Security Affairs

FEBRUARY 25, 2022

According to FireEye, the campaign tracked as GhostWriter, has been ongoing since at least March 2017 and is aligned with Russian security interests. The post Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Military 304

Military Phishing CMS Government 304

Security Affairs

APRIL 28, 2024

The researchers pointed out that the use of the “script:” prefix demonstrates the exploitation of the vulnerability CVE-2017-8570 , a bypass for CVE-2017-0199. “The lure contained military-related content, suggesting it was targeting military personnel. The remote script, named “widget_iframe.617766616773726468746672726a6834.html,”

Military 342

Military Mining Libraries Security 342

Security Affairs

OCTOBER 13, 2020

. “[offensive cyber capability could] degrade, disrupt and even destroy critical capabilities and infrastructure of those who would do us harm, ranging from strategic to tactical targets” both in isolation or alongside traditional military force.” ” Sanders confirmed. ” reported The Guardian. .

Government 363

Government Military IT Security 363

Security Affairs

JANUARY 22, 2020

US military claims to have disrupted the online propaganda activity of the Islamic State (ISIS) in a hacking operation dating back at least to 2016. “Operation GLOWING SYMPHONY was originally approved for a 30-day window, but the a July 2017 General Administrative Message reported the operation’s extension to an unknown date.

Military 233

Military FOIA Archiving Security 233

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. ” reported the Tagesschau website. . ” continues the post.

Military 362

Military Access Security Cybersecurity 362

Data Breach Today

APRIL 27, 2022

6 Russian Military Intelligence Agents Charged With Launching NotPetya Destruction The U.S. government on Tuesday announced a reward of up to $10 million for information pertaining to six alleged Russian military hackers tied to the 2017 NotPetya destructive malware campaign.

Military 260

Military Government 260

Security Affairs

MAY 13, 2024

“The operations have primarily targeted audiences in Lithuania, Latvia, and Poland with anti-North Atlantic Treaty Organization (NATO) narratives, often leveraging website compromises or spoofed email accounts to disseminate fabricated content, including falsified correspondence from military officials” reads the report published by FireEye.

CMS 355

CMS Military Archiving Security 355

Security Affairs

OCTOBER 7, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to experts from Symantec, the group is now actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Military 278

Military Government Phishing Security 278

Security Affairs

DECEMBER 6, 2020

Italian police have arrested two people that have been accused of stealing 10 GB of confidental data and military secrets from defense company Leonardo S.p.A. In January 2017, the internal cybersecurity structure of Leonardo SpA reported anomalous network traffic, outgoing from some workstations of the Pomigliano D’Arco plant.

Military 334

Military Computer and Electronics Communications Personal data 334

Security Affairs

APRIL 13, 2021

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. In the same period, Russia-linked hackers working for the military intelligence service GRU targeted other prominent sporting bodies, including World Anti-Doping Agency (WADA) and FIFA.

Military 242

Military Government Security IT 242

Security Affairs

AUGUST 3, 2020

According to FireEye, the campaign tracked as GhostWriter, has been ongoing since at least March 2017 and is aligned with Russian security interests. “We to manipulate content, spreading reports of falsified correspondence from military officials, fake quotes from political figures and more.

Military 350

Military CMS Security Government 350

Security Affairs

JULY 30, 2020

The threat actors’ job postings messages were crafted to target the following specific US defense programs and groups: F-22 Fighter Jet Program Defense, Space and Security (DSS) Photovoltaics for space solar cells Aeronautics Integrated Fighter Group Military aircraft modernization programs.

Military 340

Military Data collection Phishing Ransomware 340

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military 270

Military File names Government Libraries 270

Data Breach Today

FEBRUARY 14, 2020

The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure.

Military 226

Military Data breaches Privacy Security 226

Security Affairs

JANUARY 8, 2023

Polish authorities charged Russian and Belarusian individuals with spying for the Russian military intelligence service (GRU). Polish authorities charged Russian and Belarusian individuals, who were arrested in April, with spying for the Russian military intelligence service (GRU) from 2017 to April 2022.

Military 246

Military Ransomware Government Security 246

Security Affairs

JANUARY 20, 2020

The Chairman of the NATO Military Committee announced that the alliance has sent a counter-hybrid team to Montenegro to face Russian hybrid attacks. Last week in Brussels, the Chairman of the NATO Military Committee (MC), Marshal Sir Stuart Peach, announced the effort of the Alliance in facing Russian hybrid attacks.

Military 251

Military Government Phishing Cybersecurity 251

Security Affairs

AUGUST 23, 2020

The Transparent Tribe cyber-espionage group continues to improve its arsenal while targets Military and Government entities. The Transparent Tribe APT group is carrying out an ongoing cyberespionage campaign aimed at military and diplomatic targets worldwide. ” reads the analysis published by Kaspersky.

Military 363

Military Phishing Passwords Access 363

Security Affairs

MARCH 26, 2021

The attackers are suspected to be hackers of the tracked as Ghostwriter group that works under the control of the Russian military secret service GRU. In August, researchers from FireEye reported that GhostWriter group was behind a disinformation campaign that started at least in March 2017 and is aligned with Russian security interests.

Military 288

Military CMS Phishing Government 288

Security Affairs

NOVEMBER 5, 2021

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. In the period 2017-2021 this group implemented the most numerous cyberintelligence actions on various vectors of public administration.

Military 349

Military Metadata Government Passwords 349

Security Affairs

AUGUST 9, 2022

In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The vulnerability affects the MS Office component EQNEDT32.EXE

Encryption 315

Encryption Military Archiving Phishing 315

Security Affairs

NOVEMBER 24, 2023

The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 and was employed in highly targeted attacks. Upon enabling the macro, the embedded VBA displays a Russian article titled “Western Assessments of the Progress of the Special Military Operation.”

Encryption 336

Encryption Military Phishing Communications 336

Security Affairs

MARCH 22, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Government 279

Government Military Phishing Access 279

Security Affairs

JULY 31, 2020

The Council of the European Union announced sanctions imposed on a Russia-linked military espionage unit, as well as companies operating for Chinese and North Korean threat actors that launched cyber-attacks against the EU and its member states. ” states the Council of the European Union.”

Military 331

Military Cloud Government Phishing 331

Security Affairs

JULY 30, 2024

SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. ” reads the analysis published by the BlackBerry researchers. reads the Patch Tuesday analysis by the Zero Day Initiative.

Phishing 305

Phishing Military Access IT 305

Security Affairs

NOVEMBER 16, 2021

According to FireEye, the campaign tracked as GhostWriter, has been ongoing since at least March 2017 and is aligned with Russian security interests. Sensitive technical information gathered by the researchers suggests the threat actors were operating from Minsk, Belarus under the control of the Belarusian Military.

Military 304

Military CMS Government Security 304

Security Affairs

MARCH 4, 2020

Get important figures‘ travel itinerary, and then pose political threats, or military suppression?” Schulte was arrested for possession of child pornography, he was charged on three counts of receipt, possession and transportation of child pornography in August 2017.

Military 363

Military Government Security IT 363

Security Affairs

AUGUST 27, 2022

In June 2017, Montenegro was targeted by the Russia-linked hacker group APT28 after Montenegro officially joined NATO alliance despite the strong opposition from the Russian Government that threatened to retaliate. Abazovic said it was politically motivated following the fall of his government last week.” ” reported the Reuters.

Military 246

Military Government Phishing Security 246

Dark Reading

FEBRUARY 10, 2020

Four members of China's People Liberation Army hacked the information broker, leading to the theft of sensitive data on approximately 145 million citizens.

Military 95

Military 95

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. This custom-built backdoor has been used since at least January 2017 to achieve persistence on compromised networks. ” concludes the report.

Military 267

Military Communications Government Education 267

Security Affairs

FEBRUARY 10, 2020

.” The attackers used spear-phishing messages sent to government officials, they posed as a journalist, an individual from a trade publication, or individuals from a relevant military organization or non-governmental organization (NGO). The messages contained links to weaponized Office documents stored on Google Drive.

Government 363

Government Military Phishing Security 363

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. ComRAT v4 appeared in the threat landscape in 2017 and is still used by threat actors , recently a new variant was used in attacks against two Ministries of Foreign Affairs in Eastern Europe and a national parliament in the Caucasus region.

Communications 342

Communications Military Encryption Authentication 342

Security Affairs

JANUARY 5, 2024

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. Vitiuk pointed out that the attack had no big impact on Ukraine’s military, which did not rely on telecoms operators. The SBU helped Kyivstar in recovering from the cyber attack.

Military 320

Military Communications Access Ransomware 320

Security Affairs

FEBRUARY 23, 2022

In 2016 and 2017, the hacking group The Shadow Brokers l eaked a bunch of data allegedly stolen from the Equation Group, including many hacking tools and exploits. At the end of October 2016, the hackers leaked a fresh dump containing a list of servers that were hacked by the NSA-linked group known as Equation Group.

Encryption 321

Encryption Military Archiving Government 321

Security Affairs

MARCH 25, 2022

“According to the indictment, between May and September 2017, the defendant and co-conspirators hacked the systems of a foreign refinery and installed malware, which cyber security researchers have referred to as “Triton” or “Trisis,” on a safety system produced by Schneider Electric, a multinational corporation. .”

Energy and Utilities 292

Energy and Utilities Government Cybersecurity Military 292

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” ” reported the AP agency.

Military 352

Military Government Ransomware Security 352

Security Affairs

SEPTEMBER 8, 2019

APT3 functions very differently than 3LA, the former Chinese military hacking organization leading to the assumption that APT3 is not part of the military complex. In May 2017, researchers at threat intelligence firm Record Future discovered a clear link between APT3 cyber threat group and China’s Ministry of State Security.

Military 278

Military Security IT Government 278

Security Affairs

SEPTEMBER 21, 2022

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage. The messages are written in Ukrainian and the topics used in the attacks relate to military operations, reports, etc.

Military 260

Military Phishing Passwords Ransomware 260