic connect to Europe. Source [link].

Military

Military Communications Data collection Access

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

In 2007, Salomon collected more than $3,000 from botmasters affiliated with competing spam affiliate programs that wanted to see Spamhaus suffer, and the money was used to fund a week-long distributed denial-of-service (DDoS) attack against Spamhaus and its online infrastructure. federal court tomorrow (Jan. 9, 2024).

Computer and Electronics

Computer and Electronics Passwords Sales Government

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

OCTOBER 14, 2021

The data were provided by Google’s Threat Analysis Group (TAG), which tracks government-backed hacking campaign, which warns of a significant increase in the number of the alert compared to the previous year. Google announced to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021.

Phishing

Phishing Military Government Security

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. Russia-linked APT28 group is targeting Ukrainian government bodies with fake ‘Windows Update’ guides, Computer Emergency Response Team of Ukraine (CERT-UA) warns.

Systems administration

Systems administration Military Phishing Government

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Security Affairs

DECEMBER 3, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Security IT

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

IoT

IoT Military Access Education

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

Security Affairs

OCTOBER 21, 2019

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. ” reported the FT. .

Government

Government Military Security IT

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ , which is a malware that was employed in past campaigns attributed to the Turla APT group.

Communications

Communications Military Encryption Authentication

A new Fancy Bear backdoor used to target political targets

Security Affairs

SEPTEMBER 24, 2019

The Fancy Bear APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. In the recent attacks, the hackers used a new set of malicious payloads, including a backdoor written in a new language. ” reads the analysis published by ESET.

Phishing

Phishing Military Archiving Security

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

In 2004, CIA and Mossad requested help to the the Dutch intelligence to get access to the plant, only in 2007 the mole, who posed as a mechanic working for a front company doing work at Natanz, dropped the virus into the target systems. “[T ” wrote the journalists. The Olympic Games operation was carried out by a joint U.

Military

Military Manufacturing Access Security

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. government institutions, and about 250 Ukrainian victims. ” reads the joint advisory.

Military

Military Access Cybersecurity Education

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security Affairs

SEPTEMBER 27, 2018

Security researchers from ESET have discovered a new piece of a sophisticated malware used by the Russia-linked Sednit group (aka Fancy Bear , APT28 , Pawn Storm , Sofacy Group , and STRONTIUM ) in targeted attacks aimed at government entities in the Balkans as well as in Central and Eastern Europe.

Military

Military Manufacturing Government Security

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Security Affairs

DECEMBER 19, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Researchers at Palo Alto Networks discovered that the Russian-linked Sofacy APT has written a new version of their Zebrocy backdoor using the Go programming language.

Military

Military Data collection Phishing IT

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Security Affairs

JULY 15, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. This malware immediately caught the attention of the expert because it contacts a C2 with the name “ marina-info.net ” a clear reference to the Italian Military corp, Marina Militare.

Military

Military Communications IT Government

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Security Affairs

AUGUST 23, 2018

Turla is the name of a Russian cyber espionage APT group (also known as Waterbug, Venomous Bear and KRYPTON) that has been active since at least 2007 targeting government organizations and private businesses. The new analysis revealed a list of high-profile victims that was previously unknown.

Metadata

Metadata Military Libraries Access

Maps as Storytellers: (Map of) Falmouth Neck, as it was When Destroyed by Mowatt, October 18th, 1775

Unwritten Record

FEBRUARY 1, 2022

“Falmouth Neck as it was When Destroyed by Mowatt, October 18th, 1775” RG 77: Fortifications Map File Plans of Military Forts, 1818-1941. Government Printing Office, 1966), 371-372. (2) All maps provide us with some level of information, but some maps, like the one pictured below, tell us a story. . NAID 221021240.

IT

IT Military Government

Katyn Massacre Records Show Need to Prioritize Disclosure of Historical Information with Significant Public Interest

Archives Blogs

FEBRUARY 28, 2020

The prisoners represented a majority of Poland’s governing elite—military, police, and civil society leaders captured in 1939, when the Soviet Union and Nazi Germany invaded and divided Poland by secret diplomatic agreement.

Government

Government Military Archiving Access

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Vamosi: Back in 2007 the California Secretary of State, Debra Bowen, did the unthinkable: she decertified all the digital voting systems in the state. Vamosi: Secretary Bowen is addressing an oft asked question: If elections are so critical, why don’t state governments simply invest in a full-blown digital voting system?

Blockchain

Blockchain Paper Security IT

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Vamosi: Back in 2007 the California Secretary of State, Debra Bowen, did the unthinkable: she decertified all the digital voting systems in the state. Vamosi: Secretary Bowen is addressing an oft asked question: If elections are so critical, why don’t state governments simply invest in a full-blown digital voting system?

Blockchain

Blockchain Paper Security IT

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

Vamosi: Back in 2007 the California Secretary of State, Debra Bowen, did the unthinkable: she decertified all the digital voting systems in the state. Vamosi: Secretary Bowen is addressing an oft asked question: If elections are so critical, why don’t state governments simply invest in a full-blown digital voting system?

Blockchain

Blockchain Paper Security IT

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

“The CRTC executed a warrant under Canada’s Anti-Spam Legislation (CASL) and the RCMP National Division executed a search warrant under the Criminal Code respectively,” reads a statement published last week by the Canadian government. I tend to have a violent nature, and have both Martial arts and Military training. In 2014, the U.S.

Marketing

Marketing Passwords Access Systems administration

Two Contrarian Thinkers who went Unheeded

Troy Hunt

DECEMBER 23, 2017

Henry Charles Keith Petty-Fitzmaurice (1845 – 1927), the 5th Marquess of Lansdowne, was a distinguished British statesman who held senior positions in both Liberal Party and Conservative Party governments. Lansdowne became a pariah who was shunned and vilified by politicians, commentators and military leaders. Konrad Kellen.

Government

Government Military Paper IT

The History of Malware: A Primer on the Evolution of Cyber Threats

IBM Big Data Hub

NOVEMBER 6, 2023

At the time, only about 60,000 computers had access to the internet, mostly at universities and within the military. NotPetya is believed to be tied to Russian intelligence, who may have modified the Petya virus to attack Ukraine, and WannaCry may be connected to similar adversarial sectors of the North Korean government.

Ransomware

Ransomware Phishing Encryption IoT

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

Centre for Defence: In 2007, a struggle over a divisive Soviet statutes set the standard for a new form of Russian interference in the affairs of foreign states. BBC: Well as Ukrainian military battles Russian troops on the ground there's another battle taking place. This is just on a larger level. Here's the BBC.

Ransomware

Ransomware Military Government Security

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Trending Sources

Russian APT groups target European governments ahead of May Elections

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

APT28 targets key networks in Europe with HeadLace malware

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Vulnerabilities in Weapons Systems

FBI and NSA joint report details APT28’s Linux malware Drovorub

Microsoft disrupted APT28 attacks on Ukraine through a court order

APT28 group return to covert intelligence gathering ops in Europe and South America.

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Russia-linked APT28 targets govt bodies with fake NATO training docs

Google warns of APT28 attack attempts against 14,000 Gmail users

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Mandiant identifies 3 hacktivist groups working in support of Russia

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russian spies are attempting to tap transatlantic undersea cables

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

New Turla ComRAT backdoor uses Gmail for Command and Control

A new Fancy Bear backdoor used to target political targets

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Maps as Storytellers: (Map of) Falmouth Neck, as it was When Destroyed by Mowatt, October 18th, 1775

Katyn Massacre Records Show Need to Prioritize Disclosure of Historical Information with Significant Public Interest

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

Canadian Police Raid ‘Orcus RAT’ Author

Two Contrarian Thinkers who went Unheeded

The History of Malware: A Primer on the Evolution of Cyber Threats

The Hacker Mind Podcast: The Fog of Cyber War

Stay Connected