2021 and Military - Information Management Today

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation. Some of those photos date back to 2008.

Military

Military IT Communications Risk

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Security Affairs

FEBRUARY 16, 2020

The amount requested for the Department of Defense in the “ DOD Releases Fiscal Year 2021 Budget Proposal ” is nearly the same one as last year for cyber operations that the US military will conduct in 2020. billion for fiscal year 2021 on cyber activities, while the previous budget was about $9.6 Pierluigi Paganini.

Artificial Intelligence

Artificial Intelligence Military Cybersecurity Risk

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Security Affairs

FEBRUARY 25, 2022

In November 2021, Mandiant Threat Intelligence researchers linked the Ghostwriter disinformation campaign (aka UNC1151) to the government of Belarus. The post Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing appeared first on Security Affairs. It is for you for your past, the future and the future.

Military

Military Phishing CMS Government

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

APRIL 28, 2021

China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group mainly focuses on high-profile orgs, including government entities and military orgs. ” reads the report published by Bitdefender.

Military

Military Passwords Government Security

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. Ireland’s Health Service Executive (HSE), which operates the country’s public health system, got hit with Conti ransomware on May 14, 2021.

Ransomware

Ransomware Cybersecurity Phishing Security

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

JULY 1, 2021

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. The post List of data breaches and cyber attacks in June 2021 – 9.8 But don’t be fooled by that number – it comes from 106 incidents, which is roughly average for the year. Data breaches. million drivers’ details (3.3

Data breaches

Data breaches Ransomware Computer and Electronics Retail

US Gov dismantled the Moobot botnet controlled by Russia-linked APT28

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Military

Military Government Access Cybersecurity

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

The Last Watchdog

JULY 5, 2022

However, in our research, Investing in Cyber Resilience (2021) we found that only 49 percent of companies have a fully implemented and rolled out cyber security strategy, indicating pervasive barriers to cyber strategy adoption. And who is creating and driving the cyber strategy?

Risk

Risk Military Marketing Data Privacy

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Hunton Privacy

AUGUST 2, 2021

Connecticut recently passed two cybersecurity laws that will become effective on October 1, 2021. On June 16, 2021, Connecticut Governor Ned Lamont signed HB 5310, An Act Concerning Data Privacy Breaches. On July 6, 2021, Governor Ned Lamont signed HB 6607, An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses.

Cybersecurity

Cybersecurity Insurance Military Data Privacy

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

Also Read: Best Encryption Tools & Software for 2021. We also look into the most dangerous strains today and predictions for 2021. Others go further in estimating ransomware will cost as much as $6 trillion per year starting in 2021 ( Cybersecurity Ventures ). Also Read: Top Threat Intelligence Platforms for 2021.

Ransomware

Ransomware Encryption Insurance Cloud

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Cybersecurity Sales Blockchain

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

REvil ransomware gang hit US nuclear weapons contractor Sol Oriens

Security Affairs

JUNE 15, 2021

Sol Oriens statement to us now: “In May 2021, Sol Oriens became aware of a cybersecurity incident that impacted our network environment.” H/t @mcwellons — Eamon Javers (@EamonJavers) June 10, 2021. The ransomware gang threatened to leak relevant documentation and data belonging to military agencies.

Ransomware

Ransomware Military Personal data Cybersecurity

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

MAY 16, 2021

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. ” read the analysis published Cisco Talos.

Military

Military IT Phishing Archiving

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. 2/5 — ESET research (@ESETresearch) March 2, 2021.

Authentication

Authentication Military Ransomware Manufacturing

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013.

Military

Military Phishing File names Archiving

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

The Microsoft Threat Intelligence Center (MSTIC) shared the results of their analysis on the evolution of Iran-linked threat actors at the CyberWarCon 2021. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

Ransomware

Ransomware Passwords Military Authentication

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. In the period 2017-2021 this group implemented the most numerous cyberintelligence actions on various vectors of public administration.

Military

Military Metadata Government Passwords

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

If you look at the military model, the military is constantly training. million cybersecurity jobs are projected to be available, but unfilled, by 2021, according to a widely cited report from Cybersecurity Ventures. When it comes to skilled cybersecurity analysts and technicians, there are far too few of them.

Security

Security Cybersecurity Military Risk

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

Russia-linked Nobelium APT group has breached at least 14 managed service providers (MSPs) and cloud service providers since May 2021. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

IT

IT Cloud Military Phishing

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Government Phishing Authentication

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

“Since mid-2021, Snatch threat actors have consistently evolved their tactics to take advantage of current trends in the cybercriminal space and leveraged successes of other ransomware variants’ operations. .” HENSOLDT is a company specializing in military and defense electronics.

Ransomware

Ransomware Computer and Electronics Military Agriculture

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

The document provides details about the tactics, techniques and procedures (TTP) associated with threar actors since the second half of 2021. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Phishing Government Security

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The researchers noticed that the attackers also commonly employed multiple known vulnerabilities, including CVE-2023-38831 in WinRAR or CVE-2021-40444 in Windows MSHTML.

Military

Military Government Access Phishing

Flaws in DataVault encryption software impact multiple storage devices

Security Affairs

DECEMBER 30, 2021

DataVault is an advanced encryption software to protect user data, it provides comprehensive military grade data protection and security features to multiple systems. ” The vulnerabilities have been tracked as CVE-2021-36750 and CVE-2021-36751. Multiple vendors, including WD, Sony and Lexar use the DataVault software.

Encryption

Encryption Passwords Military Security

Colonial Pipeline discloses data breach after May ransomware attack

Security Affairs

AUGUST 17, 2021

Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. On May 6, 2021, an unauthorized third party acquired certain records stored in our systems,” states the letter.

Data breaches

Data breaches Ransomware Military Insurance

Nobelium APT targets French orgs, French ANSSI agency warns

Security Affairs

DECEMBER 6, 2021

The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. Le CERT-FR vient de publier un rapport sur des campagnes d’hameçonnage du mode opératoire d’attaquants Nobelium contre des entités françaises menées depuis février 2021.

Phishing

Phishing Military Government Cybersecurity

List of data breaches and cyber attacks in April 2021 – 1 billion records breached

IT Governance

MAY 4, 2021

The post List of data breaches and cyber attacks in April 2021 – 1 billion records breached appeared first on IT Governance UK Blog. They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible. Find out more.

Data breaches

Data breaches Ransomware Computer and Electronics Healthcare

RSAC Fireside Chat: Dispersive adapts WWII radio-signal masking tool to obfuscating network traffic

The Last Watchdog

MAY 28, 2024

military scattered radio-signals and added noise to radio transmissions — to prevent the jamming of torpedo controls. Dispersive launched in 2021 to adapt these same concepts to protecting sensitive network transmissions in a highly dynamic environment. For historical context, the U.S.

Military

Military Encryption Communications Cloud

NK-linked InkySquid APT leverages IE exploits in recent attacks

Security Affairs

AUGUST 18, 2021

APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. The watering hole attacks on the Daily NK was conducted from March 2021 until early June 2021. ” reads the post published by Volexity. com to malicious subdomains of jquery[.]services.

Metadata

Metadata Military Archiving Cybersecurity

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The Recorded Future’s Insikt Group believes that the campaign has been active since November 2021.

Military

Military Phishing Government Communications

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Security Affairs

APRIL 12, 2021

The first name was John Chris Inglis, who was nominated as the first-ever National Cyber Director, a role that was introduced by Congress in the Fiscal Year 2021. Easterly has worked in the cybersecurity division at Morgan Stanley for the past four years, she has served 14 years in government and military service.

Military

Military Cybersecurity Government Security

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Some info for people who got the warning and a reminder what it means: [link] and also in this — Shane Huntley (@ShaneHuntley) October 7, 2021. — Shane Huntley (@ShaneHuntley) October 7, 2021. TAG sent a above average batch of government-backed security warnings yesterday.

Phishing

Phishing Military Government Security

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

Experts found similarities between the infection chain associated with this campaign, tracked as Asylum Ambuscade, and other attacks Proofpoint observed in July 2021, a circumstance that suggests they were conducted by the same threat actor. net) that appears to belong to a compromised Ukranian armed service member.”

Phishing

Phishing Military Government Communications

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild.

Military

Military Manufacturing Access Security

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

On the other end, the Chinese government considers the island its territory and does not exclude its military occupation in the future. billion “anomalies” from 2019 to August 2021, according to the report shared by Taiwan’s defence ministry. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Government

Government Military Information Security Security

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Security Affairs

MARCH 15, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Well, I'll say that the ProxyLogon Exchange CVE-2021-26855 Exploit is completely out of the bag by now. pic.twitter.com/ijOGx3BIif — Will Dormann (@wdormann) March 13, 2021.

Military

Military Ransomware Manufacturing Security

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

[link] — Freedom of the Press (@FreedomofPress) January 4, 2021. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. Let’s close with the comment of the NSA whistleblower Edward Snowden : Holy s**t [link] — Edward Snowden (@Snowden) January 4, 2021. Of course, the U.S.

Military

Military Government Risk Passwords

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Security Affairs

MAY 28, 2021

The campaign monitored by Microsoft was uncovered in January 2021 and evolved over time, the researchers observed a series of waves demonstrating significant experimentation. If the target is an Apple iOS device, the user was redirected to another server under NOBELIUM control, that attempts to trigger the CVE-2021-1879 flaw.

Phishing

Phishing Military Government IT

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

OCTOBER 14, 2021

Google announced to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021. “So far in 2021, we’ve sent over 50,000 warnings, a nearly 33% increase from this time in 2020. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing

Phishing Military Government Security

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. agencies fear the possibility that these actors could gain access to the networks of critical infrastructure to cause disruptive effects in the event of potential geopolitical tensions and/or military conflicts.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

EU leaders aim at boosting defense and security, including cybersecurity

Security Affairs

FEBRUARY 28, 2021

During the recent video conference of the members of the European Council (25-26 February 2021), NATO chief Jens Stoltenberg highlighted the importance to define a strategy to boost defense and security. “The EU efforts are going hand in hand with the military efforts across the continent,” said Stoltenberg.

Cybersecurity

Cybersecurity Security Military Risk

From Cybercrime Saul Goodman to the Russian GRU

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Trending Sources

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Inside Ireland’s Public Healthcare Ransomware Scare

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

US Gov dismantled the Moobot botnet controlled by Russia-linked APT28

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Ransomware Protection in 2021

New Leak Shows Business Side of China’s APT Menace

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

REvil ransomware gang hit US nuclear weapons contractor Sol Oriens

Pakistan-linked Transparent Tribe APT expands its arsenal

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Iran-linked APT groups continue to evolve

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

The Netherlands declares war on ransomware operations

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Flaws in DataVault encryption software impact multiple storage devices

Colonial Pipeline discloses data breach after May ransomware attack

Nobelium APT targets French orgs, French ANSSI agency warns

List of data breaches and cyber attacks in April 2021 – 1 billion records breached

RSAC Fireside Chat: Dispersive adapts WWII radio-signal masking tool to obfuscating network traffic

NK-linked InkySquid APT leverages IE exploits in recent attacks

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Google warns of APT28 attack attempts against 14,000 Gmail users

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Taiwan Government faces 5 Million hacking attempts daily

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

British Court rejects the US’s request to extradite Julian Assange

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

EU leaders aim at boosting defense and security, including cybersecurity

Stay Connected