2018, Government and Military - Information Management Today

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Russian military plans to replace Windows with Astra Linux

Security Affairs

MAY 31, 2019

Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux. intelligence agencies.

Military

Military Government Manufacturing Data Privacy

Machete cyber-espionage group targets Latin America military

Security Affairs

AUGUST 5, 2019

Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. ” reads the analysis from ESET. .”

Military

Military Archiving Security Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Chinese hackers have gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. Pierluigi Paganini.

Government

Government Military IT Access

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. SecurityAffairs – hacking, Taiwan Government).

Government

Government Military Information Security Security

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Pierluigi Paganini.

Government

Government Military Phishing Access

At least 23 Texas local governments targeted by coordinated ransomware attacks

Security Affairs

AUGUST 18, 2019

At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. ” reads a statement published by the DIT. ” continues the DIR.

Ransomware

Ransomware Government Military Security

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Security Affairs

FEBRUARY 20, 2020

Britain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. ” said the Foreign Secretary Dominic Raab.

Military

Military IT Government Encryption

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

APT28 group return to covert intelligence gathering ops in Europe and South America.

Security Affairs

OCTOBER 7, 2018

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to experts from Symantec, the group is now actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Military

Military Government Phishing Security

MIVD Dutch intelligence warns of Russian, Chinese cyber espionage

Security Affairs

MAY 1, 2019

The Military Intelligence and Security Service (MIVD) warn of “worrying” cyber espionage activities carried out by Russia and China. The Military Intelligence and Security Service (MIVD) warn of “worrying” cyber espionage activities carried out by Russia and China.

Military

Military Security Government IT

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

FEBRUARY 20, 2019

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” reads the post published by Microsoft.

Military

Military Phishing Government Security

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Security Affairs

JUNE 26, 2022

Department of Justice brought charges against four Russian nationals suspected of using TRITON malware in cyber attacks on behalf of the Russian government between 2012 and 2018. ” reported the American Military News website. ” continues the American Military News website. Pierluigi Paganini.

Military

Military Cloud Government Security

EU has imposed sanctions on foreign actors for the first time ever

Security Affairs

JULY 31, 2020

The Council of the European Union announced sanctions imposed on a Russia-linked military espionage unit, as well as companies operating for Chinese and North Korean threat actors that launched cyber-attacks against the EU and its member states. ” states the Council of the European Union.” ” conclude the EU.

Military

Military Cloud Government Phishing

New Charges Derail COVID Release for Hacker Who Aided ISIS

Krebs on Security

JANUARY 19, 2021

military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020.

Military

Military Government Passwords Personal data

Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months

Security Affairs

AUGUST 23, 2020

The Transparent Tribe cyber-espionage group continues to improve its arsenal while targets Military and Government entities. The Transparent Tribe APT group is carrying out an ongoing cyberespionage campaign aimed at military and diplomatic targets worldwide. ” reads the analysis published by Kaspersky.

Military

Military Phishing Passwords Access

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. The China-linked APT group Thrip is continuing to target entities in Southeast Asia even after its activity was uncovered by Symantec.

Military

Military Communications Government Education

Microsoft says Russian hackers continue targeting 2018 midterm elections

Security Affairs

AUGUST 21, 2018

Microsoft has spotted a new hacking campaign targeting 2018 midterm elections, the experts attributed the attacks to Russia-linked APT28 group. Microsoft has spotted a new hacking campaign targeting 2018 midterm elections. Securi ty Affairs – APT28, 2018 midterm elections). Pierluigi Paganini.

Military

Military Education Phishing Authentication

Russia-linked APT breached the network of Dutch police in 2017

Security Affairs

JUNE 10, 2021

The intrusion was uncovered by the Dutch intelligence service AIVD, the government experts discovered that a Dutch police IP address was connecting to servers operated by Russia-linked APT. The group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Military

Military Government Ransomware Security

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Since at least 2018, they used SilentGh0st, TranslucentGh0st, and three variants of the.NET agent SharpJSHandler supported by Ps2dllLoader.

Archiving

Archiving Military Communications Phishing

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Security Affairs

OCTOBER 6, 2019

Affected sectors include government, military, academic, business and healthcare,”. The CVE-2018-13379 flaw could be exploited to obtain administrator credentials in plain text. APT groups also exploit CVE-2018-13382, CVE-2018-13383, and CVE-2019-1579, in Palo Alto Networks products.

Military

Military Data breaches Security Government

Sweden blames Russia for Swedish Sports Confederation hack

Security Affairs

APRIL 13, 2021

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. In the same period, Russia-linked hackers working for the military intelligence service GRU targeted other prominent sporting bodies, including World Anti-Doping Agency (WADA) and FIFA.

Military

Military Government Security IT

Crypto AG was spied for US, German intelligence agencies for decades

Security Affairs

FEBRUARY 12, 2020

The list of Crypto’s customers included Iran, India and Pakistan, military juntas in Latin America and the Vatican. Crypto was liquidated in 2018, but its products are still in use in more than a dozen countries. The company was completely under the control of the spy agencies since 1970. That’s not credible,” he said.

Military

Military Communications Encryption Government

The U.S. FCC considers Huawei and ZTE as national security threats

Security Affairs

JULY 1, 2020

Last week China accused the US government of “oppressing Chinese companies” after U.S. The Federal Communications Commission blocked the Chinese companies from receiving subsidies from a government fund. “We organizations from using government Universal Service Fund for acquiring equipment or services provided by the Chinese firms.

Communications

Communications Security Government Military

Hunting the ICEFOG APT group after years of silence

Security Affairs

JUNE 8, 2019

The cyber mercenaries were recruited by governments and private companies, it was composed of highly skilled hackers able to conduct sophisticated attacks. Military contractors, shipbuilders, satellite operators, high-tech companies ) in Japan and South Korea. Some samples for both variants have been compiled between 2014 and 2019.

Agriculture

Agriculture Government Military Communications

Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Security Affairs

OCTOBER 4, 2024

government and nonprofits. Intelligence Community, Department of Defense, Department of State, Department of Energy, and military defense contractors. The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials.

Phishing

Phishing Military Government IT

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. According to local media, US federal prosecutors believe that North Korea’s government considers cryptocurrency a long-term investment and it is amassing crypto funds through illegal activities. ” reported the AP agency.

Military

Military Government Ransomware Security

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Security Affairs

OCTOBER 9, 2019

The UK agency reported that APT groups target several vulnerabilities, including CVE-2019-11510 and CVE-2019-11539 in Pulse Secure VPN solutions, and CVE-2018-13379 , The CVE-2018-13379 is a path traversal vulnerability in the FortiOS SSL VPN web portal that could be exploited by an unauthenticated attacker to download FortiOS system files.

Military

Military Security Access Government

Teheran: U.S. has started ‘Cyber War’ against Iran

Security Affairs

OCTOBER 1, 2019

Iran ’s Passive Defense Organization chief Gholamreza Jalali declared that the US government has started its cyber war against the country. Jalali is an Islamic Revolution Guard Corps (IRGC) brigadier general, in November 2018 he announced that government experts have uncovered and neutralized a new strain of Stuxnet.

Military

Military Government IT Security

Recently Cloud Atlas used a new piece of polymorphic malware

Security Affairs

AUGUST 12, 2019

Cloud Atlas threat actors used a new piece of polymorphic malware in recent attacks against government organizations. The Cloud Atlas cyberespionage group, aka Inception, continues to carry out attacks against government organizations and was observed using a new piece of polymorphic malware dubbed VBShower.

Cloud

Cloud Phishing Government Military

Australia banned Huawei from 5G network due to security concerns

Security Affairs

AUGUST 25, 2018

The Australian government considers risky the involvement of Huawei for the rolling out of next-generation 5G communication networks. — Huawei Australia (@HuaweiOZ) August 22, 2018. The Chinese firm denies having shared Australian customer data with the Chinese intelligence, but it is not enough for the Australian Government.

Security

Security Military Manufacturing Retail

U.S. Charges Russia GRU Intelligence Officers for notorious attacks, including NotPetya

Security Affairs

OCTOBER 20, 2020

Department of Justice announced charges against six members of Russia’s GRU military intelligence agency for their alleged role in several major cyberattacks conducted over the past years. The crimes committed by Russian government officials were against real victims who suffered real harm.

Military

Military Government Risk Access

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Zebrocy is mainly used against governments and commercial organizations engaged in foreign affairs.

Phishing

Phishing Healthcare Military Data collection

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Security Affairs

DECEMBER 3, 2018

The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. In September 2018, security experts from ESET spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild.

Military

Military Government Security IT

Russia-linked InvisiMole APT targets state organizations of Ukraine

Security Affairs

MARCH 21, 2022

The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. In past campaigns, the group targeted a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe.

Phishing

Phishing Military Archiving Government

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. While 2017 was the year of WannaCry , NotPetya , and BadRabbit ransomware epidemics, 2018 revealed a lack of preparedness for side-channel attacks and threats related to microprocessor vulnerabilities.

IT

IT Military Cybersecurity Phishing

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

Security Affairs

DECEMBER 1, 2022

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016.

Military

Military Cloud Communications Access

US DoJ charges three members of the North Korea-linked Lazarus APT group

Security Affairs

FEBRUARY 17, 2021

Justice Department indicted three North Korean military intelligence officials, members of the Lazarus APT group, for their involvement in cyber-attacks, including the theft of $1.3 In 2018, the U.S. government as “ FASTCash ” – including the October 2018 theft of $6.1 ” reads the press release published by the DoJ.

Blockchain

Blockchain Ransomware Military Phishing

U.S. Trades Cybercriminals to Russia in Prisoner Swap

Krebs on Security

AUGUST 1, 2024

Klyushin is the owner of M-13 , a Russian technology company that contracts with the Russian government. government says four of Klyushin’s alleged co-conspirators remain at large, including Ivan Ermakov , who was among 12 Russians charged in 2018 with hacking into key Democratic Party email accounts. countries.

Military

Military Ransomware Government IT

Kaspersky links GreyEnergy and Zebrocy activities

Security Affairs

JANUARY 24, 2019

Zebrocy’s targets are widely spread across the Middle East, Europe and Asia and the targets’ profiles are mostly government-related.” The Zebrocy malware was used by Russia-linked APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ), that operates under the Russian military agency GRU.

Military

Military Phishing Government Security

UK and US expose Russia Callisto Group’s activity and sanction members

Security Affairs

DECEMBER 7, 2023

The Callisto APT group (aka “ Seaborgium “, “Star Blizzard”, “ ColdRiver” , “TA446”) targeted government officials, military personnel, journalists and think tanks since at least 2015. The nation-state actor is carrying out spear-phishing attacks for cyberespionage purposes.

Phishing

Phishing Government Military Cloud

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

According to the firm, the US cyber spies are targeting various industry sectors and government agencies. The Qihoo 360 experts claim that a CIA hacking unit tracked as APT-C-39 has hacked organizations in the aviation, scientific research, oil, technology industries, it also targeted government agencies.

Military

Military Government Security IT

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

“In the early part of 2021, PHOSPHORUS actors scanned millions of IPs on the internet for Fortinet FortiOS SSL VPN that were vulnerable to CVE-2018-13379. This vulnerability allowed the attackers to collect clear-text credentials from the sessions file on vulnerable Fortinet VPN appliances.”

Ransomware

Ransomware Passwords Military Authentication

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The hackers don’t appear to be financially motivated due to the nature of targeted entities and TTPs of the group.

Communications

Communications Encryption Military Government

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Russian military plans to replace Windows with Astra Linux

Webinars

Trending Sources

Machete cyber-espionage group targets Latin America military

Webinars

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Taiwan Government faces 5 Million hacking attempts daily

Russian APT groups target European governments ahead of May Elections

At least 23 Texas local governments targeted by coordinated ransomware attacks

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

US indicted 4 Russian government employees for attacks on critical infrastructure

APT28 group return to covert intelligence gathering ops in Europe and South America.

MIVD Dutch intelligence warns of Russian, Chinese cyber espionage

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

EU has imposed sanctions on foreign actors for the first time ever

New Charges Derail COVID Release for Hacker Who Aided ISIS

Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Microsoft says Russian hackers continue targeting 2018 midterm elections

Russia-linked APT breached the network of Dutch police in 2017

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Sweden blames Russia for Swedish Sports Confederation hack

Crypto AG was spied for US, German intelligence agencies for decades

The U.S. FCC considers Huawei and ZTE as national security threats

Hunting the ICEFOG APT group after years of silence

Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

North Korea-linked hackers stole $626 million in virtual assets in 2022

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Teheran: U.S. has started ‘Cyber War’ against Iran

Recently Cloud Atlas used a new piece of polymorphic malware

Australia banned Huawei from 5G network due to security concerns

U.S. Charges Russia GRU Intelligence Officers for notorious attacks, including NotPetya

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Russia-linked InvisiMole APT targets state organizations of Ukraine

Group-IB presents its annual report on global threats to stability in cyberspace

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

US DoJ charges three members of the North Korea-linked Lazarus APT group

U.S. Trades Cybercriminals to Russia in Prisoner Swap

Kaspersky links GreyEnergy and Zebrocy activities

UK and US expose Russia Callisto Group’s activity and sanction members

CIA Hacking unit APT-C-39 hit China since 2008

Iran-linked APT groups continue to evolve

Platinum APT and leverages steganography to hide C2 communications

Stay Connected