2007, Military and Security - Information Management Today

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. The post Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East appeared first on Security Affairs.

Military

Military Archiving Passwords Communications

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Security Affairs

SEPTEMBER 5, 2024

DFS immediately reported the attack to national security authorities. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Military

Military Cybersecurity Government Security

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

The compromise of networks associated with Ukraine’s Ministry of Defence and European railway systems could allow attackers to gather intelligence to influence battlefield tactics and broader military strategies. Insikt Group speculates the operation is aimed at influencing regional and military dynamics.

Military

Military Phishing Government Authentication

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military File names Education Phishing

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Security Affairs

FEBRUARY 20, 2020

The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. ” reads a press release published by Foreign & Commonwealth Office , National Cyber Security Centre , and The Rt Hon Dominic Raab MP. Pierluigi Paganini.

Military

Military IT Government Encryption

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group. The post FBI and NSA joint report details APT28’s Linux malware Drovorub appeared first on Security Affairs. Pierluigi Paganini.

Military

Military IoT Phishing Government

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Government Phishing Authentication

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

France National Agency for the Security of Information Systems warns that the Russia-linked APT28 group has breached several critical networks. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). .

Military

Military Phishing Government Security

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

According to security researchers from Trend Micro, the Russia-linked APT28 cyberespionage group has been scanning vulnerable email servers for more than a year. The cyberespionage group continues to target members of defense companies, embassies, governments, and the military. ” reads the report published by Trend Micro.

Phishing

Phishing Military Government Passwords

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

OCTOBER 7, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to experts from Symantec, the group is now actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Military

Military Government Phishing Security

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The post Microsoft disrupted APT28 attacks on Ukraine through a court order appeared first on Security Affairs.

Military

Military Government Phishing Security

Russia-linked APT breached the network of Dutch police in 2017

Security Affairs

JUNE 10, 2021

The group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. APT28 was also involved in the string of attacks that targeted 2016 Presidential election , experts link the APT to the Russian military intelligence service (GRU). Pierluigi Paganini.

Military

Military Government Ransomware Security

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Government

Government Military Phishing Access

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Access Phishing

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . TAG sent a above average batch of government-backed security warnings yesterday. So why do we do these government warnings then? ” Huntley added. “At

Phishing

Phishing Military Government Security

Mandiant identifies 3 hacktivist groups working in support of Russia

Security Affairs

SEPTEMBER 27, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The post Mandiant identifies 3 hacktivist groups working in support of Russia appeared first on Security Affairs.

Military

Military Phishing Government Security

Russia-linked APT28 targets govt bodies with fake NATO training docs

Security Affairs

SEPTEMBER 23, 2020

Even today, less than half of the known antivirus engines are flagging the infection on VirusTotal , as observed by BleepingComputer: The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Military

Military Government Encryption Communications

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Garda and military intelligence agencies believe the Russian agents were sent by the military intelligence branch of the Russian armed forces, the GRU. The post Russian spies are attempting to tap transatlantic undersea cables appeared first on Security Affairs. Source [link]. Pierluigi Paganini.

Military

Military Communications Data collection Access

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

FEBRUARY 20, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Military

Military Phishing Government Security

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Phishing Government Communications

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Security Affairs

JUNE 28, 2022

Non-state actors include multinational corporations, collectives of hacktivists, non-governmental organizations (NGOs), cybercrime syndicates, private military organizations, media outlets, terrorist groups, labor unions, organized ethnic groups, lobby groups, criminal organizations, private businesses, and others. Pierluigi Paganini.

Paper

Paper Military Government Security

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The post Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware appeared first on Security Affairs.

Phishing

Phishing Healthcare Military Data collection

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Security Affairs

DECEMBER 3, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. In September 2018, security experts from ESET spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild. . Pierluigi Paganini.

Military

Military Government Security IT

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation. “In order to ESCAPE the law, you need to KNOW the law. This is the most important thing. ” Mr. .

Military

Military IT Communications Risk

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

OCTOBER 14, 2021

” wrote Ajax Bash, a Google security engineer from the TAG. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. SecurityAffairs – hacking, cyber security).

Phishing

Phishing Military Government Security

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Cybersecurity and Infrastructure Security Agency (CISA) in August 2020. ” reads the report published by Kaspersky.

IT

IT Systems administration Military Cybersecurity

Russia-linked APT28 targets government Polish institutions

Security Affairs

MAY 10, 2024

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Government

Government Military Libraries Archiving

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

A new Fancy Bear backdoor used to target political targets

Security Affairs

SEPTEMBER 24, 2019

Security experts at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group aimed at political targets. Security researchers at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group (i.e. APT28 , Sednit , Sofacy , Zebrocy , and Strontium ) aimed at political targets.

Phishing

Phishing Military Archiving Security

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. link] #MSFTatBlackHat — Security Response (@msftsecresponse) August 5, 2019. Pierluigi Paganini.

IoT

IoT Military Access Education

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. Thus, it is able to bypass some security controls because it doesn’t rely on any malicious domain.” The post New Turla ComRAT backdoor uses Gmail for Command and Control appeared first on Security Affairs.

Communications

Communications Military Encryption Authentication

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Access Cybersecurity Education

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

Emerging in 2007 as a banking trojan, QakBot (a.k.a. According to recent figures from the managed security firm Reliaquest , QakBot is by far the most prevalent malware “loader” — malicious software used to secure access to a hacked network and help drop additional malware payloads.

Ransomware

Ransomware Government Military Access

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security Affairs

SEPTEMBER 27, 2018

Security experts from ESET have spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild. Security experts have debated for a long about UEFI rootkits that are very dangerous malware hard to detect and that could resist to the operating system reinstallation and even to the hard disk replacement.

Military

Military Manufacturing Government Security

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

Security Affairs

OCTOBER 21, 2019

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. ” reported the FT. Pierluigi Paganini.

Government

Government Military Security IT

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

Co-founder Jay took a business trip to South Korea in the fall of 2007. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. You need to rely on external storage to securely transport your data.

Encryption

Encryption Military Passwords Authentication

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Security Affairs

DECEMBER 19, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The post Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs –APT, Sofact).

Military

Military Data collection Phishing IT

APT28 and Upcoming Elections: evidence of possible interference

Security Affairs

APRIL 12, 2019

So, the malware checks the current Powershell version: if it is greater or equal than 3, it disables the above mentioned security features. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Pierluigi Paganini.

Passwords

Passwords Metadata Military Government

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Our military systems are vulnerable. We need to face that reality by halting the purchase of insecure weapons and support systems and by incorporating the realities of offensive cyberattacks into our military planning. Over the past decade, militaries have established cyber commands and developed cyberwar doctrine.

Military

Military Cybersecurity Communications Manufacturing

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Security Affairs

JULY 15, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. This malware immediately caught the attention of the expert because it contacts a C2 with the name “ marina-info.net ” a clear reference to the Italian Military corp, Marina Militare.

Military

Military Communications IT Government

Microsoft says Russian hackers continue targeting 2018 midterm elections

Security Affairs

AUGUST 21, 2018

The Russian APT group tracked as APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and operates under the Russian military agency GRU and continues to target US politicians. Security guidance and ongoing education. ” continues Microsoft.

Military

Military Education Phishing Authentication

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Security Affairs

AUGUST 23, 2018

Turla is the name of a Russian cyber espionage APT group (also known as Waterbug, Venomous Bear and KRYPTON) that has been active since at least 2007 targeting government organizations and private businesses. The post Latest Turla backdoor leverages email PDF attachments as C&C mechanism appeared first on Security Affairs.

Metadata

Metadata Military Libraries Access

Estonia's Volunteer Cyber Militia

Schneier on Security

FEBRUARY 19, 2019

The volunteers, who've inspired a handful of similar operations around the world, are readying themselves to defend against the kind of sustained digital attack that could cause mass service outages at hospitals, banks, and military bases, and with other critical operations, including voting systems.

Military

Military IT Security

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

For years, security experts — and indeed, many top cybercriminals in the Spamit affiliate program — have expressed the belief that Sal and Icamis were likely the same person using two different identities. Penchukov) — fled his mandatory military service orders and was arrested in Geneva, Switzerland. 9, 2024).

Computer and Electronics

Computer and Electronics Passwords Government Sales

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Webinars

Trending Sources

APT28 targets key networks in Europe with HeadLace malware

Webinars

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

FBI and NSA joint report details APT28’s Linux malware Drovorub

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Russia-linked APT28 has been scanning vulnerable email servers in the last year

APT28 group return to covert intelligence gathering ops in Europe and South America.

Microsoft disrupted APT28 attacks on Ukraine through a court order

Russia-linked APT breached the network of Dutch police in 2017

Russian APT groups target European governments ahead of May Elections

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Google warns of APT28 attack attempts against 14,000 Gmail users

Mandiant identifies 3 hacktivist groups working in support of Russia

Russia-linked APT28 targets govt bodies with fake NATO training docs

Russian spies are attempting to tap transatlantic undersea cables

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

From Cybercrime Saul Goodman to the Russian GRU

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

North Korea-linked Lazarus APT targets the IT supply chain

Russia-linked APT28 targets government Polish institutions

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

A new Fancy Bear backdoor used to target political targets

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

New Turla ComRAT backdoor uses Gmail for Command and Control

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

APT28 and Upcoming Elections: evidence of possible interference

Vulnerabilities in Weapons Systems

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Microsoft says Russian hackers continue targeting 2018 midterm elections

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Estonia's Volunteer Cyber Militia

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Stay Connected