2007 and Military - Information Management Today

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. The post Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East appeared first on Security Affairs.

Military

Military Archiving Passwords Communications

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

The compromise of networks associated with Ukraine’s Ministry of Defence and European railway systems could allow attackers to gather intelligence to influence battlefield tactics and broader military strategies. Insikt Group speculates the operation is aimed at influencing regional and military dynamics.

Military

Military Phishing Government Authentication

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Security Affairs

SEPTEMBER 5, 2024

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Cybersecurity Government Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

The APT28 group (aka Forest Blizzard , Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military File names Education Phishing

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Security Affairs

FEBRUARY 20, 2020

The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Military

Military IT Government Encryption

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Government Phishing Authentication

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

.” The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military IoT Phishing Government

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

OCTOBER 7, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to experts from Symantec, the group is now actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Military

Military Government Phishing Security

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The cyberespionage group continues to target members of defense companies, embassies, governments, and the military.

Phishing

Phishing Military Government Passwords

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Government

Government Military Phishing Access

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation. “In order to ESCAPE the law, you need to KNOW the law. This is the most important thing. ” Mr. .

Military

Military IT Communications Risk

Russia-linked APT breached the network of Dutch police in 2017

Security Affairs

JUNE 10, 2021

The group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. APT28 was also involved in the string of attacks that targeted 2016 Presidential election , experts link the APT to the Russian military intelligence service (GRU).

Military

Military Government Ransomware Security

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Phishing Government Security

Mandiant identifies 3 hacktivist groups working in support of Russia

Security Affairs

SEPTEMBER 27, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” Mandiant concludes.

Military

Military Phishing Government Security

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Phishing Security

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Access Phishing

Russia-linked APT28 targets govt bodies with fake NATO training docs

Security Affairs

SEPTEMBER 23, 2020

Even today, less than half of the known antivirus engines are flagging the infection on VirusTotal , as observed by BleepingComputer: The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Military

Military Government Encryption Communications

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Garda and military intelligence agencies believe the Russian agents were sent by the military intelligence branch of the Russian armed forces, the GRU. Ireland is a strategic place for intercontinental communications because it represents the place where undersea cables which carry internet traffic connect to Europe. Source [link].

Military

Military Communications Data collection Access

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing

Phishing Military Government Security

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

FEBRUARY 20, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Military

Military Phishing Government Security

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Phishing Government Communications

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Security Affairs

DECEMBER 3, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Security IT

Russia-linked APT28 targets government Polish institutions

Security Affairs

MAY 10, 2024

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Government

Government Military Libraries Archiving

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing

Phishing Healthcare Military Data collection

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Security Affairs

JUNE 28, 2022

Non-state actors include multinational corporations, collectives of hacktivists, non-governmental organizations (NGOs), cybercrime syndicates, private military organizations, media outlets, terrorist groups, labor unions, organized ethnic groups, lobby groups, criminal organizations, private businesses, and others.

Paper

Paper Military Government Security

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

OCTOBER 14, 2021

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing

Phishing Military Government Security

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The BlindingCan was employed in attacks on US and foreign companies operating in the military defense and aerospace sectors.

IT

IT Systems administration Military Cybersecurity

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

IoT

IoT Military Access Education

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ , which is a malware that was employed in past campaigns attributed to the Turla APT group.

Communications

Communications Military Encryption Authentication

A new Fancy Bear backdoor used to target political targets

Security Affairs

SEPTEMBER 24, 2019

The Fancy Bear APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. In the recent attacks, the hackers used a new set of malicious payloads, including a backdoor written in a new language. ” reads the analysis published by ESET.

Phishing

Phishing Military Archiving Security

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

Emerging in 2007 as a banking trojan, QakBot (a.k.a. In April 2022, the DOJ quietly removed malware from computers around the world infected by the “Snake” malware , an even older malware family that has been tied to the GRU, an intelligence arm of the Russian military. ” The DOJ said it also recovered more than 6.5

Ransomware

Ransomware Government Military Access

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Access Cybersecurity Education

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

Co-founder Jay took a business trip to South Korea in the fall of 2007. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. DataLocker actually got traction, early on, selling to the military.

Encryption

Encryption Military Passwords Authentication

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Security Affairs

DECEMBER 19, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Researchers at Palo Alto Networks discovered that the Russian-linked Sofacy APT has written a new version of their Zebrocy backdoor using the Go programming language.

Military

Military Data collection Phishing IT

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security Affairs

SEPTEMBER 27, 2018

” The Sednit APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. This APT group, also known as APT28, STRONTIUM, Sofacy and Fancy Bear, may be even more dangerous than previously thought.”

Military

Military Manufacturing Government Security

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

Security Affairs

OCTOBER 21, 2019

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations.

Government

Government Military Security IT

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Our military systems are vulnerable. We need to face that reality by halting the purchase of insecure weapons and support systems and by incorporating the realities of offensive cyberattacks into our military planning. Over the past decade, militaries have established cyber commands and developed cyberwar doctrine.

Military

Military Cybersecurity Communications Manufacturing

APT28 and Upcoming Elections: evidence of possible interference

Security Affairs

APRIL 12, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Passwords

Passwords Metadata Military Government

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Security Affairs

JULY 15, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. This malware immediately caught the attention of the expert because it contacts a C2 with the name “ marina-info.net ” a clear reference to the Italian Military corp, Marina Militare.

Military

Military Communications IT Government

Estonia's Volunteer Cyber Militia

Schneier on Security

FEBRUARY 19, 2019

The volunteers, who've inspired a handful of similar operations around the world, are readying themselves to defend against the kind of sustained digital attack that could cause mass service outages at hospitals, banks, and military bases, and with other critical operations, including voting systems.

Military

Military IT Security

Microsoft says Russian hackers continue targeting 2018 midterm elections

Security Affairs

AUGUST 21, 2018

The Russian APT group tracked as APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and operates under the Russian military agency GRU and continues to target US politicians.

Military

Military Education Phishing Authentication

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Security Affairs

AUGUST 23, 2018

Turla is the name of a Russian cyber espionage APT group (also known as Waterbug, Venomous Bear and KRYPTON) that has been active since at least 2007 targeting government organizations and private businesses. The new analysis revealed a list of high-profile victims that was previously unknown. ” reads the analysis published by ESET.

Metadata

Metadata Military Libraries Access

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

In 2007, Salomon collected more than $3,000 from botmasters affiliated with competing spam affiliate programs that wanted to see Spamhaus suffer, and the money was used to fund a week-long distributed denial-of-service (DDoS) attack against Spamhaus and its online infrastructure. federal court tomorrow (Jan. 9, 2024).

Computer and Electronics

Computer and Electronics Passwords Government Sales

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

APT28 targets key networks in Europe with HeadLace malware

Webinars

Trending Sources

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Webinars

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

FBI and NSA joint report details APT28’s Linux malware Drovorub

APT28 group return to covert intelligence gathering ops in Europe and South America.

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Russian APT groups target European governments ahead of May Elections

From Cybercrime Saul Goodman to the Russian GRU

Russia-linked APT breached the network of Dutch police in 2017

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Mandiant identifies 3 hacktivist groups working in support of Russia

Microsoft disrupted APT28 attacks on Ukraine through a court order

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Russia-linked APT28 targets govt bodies with fake NATO training docs

Russian spies are attempting to tap transatlantic undersea cables

Google warns of APT28 attack attempts against 14,000 Gmail users

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Russia-linked APT28 targets government Polish institutions

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

North Korea-linked Lazarus APT targets the IT supply chain

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

New Turla ComRAT backdoor uses Gmail for Command and Control

A new Fancy Bear backdoor used to target political targets

U.S. Hacks QakBot, Quietly Removes Botnet Infections

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

Vulnerabilities in Weapons Systems

APT28 and Upcoming Elections: evidence of possible interference

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Estonia's Volunteer Cyber Militia

Microsoft says Russian hackers continue targeting 2018 midterm elections

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Stay Connected