2018, Authentication, Government and Military - Information Management Today

North Korea-linked APT37 exploited IE zero-day in a recent attack

Security Affairs

OCTOBER 19, 2024

“This attack requires an authenticated client to click a link in order for an unauthenticated attacker to initiate remote code execution.” Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea.

Military

Military Manufacturing Government Authentication

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

BSI remarks that the trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of any defense software. The alert pointed out that antivirus software operates with high privileges on machines and if compromised could allow an attacker to take over them.

Manufacturing

Manufacturing Information Security Military Cybersecurity

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

Hello and welcome to the final IT Governance podcast of 2018. Even government and public bodies’ websites – including, ironically, the ICO – were found to be running cryptomining software after a third-party plug-in was compromised, but it transpired. The NIS Directive was enacted in the UK as the NIS Regulations on 10 May.

Data breaches

Data breaches Personal data Access GDPR

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

How to Ensure Your Digital Security During the Rugby World Cup

Thales Cloud Protection & Licensing

SEPTEMBER 12, 2019

At the 2018 Winter Olympic Games held in PyeongChang, for instance, cyber criminals leveraged a previously unknown family of malware called Olympic Destroyer to attack the Games’ servers just before the opening ceremony. Unfortunately, digital criminals are also closely following the buzz surrounding this tournament.

Security

Security IoT Personal data Military

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Security Affairs

MAY 14, 2019

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016.

IT

IT Military Manufacturing Government

Credit Freezes are Free: Let the Ice Age Begin

Krebs on Security

SEPTEMBER 21, 2018

Enacted in May 2018, the Economic Growth, Regulatory Relief and Consumer Protection Act rolls back some of the restrictions placed on banks in the wake of the Great Recession of the last decade. Spouses may request freezes for each other by phone as long as they pass authentication. Online: TransUnion. By Phone: 888-909-8872.

Insurance

Insurance Marketing Security Military

Federal Agency Data is Under Siege

Thales Cloud Protection & Licensing

JULY 24, 2018

Originally Featured in Global Military Communications Magazine’s June/July Issue. to discuss the findings of the 2018 Thales Data Threat Report, Federal Edition. Question: Can you provide an overview of the 2018 Thales Data Threat Report, Federal Edition, and elaborate why it’s needed today more than ever?

Encryption

Encryption Cloud Data breaches Government

New Charges Derail COVID Release for Hacker Who Aided ISIS

Krebs on Security

JANUARY 19, 2021

military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020.

Military

Military Passwords Government Personal data

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

On May 10, one of the hospitals detected malicious activity on its Microsoft Windows Domain Controller, a critical “keys to the kingdom” component of any Windows enterprise network that manages user authentication and network access. Still, the work to restore infected systems would take months.

Ransomware

Ransomware Cybersecurity Phishing Security

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

For example, here’s Jerry Lewis in a scene from a 1950s film, where he’s trying to break into a Nazi German military base. But this method of authentication is flawed; either hashed or hashed and salted, usernames and passwords can still be stolen and reused. Fact is, we’ve long had passwords as a credential.

Passwords

Passwords Authentication Access Data breaches

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

“In the early part of 2021, PHOSPHORUS actors scanned millions of IPs on the internet for Fortinet FortiOS SSL VPN that were vulnerable to CVE-2018-13379. Microsoft added that password spray attacks on Office 365 accounts with multifactor authentication (MFA) enabled failed. ” reads the post published by Microsoft.

Ransomware

Ransomware Passwords Military Authentication

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

* This article first appeared in In-House Defense Quarterly on April 3, 2018. Increasingly, thought leaders, professional organizations, and government agencies are beginning to provide answers. Creating an enterprise-wide governance structure. Aligning cyber risk with corporate strategy.

Cybersecurity

Cybersecurity Risk Passwords Authentication

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. Vamosi: It turns out, Georgia wasn’t alone. Unfortunately, there’s still a lot of gaps.

Blockchain

Blockchain Paper Security IT

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. Vamosi: It turns out, Georgia wasn’t alone. Unfortunately, there’s still a lot of gaps.

Blockchain

Blockchain Paper Security IT

Cyber Security at the heart of Fleet Fuelling

CGI

MARCH 20, 2017

Promoting easy authentication without compromising the customer’s perception of security and protecting the enterprise risk should always be the ultimate objective. on military and intelligence. As we look across our engagements in different industry and government sectors, there are a number of crosscutting themes that are evident.

Security

Security Retail Risk Digital transformation

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. Vamosi: It turns out, Georgia wasn’t alone. Unfortunately, there’s still a lot of gaps.

Blockchain

Blockchain Paper Security IT

New FIDO2 Devices offer a single token for combined PKI – FIDO use cases, without the need to rip and replace existing infrastructure

Thales Cloud Protection & Licensing

FEBRUARY 25, 2020

The Verizon 2019 Data Breach Investigations Report advises organizations to deploy multifactor authentication throughout all systems and discourage password reuse. billion records exposed, and a more than 54% increase in the number of reported breaches vs. the first half of 2018. authentication technologies.

Digital transformation

Digital transformation Authentication Passwords Data breaches

ROUNDTABLE: Experts react to President Biden’s exec order in the aftermath of Colonial Pipeline hack

The Last Watchdog

MAY 19, 2021

This very high-profile caper is part of an extended surge of ransomware attacks, which quintupled globally between the first quarter of 2018 and the fourth quarter of 2020, and is expected to rise 20 percent to 40 percent this year, according to insurance giant Aon. government. Bryson Bort , CEO, SCYTHE.

Government

Government Cybersecurity Ransomware Compliance

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

MAY 18, 2021

Vamosi: With the Colonial Pipeline criminal attack, we’ve seen that ransomware is an urgent national security risk that threatens schools, hospitals, businesses, and governments across the globe. It's tasked with protecting these 17 critical infrastructure areas from span everything from health care to electricity to dams and military.

Ransomware

Ransomware Passwords Government Security

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

MAY 18, 2021

Vamosi: With the Colonial Pipeline criminal attack, we’ve seen that ransomware is an urgent national security risk that threatens schools, hospitals, businesses, and governments across the globe. It's tasked with protecting these 17 critical infrastructure areas from span everything from health care to electricity to dams and military.

Ransomware

Ransomware Passwords Government Security

Q&A: The troubling implications of normalizing encryption backdoors — for government use

The Last Watchdog

SEPTEMBER 17, 2018

Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use.

Encryption

Encryption Government Privacy Military

MY TAKE: These 7 nation-state backed hacks have put us on the brink of a global cyber war

The Last Watchdog

JUNE 28, 2018

However, evidence that the ‘golden age’ of cyber espionage is upon us continues to accumulate as the first half of 2018 comes to a close. Military operatives and intelligence units today routinely hack to knock down critical infrastructure, interfere with elections, and even to exact revenge on Hollywood studios.

Military

Military Encryption Government Security

Email Is the Biggest Threat to Business, So Why Is Everyone Using It?

Adam Levin

MAY 13, 2019

Email addresses are still the main way we authenticate ourselves to do business online, and because of that email as a category represents an extremely weak link in our collective cybersecurity. Domain names were initially intended as a means of identifying remote academic, military, and government locations.

IT

IT Communications Phishing Cybersecurity

Microsoft says Russian hackers continue targeting 2018 midterm elections

Security Affairs

AUGUST 21, 2018

Microsoft has spotted a new hacking campaign targeting 2018 midterm elections, the experts attributed the attacks to Russia-linked APT28 group. Microsoft has spotted a new hacking campaign targeting 2018 midterm elections. Securi ty Affairs – APT28, 2018 midterm elections). Pierluigi Paganini.

Military

Military Education Phishing Authentication

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

The Last Watchdog

JULY 25, 2019

That May 10th air strike by the Israel Defense Force marked the first use of military force in direct retaliation for cyber spying. This comes as no surprise to anyone in the military or intelligence communities. Here are a few things everyone should know about the current state of government-backed cyber ops.

IoT

IoT Military Government Manufacturing

Information Management Today

North Korea-linked APT37 exploited IE zero-day in a recent attack

The German BSI agency recommends replacing Kaspersky antivirus software

Webinars

Trending Sources

Weekly podcast: 2018 end-of-year roundup

Webinars

How to Ensure Your Digital Security During the Rugby World Cup

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Credit Freezes are Free: Let the Ice Age Begin

Federal Agency Data is Under Siege

New Charges Derail COVID Release for Hacker Who Aided ISIS

Inside Ireland’s Public Healthcare Ransomware Scare

The Hacker Mind Podcast: Going Passwordless

Iran-linked APT groups continue to evolve

An Approach to Cybersecurity Risk Oversight for Corporate Directors

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

Cyber Security at the heart of Fleet Fuelling

The Hacker Mind Podcast: Hacking Voting Systems

New FIDO2 Devices offer a single token for combined PKI – FIDO use cases, without the need to rip and replace existing infrastructure

ROUNDTABLE: Experts react to President Biden’s exec order in the aftermath of Colonial Pipeline hack

The Hacker Mind Podcast: Hacking Ransomware

The Hacker Mind Podcast: Hacking Ransomware

Q&A: The troubling implications of normalizing encryption backdoors — for government use

MY TAKE: These 7 nation-state backed hacks have put us on the brink of a global cyber war

Email Is the Biggest Threat to Business, So Why Is Everyone Using It?

Microsoft says Russian hackers continue targeting 2018 midterm elections

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

Stay Connected