2018 and Government - Information Management Today

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government

Government Access Passwords Cloud

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. ” continues the alert.

Government

Government Authentication Access Risk

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

Government

Government Mining Archiving Encryption

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. In March 2018, the Department of Homeland Security and Federal Bureau of Investigation issued a joint technical alert to warn of attacks on US critical infrastructure powered by Russian threat actors.

Government

Government Passwords Access Cybersecurity

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus is a surveillance malware developed by the Israeli surveillance NSO Group that could infect both iPhones and Android devices, it is sold exclusively to the governments and law enforcement agencies. The evidence demonstrates that governments used Pegasus to intimidate journalists and critical media. Pierluigi Paganini.

Government

Government Privacy IT Security

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Sales

Sales Passwords Government Marketing

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. SecurityAffairs – hacking, Taiwan Government).

Government

Government Military Information Security Security

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Military Phishing Access

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. On compromised ASA devices, attackers utilize the host-scan-reply field to deliver shellcode, bypassing the need for CVE-2018-0101 exploitation.

Government

Government Authentication Communications Access

Russia-linked Turla APT hacked European government organization

Security Affairs

OCTOBER 29, 2020

Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization.

Government

Government Encryption Communications IT

Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug

Security Affairs

JULY 4, 2019

Kaspersky experts discovered that Sodinokibi, aka Sodin, Ransomware currently also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows. The post Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – Sodin, ransomware).

Ransomware

Ransomware Encryption Government IT

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Ransomware infected systems at state government of Louisiana

Security Affairs

NOVEMBER 19, 2019

Another ransomware attack made the headlines, the victim is the state government of Louisiana, numerous services have been impacted. The incident forced the state of government of Louisiana to shut down several numerous web sites of the state as well as email and Internet services. Pierluigi Paganini.

Ransomware

Ransomware Government Cybersecurity Security

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched. In March 2025, threat actors distributed archived messages through Signal.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

At least 23 Texas local governments targeted by coordinated ransomware attacks

Security Affairs

AUGUST 18, 2019

At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. ” reads a statement published by the DIT. Pierluigi Paganini.

Ransomware

Ransomware Government Military Security

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. Pierluigi Paganini.

Government

Government Computer and Electronics Archiving Phishing

Chinese APT FunnyDream targets a South East Asian government

Security Affairs

NOVEMBER 17, 2020

According to Kaspersky Lab , FunnyDream has been active at least since 2018 and targeted high-profile entities in Malaysia, Taiwan and the Philippines. Most of the victims were in Vietnam, the group focuses on foreign government organizations of countries in Southeast Asia. . ” reads the report published by BitDefender.

Government

Government File names Communications Access

Karkoff 2020: a new APT34 espionage operation involves Lebanon Government

Security Affairs

MARCH 2, 2020

In November 2018, researchers from Cisco Talos tracked and detailed a “ DNSEspionage ” campaign against targets in Lebanon and UAE. At the time of the report, the threat actor carried out a cyber espionage campaign by redirecting DNS traffic from domains owned by the Lebanon government to target entities in the country. Introduction.

Government

Government Communications IT Security

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

Researchers from Bank Security first reported the availability of the list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379. The list includes devices belonging to big enterprises, financial institutions, and government organizations across the world. link] — Bank Security (@Bank_Security) November 20, 2020.

Government

Government Ransomware Access Cybersecurity

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Evidence, including the spywares installation during BIA interviews, attributes these surveillance campaigns with high confidence to the BIA and Serbian government. Development traces back to at least 2018. At this time, the origin of NoviSpy remains unclear. ” continues the report.

Personal data

Personal data Encryption Security Privacy

Chinese SharpPanda APT developed a new backdoor in the last 3 years

Security Affairs

JUNE 6, 2021

Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy on Asian governments. . The spear-phishing messages impersonate departments of the targeted governments. . In some cases, the emails are spoofed to look like they were from other government-related entities.

Phishing

Phishing Encryption Government Access

USCYBERCOM shares five new North Korea-linked malware samples

Security Affairs

MAY 13, 2020

. “On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) released three Malware Analysis Reports (MARs) on malware variants used by the North Korean government.” ” reads the DHS CISA’s advisory.

Analytics

Analytics Government Cybersecurity Authentication

US Indicts 4 Chinese Nationals for Lengthy Hacking Campaign

Data Breach Today

JULY 19, 2021

has indicted four Chinese nationals working with the nation's Ministry of State Security in connection with an alleged hacking campaign conducted from 2011 to 2018 that targeted universities and government entities to obtain trade secrets, medical research and other intellectual property.

Government

Government Security

India Calls for Stricter Actions Against Cybercriminals

Data Breach Today

JULY 12, 2022

Home Affairs Minister Seeks to Tackle Financial Fraud, Boost Security Stance Indian Home Affairs Minister Amit Shah called for stricter action against cybercriminals, vowing that the central and state governments will collaborate on a strategy to tamp down financial fraud.

Government

Government Security

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists.

Phishing

Phishing Manufacturing Government Security

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access. Sophos researchers suspect that many of these zero-days were identified by Chinese researchers who share them with vendors as well as the Chinese government.

Passwords

Passwords Encryption Access Ransomware

China-linked APT41 breached Taiwanese research institute

Security Affairs

AUGUST 4, 2024

China-linked group APT41 breached a Taiwanese government-affiliated research institute using ShadowPad and Cobalt Strike. Cisco Talos researchers reported that the China-linked group compromised a Taiwanese government-affiliated research institute. government to be comprised of Chinese nationals. ” continues the report.

Government

Government Access IT Information Security

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

In 2018, the Group managed 2.5 billion specific purpose payment transactions in 2018, primarily carried out via mobile applications, online platforms and cards, and representing nearly €30 billion in business volume. The company is reporting the incident to government regulators and authorities. “ Edenred S.A.

Cybersecurity

Cybersecurity Government IT Security

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

The US Census Bureau is the largest US federal government statistical agency responsible dedicated to providing current facts and figures about America’s people, places, and economy. Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year.

Government

Government Data collection Access Communications

Czech intelligence report warns of Russian and Chinese activity in the country

Security Affairs

NOVEMBER 26, 2019

A Czech intelligence report states that Russian and Chinese cyberspies carried out several attacks against the country during 2018. Cezch intelligence believe s that agents of all the Russian intelligence services were secretly operating on the Czech soil in 2018. The Czech experts discovered the security breach in early January 2017.

Information Security

Information Security Government Security Risk

Information of Air Canada employees exposed in recent cyberattack

Security Affairs

SEPTEMBER 22, 2023

“Since 13 September 2023, the Cyber Centre has been aware and responding to reports of several distributed denial of service (DDoS ) campaigns targeting multiple levels within the Government of Canada, as well as the financial and transportation sectors.” In August 2018, Air Canada suffered another data breach. reads the alert.

Data breaches

Data breaches Access Government Security

Booter Boss Busted By Bacon Pizza Buy

Krebs on Security

FEBRUARY 4, 2020

The government says Quantum Stresser had more than 80,000 customer subscriptions, and that during 2018 the service was used to conduct approximately 50,000 actual or attempted attacks targeting people and networks worldwide. The Quantum Stresser Web site — quantumstress[.]net

Government

Government IT Security

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

Government refers to this team as BeagleBoyz, who represent a subset of HIDDEN COBRA activity.” ” Government experts reported that the BeagleBoyz often leave destructive anti-forensic tools onto computer networks of victim institutions. To differentiate methods from other North Korean malicious cyber activity, the U.S.

Access

Access Government Ransomware Cybersecurity

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

Passwords

Passwords Access Insurance Government

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

government includes: Russian state-sponsored APT actors targeting state, local, tribal, and territorial (SLTT) governments and aviation networks, September 2020, through at least December 2020. Russian state-sponsored APT actors’ global Energy Sector intrusion campaign, 2011 to 2018.

Cybersecurity

Cybersecurity Risk Phishing Government

Hunting the ICEFOG APT group after years of silence

Security Affairs

JUNE 8, 2019

The cyber mercenaries were recruited by governments and private companies, it was composed of highly skilled hackers able to conduct sophisticated attacks. Two of them, tracked as ICEFOG-P and ICEFOG-M, have been used in targeted attacks in 2014 and 2018, respectively.

Agriculture

Agriculture Government Military Communications

Computer systems in the City of Albany hit in Ransomware Attack

Security Affairs

APRIL 2, 2019

According to Albany Mayor Kathy Sheehan, no personal information belonging to government workers or residents was compromised during the ransomware attack. In April 2018 a massive ransomware attack hit computer systems in the City of Atlanta. Source Albanyhomes411.com. ” reads the post published by the USNews website.

Ransomware

Ransomware Government Access Security

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

from April 29, 2018, to May 10, 2020). The surveillance software developed by NSO Group was used by government organizations worldwide to spy on human rights groups , activists, journalists, lawyers, and dissidents.

IT

IT Government Security Information Security

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

Department of Justice said it seized eight domain names that were used to operate Cracked, a cybercrime forum that sprang up in 2018 and attracted more than four million users. The DOJ said the law enforcement action, dubbed Operation Talent , also seized domains tied to Sellix , Cracked’s payment processor. io , and rdp[.]sh.

Archiving

Archiving Passwords Government IT

US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide

Security Affairs

OCTOBER 21, 2023

government seized 17 website domains used by North Korean IT workers in a fraudulent scheme to defraud businesses worldwide. government announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of a fraudulent scheme illicit scheme to defraud businesses worldwide.

IT

IT Government Access Security

Welcoming the German Government to Have I Been Pwned

Troy Hunt

MARCH 6, 2024

Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. This access now provides them with complete access to the exposure of their government domains in data breaches.

Government

Government Data breaches Cybersecurity Access

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Security Affairs

MARCH 27, 2020

The number of alerts decreased by 25% when compared to 2018, possible reasons for this drop could be the increased efficiency of defense measures implemented by Google, but we cannot underestimate the risk of an increased level of sophistication of the attacks that allowed nation-state actors to fly under the radar.

Phishing

Phishing Passwords Risk Personal data

Norway blames China-linked APT31 for 2018 government hack

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Webinars

Trending Sources

APT hacked a US municipal government via an unpatched Fortinet VPN

Webinars

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Pegasus Project – how governments use Pegasus spyware against journalists

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Taiwan Government faces 5 Million hacking attempts daily

Russian APT groups target European governments ahead of May Elections

US indicted 4 Russian government employees for attacks on critical infrastructure

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Russia-linked Turla APT hacked European government organization

Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Ransomware infected systems at state government of Louisiana

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

At least 23 Texas local governments targeted by coordinated ransomware attacks

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Croatia government agencies targeted with news SilentTrinity malware

Chinese APT FunnyDream targets a South East Asian government

Karkoff 2020: a new APT34 espionage operation involves Lebanon Government

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Chinese SharpPanda APT developed a new backdoor in the last 3 years

USCYBERCOM shares five new North Korea-linked malware samples

US Indicts 4 Chinese Nationals for Lengthy Hacking Campaign

India Calls for Stricter Actions Against Cybercriminals

APT32 state hackers target human rights defenders with spyware

Chinese national charged for hacking thousands of Sophos firewalls

China-linked APT41 breached Taiwanese research institute

Payment solutions giant Edenred announces malware infection

Hackers targeted the US Census Bureau network, DHS report warns

Czech intelligence report warns of Russian and Chinese activity in the country

Information of Air Canada employees exposed in recent cyberattack

Booter Boss Busted By Bacon Pizza Buy

North Korea-linked APT group BeagleBoyz targets banks

Hackers Were Inside Citrix for Five Months

Russia-linked threat actors targets critical infrastructure, US authorities warn

Hunting the ICEFOG APT group after years of silence

Computer systems in the City of Albany hit in Ransomware Attack

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide

Welcoming the German Government to Have I Been Pwned

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Stay Connected