2010, Government and Security - Information Management Today

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors. ” reads the advisory. ” reads the advisory.

Government

Government Passwords Access Cybersecurity

Emissary Panda APT group hit Government Organizations in the Middle East

Security Affairs

MAY 30, 2019

Chinese Cyber-Spies Target Government Organizations in Middle East. Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. The Emissary Panda APT group has been active since 2010, targeted organizations worldwide, including U.S.

Government

Government Financial Services Security Cybersecurity

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

A British court has rejected the request of the US government to extradite Wikileaks founder Julian Assange to the country. government will likely appeal the decision. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. Pierluigi Paganini. SecurityAffairs – hacking, Julian Assange).

Military

Military Government Risk Passwords

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. ” reads the post published by Microsoft. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Phishing Government Security

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

The Group is independent since June 2010 following the split with Accor. The company is reporting the incident to government regulators and authorities. The post Payment solutions giant Edenred announces malware infection appeared first on Security Affairs. Edenred is a French company specialized in prepaid corporate services.

Cybersecurity

Cybersecurity Government IT Security

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

During a meeting of security chiefs of the Five Eyes alliance held in California, McCallum told BBC that the Chinese cyber espionage reached an epic scale. Chinese cyber espionage aims at obtaining commercial secrets and intellectual property to advantage the government of Beijing. ” reported BBC.

Military

Military Government Access Cybersecurity

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

The BORN funded by the government of Ontario disclosed a data breach that impacts some 3.4 BORN Ontario hired cybersecurity experts to mitigate the threat, secure its infrastructure, and investigate the scope of the incident. Nuance launched an investigation into the incident with the help of cyber security experts and a law firm.

Data breaches

Data breaches Ransomware Data collection Cybersecurity

Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran

Security Affairs

JULY 3, 2020

The media reported a fire at the Natanz nuclear enrichment site and an explosion at the Parchin military complex near Tehran, the latter is suspected to be a government center for the production of missiles. The Cheetahs group claimed to be dissident members of Iran’s security forces. following other recent explosions in the country.”

Military

Military Government Security IT

Iran announced to have foiled massive cyberattacks on public services

Security Affairs

APRIL 25, 2022

State television announced that Iran has foiled massive cyberattacks that targeted public services operated by both government and private organizations. Stuxnet is a malicious computer worm developed to target SCADA systems that were first uncovered in 2010, but researchers believe its development began at least in 2005. .

Ransomware

Ransomware Cybersecurity Government Security

Wikileaks founder Julian Assange is free

Security Affairs

JUNE 25, 2024

He left Belmarsh maximum security prison on the morning of 24 June, after having spent 1901 days there. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. Julian Assange is free after five years in Belmarsh prison, the WikiLeaks founder has been released in the U.K.

Military

Military Passwords Access Government

Naikon APT is flying under the radar since 2015

Security Affairs

MAY 7, 2020

The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar over the past five years while targeting entities in Asia-Pacific (APAC) region. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link].

Government

Government Archiving Cybersecurity IT

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

million to settle a legal dispute for selling vulnerable software to the US government. The case was filed in the Federal District Court for the Western District of New York and was handled under the False Claims Act, which specifically addresses fraud and misconduct in federal government contracts. Cisco is going to pay $8.6

Government

Government Sales Access Security

The Unsexy Threat to Election Security

Krebs on Security

JULY 25, 2019

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. California has a civil grand jury system designed to serve as an independent oversight of local government functions, and each county impanels jurors to perform this service annually.

Security

Security Authentication Passwords Manufacturing

Hungarian official confirms Hungary used NSO Group Pegasus spyware

Security Affairs

NOVEMBER 8, 2021

A Hungarian government official confirmed that his government has bought and used the controversial NSO Group’s Pegasus spyware. The post Hungarian official confirms Hungary used NSO Group Pegasus spyware appeared first on Security Affairs. ” reads the statement provided to news outlet Telex. Pierluigi Paganini.

Sales

Sales Encryption Government Security

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. time zone.

Military

Military Government Security IT

Iran hit by a more aggressive and sophisticated Stuxnet version

Security Affairs

NOVEMBER 1, 2018

Attackers used a malware similar to Stuxnet , the cyber weapon that hit the Iranian nuclear plant at Natanz in 2010 interfering with nuclear program of the Government of Teheran. Security Affairs – Stuxnet, hacking). The post Iran hit by a more aggressive and sophisticated Stuxnet version appeared first on Security Affairs.

Government

Government Paper Security IT

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous. We welcome the opportunity to read all the relevant materials and work with the government before the next hearing,” Keys’ attorney, Mark Reichel, told the Bee. Pierluigi Paganini.

CMS

CMS Cybersecurity Government Access

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan. According to a joint cybersecurity advisory from the United States National Security Agency (NSA), the U.S. ” reads the joint advisory.

Cybersecurity

Cybersecurity Systems administration Access Government

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

Security Affairs

APRIL 20, 2020

Cybercriminals have abused LED light control console to launch malicious attacks, Microsoft’s security experts warn. These hackers are targeting the government and the technology industry, trying to steal and leak confidential information and launch full information warfare campaigns,” Microsoft concludes. Pierluigi Paganini.

IoT

IoT Ransomware Phishing Government

Ke3chang hacking group adds new Ketrum malware to its arsenal

Security Affairs

MAY 28, 2020

” reads the report published by the security firm Intezer. ” Back in 2013, the security researchers at FireEye spotted a group of China-Linked hackers that conducted an espionage campaign on foreign affairs ministries in Europe. “We believe the operation was conducted very recently.” Pierluigi Paganini.

IT

IT Military Communications Security

Experts detailed how China Telecom used BGP hijacking to redirect traffic worldwide

Security Affairs

NOVEMBER 8, 2018

Security researchers revealed in a recent paper that over the past years, China Telecom used BGP hijacking to misdirect Internet traffic through China. Security researchers Chris C. The incident also affected US government (‘‘.gov’’) If the erroneous announcement was maliciously arranged, then a BGP hijack has occurred.”

Paper

Paper Military Government Security

FIFA was hacked again, this is the second hack in a year

Security Affairs

NOVEMBER 2, 2018

The Fédération Internationale de Football Association, aka FIFA, is a governing body of association football, futsal, and beach soccer. In August 2017, Fancy Bears hackers claimed that around 160 football players failed drug tests in 2015, and 25 2010 World Cup players used doping medicines. Security Affairs – hacking, data breach).

Phishing

Phishing Data breaches Passwords Government

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names

File names Financial Services Manufacturing Libraries

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

According to his LinkedIn profile , Schulte worked for the NSA for five months in 2010 as a systems engineer, after this experience, he joined the CIA as a software engineer and he left the CIA in November 2016. The post CIA elite hacking unit was not able to protect its tools and cyber weapons appeared first on Security Affairs.

IT

IT Data breaches Systems administration Security

WikiLeaks founder Julian Assange faces superseding indictment for conspiring with LulzSec hackers

Security Affairs

JUNE 25, 2020

In 2010, Assange gained unauthorized access to a government computer system of a NATO country and years later he contacted s LulzSec leader who was working for the FBI and provided him a list of targets. “In 2010, Assange gained unauthorized access to a government computer system of a NATO country.

Passwords

Passwords Communications Data breaches Access

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

Related: Applying ‘zero trust’ to managed security services. based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. Governance and attestation quickly became a very big deal.

Access

Access Government Authentication Data breaches

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Security Affairs

SEPTEMBER 26, 2018

Former NSA TAO hacker was sentenced to 66 months in prison because he leaked top-secret online documents related to the US government ban on Kaspersky. According to the prosecutors, between 2010 and 2015, the former NSA hacker had taken home with him TAO materials, including exploits and hacking tools. Pierluigi Paganini.

Archiving

Archiving Government Access Cloud

Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison

Security Affairs

NOVEMBER 2, 2018

According to his LinkedIn profile , Schulte worked for the NSA for five months in 2010 as a systems engineer, after this experience, he joined the CIA as a software engineer and he left the CIA in November 2016. Security Affairs – Radisson Hotel Group, data breach). ” continues the AP. . Pierluigi Paganini.

Encryption

Encryption Data breaches Communications Government

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Many experts linked the Regin malware to the Five Eyes alliance , they found alleged references to the super spyware in a number of presentations leaked by Edward Snowden and according to malware researchers, it has been used in targeted attacks against government agencies in the EU and the Belgian telecoms company Belgacom.

Communications

Communications Access Phishing Security

IRS Will Soon Require Selfies for Online Access

Krebs on Security

JANUARY 19, 2022

was originally launched in 2010 with the goal of helping e-commerce sites validate the identities of customers who might be eligible for discounts at various retail establishments, such as veterans, teachers, students, nurses and first responders. For more on the benefits of using a Security Key for MFA, see this post. McLean, Va.-based

Access

Access Insurance Authentication Government

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

OCTOBER 31, 2018

US intelligence believes that the cyber espionage operation was under the control of Zha Rong and Chai Meng, two intelligence officers working for the Jiangsu Province Ministry of State Security (JSSD) in the Chinese city of Nanjing. The campaign was carried out at least from January 2010 to May 2015. According to U.S.

Manufacturing

Manufacturing Military Phishing Security

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

APRIL 28, 2021

The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region. . The Naikon APT group mainly focuses on high-profile orgs, including government entities and military orgs. Pierluigi Paganini.

Military

Military Passwords Government Security

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs

DECEMBER 4, 2022

Modern vehicles come with sophisticated infotainment systems that are connected online and that could represent an entry point for attackers, as demonstrated by many security experts over the years. The post Law enforcement agencies can extract data from thousands of cars’ infotainment systems appeared first on Security Affairs.

Access

Access Government Passwords Security

Machete cyber-espionage group targets Latin America military

Security Affairs

AUGUST 5, 2019

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. ” concludes the report. Pierluigi Paganini.

Military

Military Archiving Security Government

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Nikita Kislitsin, at a security conference in Russia. Department of Justice. “The company is monitoring developments.”

Cybersecurity

Cybersecurity Passwords Government Security

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

OCTOBER 17, 2018

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. The victim was one of the most important leaders in the field of security and defensive military grade Naval ecosystem in Italy. Stage4 is pretty interesting per-se.

Computer and Electronics

Computer and Electronics Encryption Security Military

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

“Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. The list of victims is long and includes tech giants like HPE, IBM, DXC, Fujitsu, and Tata.

Cloud

Cloud IT Systems administration Phishing

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security Affairs

SEPTEMBER 10, 2018

Security experts observed the LuckyMouse APT group using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. The APT group has been active since at least 2010, the crew targeted U.S. The hackers attempted to inject malicious JavaScript code into the government websites connected to the data center.

Communications

Communications Financial Services Government Phishing

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

JULY 23, 2019

Security researchers at ESET reported that China-linked threat actor APT15 (aka Ke3chang , Mirage , Vixen Panda , Royal APT and Playful Dragon) has been using a previously undocumented backdoor for more than two years. The post China-Linked APT15 group is using a previously undocumented backdoor appeared first on Security Affairs.

Communications

Communications Manufacturing Encryption Security

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

JUNE 10, 2022

The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive. .'”

Marketing

Marketing Government Systems administration Sales

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

IT

IT Ransomware Mining Government

Flaw allowing identity spoofing affects authentication based on German eID cards

Security Affairs

NOVEMBER 22, 2018

The situation is very serious, the new cards are accepted as an ID document in most countries in Europe and allow the German citizens to access online government services (i.e. The German ID cards issued since November 1st, 2010, store holder’s information (i.e. tax service). the name or date of birth of the citizen).

Authentication

Authentication Communications Security IT

IRS To Ditch Biometric Requirement for Online Access

Krebs on Security

FEBRUARY 7, 2022

government online. It was clear most readers had no idea these new and more invasive requirements were being put in place at the IRS and other federal agencies (the Social Security Administration also is steering new signups to ID.me). to commercialize what should be a core government service.” ”

Access

Access Authentication Insurance Personal data

China-linked cyberspies Turbine PANDA targeted aerospace firms for years

Security Affairs

OCTOBER 18, 2019

Security firm revealed that China-linked APT group Turbine Panda conducted cyber-espionage operations aimed at various aerospace firms for years. Security researchers at Crowdstrike conducted long-running cyber-espionage operations aimed at various aerospace firms. Office of Personnel Management (OPM) breach. Pierluigi Paganini.

Manufacturing

Manufacturing Security Government IT

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Emissary Panda APT group hit Government Organizations in the Middle East

Webinars

Trending Sources

British Court rejects the US’s request to extradite Julian Assange

Webinars

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Payment solutions giant Edenred announces malware infection

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran

Iran announced to have foiled massive cyberattacks on public services

Wikileaks founder Julian Assange is free

Naikon APT is flying under the radar since 2015

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

The Unsexy Threat to Election Security

Hungarian official confirms Hungary used NSO Group Pegasus spyware

CIA Hacking unit APT-C-39 hit China since 2008

Iran hit by a more aggressive and sophisticated Stuxnet version

Journalist Matthew Keys is now charged with an attack on a magazine

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

Ke3chang hacking group adds new Ketrum malware to its arsenal

Experts detailed how China Telecom used BGP hijacking to redirect traffic worldwide

FIFA was hacked again, this is the second hack in a year

China-linked Budworm APT returns to target a US entity

CIA elite hacking unit was not able to protect its tools and cyber weapons

WikiLeaks founder Julian Assange faces superseding indictment for conspiring with LulzSec hackers

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison

The Belgacom hack was the work of the UK GCHQ intelligence agency

IRS Will Soon Require Selfies for Online Access

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Machete cyber-espionage group targets Latin America military

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

China-Linked APT15 group is using a previously undocumented backdoor

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Canada Charges Its “Most Prolific Cybercriminal”

Flaw allowing identity spoofing affects authentication based on German eID cards

IRS To Ditch Biometric Requirement for Online Access

China-linked cyberspies Turbine PANDA targeted aerospace firms for years

Stay Connected