Security Affairs

APRIL 28, 2021

China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group mainly focuses on high-profile orgs, including government entities and military orgs. ” reads the report published by Bitdefender.

Military 108

Military Passwords Government Security 108

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Military 141

Military Government Access Cybersecurity 141

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities 125

Energy and Utilities Government Cybersecurity Military 125

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities 139

Energy and Utilities Military Government Phishing 139

IT Governance

JULY 1, 2021

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. If you find yourself facing a cyber security disaster, IT Governance is here to help. The post List of data breaches and cyber attacks in June 2021 – 9.8 Data breaches. million drivers’ details (3.3

Data breaches 129

Data breaches Ransomware Computer and Electronics Retail 129

Security Affairs

APRIL 5, 2022

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. The messages use the HTML-file “War criminals of the Russian Federation.htm” as attachment.

Military 142

Military Phishing File names Archiving 142

Security Affairs

FEBRUARY 4, 2022

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government 102

Government Military Phishing Information Security 102

Security Affairs

NOVEMBER 5, 2021

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement.

Military 143

Military Metadata Government Passwords 143

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The Government experts pointed out that in some cases the group did not deployed any backdoor in the compromised systems.

Military 140

Military Government Phishing Authentication 140

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware 143

Ransomware Military Government Security 143

Hunton Privacy

AUGUST 2, 2021

Connecticut recently passed two cybersecurity laws that will become effective on October 1, 2021. On June 16, 2021, Connecticut Governor Ned Lamont signed HB 5310, An Act Concerning Data Privacy Breaches. On July 6, 2021, Governor Ned Lamont signed HB 6607, An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses.

Cybersecurity 87

Cybersecurity Insurance Military Data Privacy 87

Security Affairs

OCTOBER 25, 2021

Russia-linked Nobelium APT group has breached at least 14 managed service providers (MSPs) and cloud service providers since May 2021. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

IT 136

IT Cloud Military Phishing 136

eSecurity Planet

FEBRUARY 16, 2021

Also Read: Best Encryption Tools & Software for 2021. We also look into the most dangerous strains today and predictions for 2021. Only 38% of state and local government employees are trained for ransomware prevention, and only 29% of small businesses have experience with ransomware ( IBM ). Screenshot example. Statistics.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The researchers noticed that the attackers also commonly employed multiple known vulnerabilities, including CVE-2023-38831 in WinRAR or CVE-2021-40444 in Windows MSHTML.

Military 136

Military Government Access Phishing 136

Security Affairs

APRIL 12, 2021

The first name was John Chris Inglis, who was nominated as the first-ever National Cyber Director, a role that was introduced by Congress in the Fiscal Year 2021. Inglis retired from NSA in 2014 where he served the US government for 28 years, since 2013 as the agency’s deputy director. I’m proud of what we are building across the U.S.

Military 125

Military Government Cybersecurity Security 125

Security Affairs

OCTOBER 8, 2021

Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . TAG sent a above average batch of government-backed security warnings yesterday. So why do we do these government warnings then? ” Huntley added. “At

Phishing 116

Phishing Military Government Security 116

Security Affairs

OCTOBER 27, 2023

The French National Agency for the Security of Information Systems ANSSI (Agence Nationale de la sécurité des systèmes d’information) warns that the Russia-linked APT28 group has been targeting multiple French organizations, including government entities, businesses, universities, and research institutes and think tanks.

Military 143

Military Phishing Government Security 143

Security Affairs

MARCH 12, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. 2/5 — ESET research (@ESETresearch) March 2, 2021.

Authentication 145

Authentication Military Ransomware Manufacturing 145

Security Affairs

NOVEMBER 17, 2021

The Microsoft Threat Intelligence Center (MSTIC) shared the results of their analysis on the evolution of Iran-linked threat actors at the CyberWarCon 2021. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

Ransomware 140

Ransomware Passwords Military Authentication 140

Security Affairs

JANUARY 4, 2021

A British court has rejected the request of the US government to extradite Wikileaks founder Julian Assange to the country. link] — Freedom of the Press (@FreedomofPress) January 4, 2021. government will likely appeal the decision. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010.

Military 144

Military Government Risk Passwords 144

Security Affairs

NOVEMBER 16, 2021

Security researchers at the Mandiant Threat Intelligence team believe that Ghostwriter APT group is linked to the government of Belarus. Mandiant Threat Intelligence researchers believe that the Ghostwriter disinformation campaign (aka UNC1151) was linked to the government of Belarus. ” reads the report published by Mandiant.

Military 129

Military CMS Government Security 129

Security Affairs

DECEMBER 6, 2021

The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. Le CERT-FR vient de publier un rapport sur des campagnes d’hameçonnage du mode opératoire d’attaquants Nobelium contre des entités françaises menées depuis février 2021.

Phishing 121

Phishing Military Government Cybersecurity 121

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. Try2Check’s login pages have been replaced with a seizure notice from U.S. law enforcement.

Marketing 275

Marketing Passwords Government Military 275

Security Affairs

AUGUST 17, 2021

Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. On May 6, 2021, an unauthorized third party acquired certain records stored in our systems,” states the letter.

Data breaches 121

Data breaches Ransomware Military Insurance 121

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to CERT-UA, this campaign targeted more than 40 Ukrainian organizations, including government entities.

Military 98

Military Phishing Government Communications 98

IT Governance

MAY 4, 2021

million) Wyoming Department of Health leaking data online (164,021) Maine government website displayed mental health patients’ confidential information (unknown) Israel: Private patient cases of deceased psychologist found on the street (unknown) Contact tracing data breach exposes health information of Pennsylvanians (72,000).

Data breaches 114

Data breaches Ransomware Computer and Electronics Healthcare 114

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The campaign observed in July 2021 was linked to the Belarus-linked APT group Ghostwriter (aka TA445 or UNC1151 ). net) that appears to belong to a compromised Ukranian armed service member.”

Phishing 98

Phishing Military Government Communications 98

Security Affairs

MAY 28, 2021

The campaign monitored by Microsoft was uncovered in January 2021 and evolved over time, the researchers observed a series of waves demonstrating significant experimentation. If the target is an Apple iOS device, the user was redirected to another server under NOBELIUM control, that attempts to trigger the CVE-2021-1879 flaw.

Phishing 118

Phishing Military Government IT 118

Security Affairs

OCTOBER 14, 2021

Google announced to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021. The data were provided by Google’s Threat Analysis Group (TAG), which tracks government-backed hacking campaign, which warns of a significant increase in the number of the alert compared to the previous year.

Phishing 98

Phishing Military Government Security 98

Security Affairs

AUGUST 18, 2021

APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. The watering hole attacks on the Daily NK was conducted from March 2021 until early June 2021. ” reads the post published by Volexity. com to malicious subdomains of jquery[.]services.

Metadata 128

Metadata Military Archiving Cybersecurity 128

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities 141

Energy and Utilities Communications Military Manufacturing 141

Security Affairs

OCTOBER 25, 2023

The Winter Vivern group was first analyzed in 2021, it has been active since at least 2020 and it targets governments in Europe and Central Asia. Previously, it was using known vulnerabilities in Roundcube and Zimbra, for which proofs of concept are available online,” ESET concludes.

Military 139

Military Government Phishing IT 139

Security Affairs

FEBRUARY 6, 2022

Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Military 98

Military Phishing Government Security 98

Security Affairs

MARCH 16, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild.

Military 133

Military Manufacturing Access Security 133

Security Affairs

AUGUST 25, 2022

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. The experts found multiple similarities with the FoggyWeb malware that was detailed by Microsoft in September 2021.

Authentication 140

Authentication Military Access Government 140

Security Affairs

MARCH 15, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Well, I'll say that the ProxyLogon Exchange CVE-2021-26855 Exploit is completely out of the bag by now. pic.twitter.com/ijOGx3BIif — Will Dormann (@wdormann) March 13, 2021.

Military 134

Military Ransomware Manufacturing Security 134

Security Affairs

SEPTEMBER 28, 2021

“Use of FoggyWeb has been observed in the wild as early as April 2021.” Researchers spotted the use of FoggyWeb since early April 2021. ” reads the analysis published by Microsoft. ” The attackers use the version.dll DLL to load FoggyWeb which is stored in the encrypted file Windows.Data.TimeZones.zh-PH.pri.

Encryption 116

Encryption Military Government Access 116