2021, Military and Security - Information Management Today

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

Chief Information Security Officers were already on the hot seat well before the COVID-19 global pandemic hit, and they are even more so today. They must rally the troops to proactively engage, day-to-day, in the intricate and absolutely vital mission of preserving the security of IT assets, without stifling innovation.

Security

Security Cybersecurity Military Risk

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation. Some of those photos date back to 2008.

Military

Military IT Communications Risk

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Security Affairs

FEBRUARY 16, 2020

The amount requested for the Department of Defense in the “ DOD Releases Fiscal Year 2021 Budget Proposal ” is nearly the same one as last year for cyber operations that the US military will conduct in 2020. billion for fiscal year 2021 on cyber activities, while the previous budget was about $9.6 Pierluigi Paganini.

Artificial Intelligence

Artificial Intelligence Military Cybersecurity Risk

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. Ireland’s Health Service Executive (HSE), which operates the country’s public health system, got hit with Conti ransomware on May 14, 2021.

Ransomware

Ransomware Cybersecurity Phishing Security

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Security Affairs

FEBRUARY 25, 2022

In November 2021, Mandiant Threat Intelligence researchers linked the Ghostwriter disinformation campaign (aka UNC1151) to the government of Belarus. In August 2020, security experts from FireEye uncovered a disinformation campaign aimed at discrediting NATO by spreading fake news content on compromised news websites.

Military

Military Phishing CMS Government

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

APRIL 28, 2021

China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group mainly focuses on high-profile orgs, including government entities and military orgs. ” reads the report published by Bitdefender.

Military

Military Passwords Government Security

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

The Last Watchdog

JULY 5, 2022

The top reason, chosen from a proved list of ten, was ‘increased cyber security risks’, followed by the related concern, ‘new and/or increased data privacy regulations’. Cyber security keeps the C-suite up at night and perhaps that’s no surprise. Cyber security should also be viewed in a wider business context. Cyber in a silo?

Risk

Risk Military Marketing Data Privacy

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Cybersecurity Sales Blockchain

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

JULY 1, 2021

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. June’s figures bring the annual running total of security incidents to 729 and the total number of breached records to 3,947,030,094.

Data breaches

Data breaches Ransomware Computer and Electronics Retail

EU leaders aim at boosting defense and security, including cybersecurity

Security Affairs

FEBRUARY 28, 2021

During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. The EU leaders emphasized that they looked forward to cooperating with the new US administration on a strong and ambitious transatlantic agenda that included a close dialogue on security and defence.

Cybersecurity

Cybersecurity Security Military Risk

US Gov dismantled the Moobot botnet controlled by Russia-linked APT28

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Military

Military Government Access Cybersecurity

REvil ransomware gang hit US nuclear weapons contractor Sol Oriens

Security Affairs

JUNE 15, 2021

Sol Orien provides consultant services to the National Nuclear Security Administration (NNSA), it confirmed to have suffered a cyber attack via Twitter. Sol Oriens statement to us now: “In May 2021, Sol Oriens became aware of a cybersecurity incident that impacted our network environment.” states the company. Pierluigi Paganini.

Ransomware

Ransomware Military Personal data Cybersecurity

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Managing Cybersecurity in the Age of Artificial Intelligence Clearview AI Faces €30.5M

Security

Security Data breaches Artificial Intelligence Ransomware

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Hunton Privacy

AUGUST 2, 2021

Connecticut recently passed two cybersecurity laws that will become effective on October 1, 2021. On June 16, 2021, Connecticut Governor Ned Lamont signed HB 5310, An Act Concerning Data Privacy Breaches. On July 6, 2021, Governor Ned Lamont signed HB 6607, An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses.

Cybersecurity

Cybersecurity Insurance Military Data Privacy

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon , Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The group targeted government and military organizations in Ukraine. Pierluigi Paganini.

Military

Military Phishing File names Archiving

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild.

Authentication

Authentication Military Ransomware Manufacturing

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Also Read: Best Encryption Tools & Software for 2021. Raising awareness about ransomware is a baseline security measure. A ransomware attack is about as bad as a cyber attack can get.

Ransomware

Ransomware Encryption Insurance Cloud

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

Energy and Utilities

Energy and Utilities Military Government Phishing

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

Ukraine’s premier law enforcement and counterintelligence disclosed the real identities of five alleged members of the Russia-linked APT group Gamaredon (aka Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) that are suspected to be components of the Russian Federal Security Service (FSB). ” concludes the announcement.

Military

Military Metadata Government Passwords

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

The Microsoft Threat Intelligence Center (MSTIC) shared the results of their analysis on the evolution of Iran-linked threat actors at the CyberWarCon 2021. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

Ransomware

Ransomware Passwords Military Authentication

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

Russia-linked Nobelium APT group has breached at least 14 managed service providers (MSPs) and cloud service providers since May 2021. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

IT

IT Cloud Military Phishing

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

MAY 16, 2021

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. ” read the analysis published Cisco Talos. Pierluigi Paganini.

Military

Military IT Phishing Archiving

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs

DECEMBER 25, 2022

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 399 by Pierluigi Paganini appeared first on Security Affairs. The post Security Affairs newsletter Round 399 by Pierluigi Paganini appeared first on Security Affairs.

Security

Security Military Ransomware Encryption

Security Affairs newsletter Round 392

Security Affairs

NOVEMBER 6, 2022

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 392 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security

Security Ransomware Military Manufacturing

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

France National Agency for the Security of Information Systems warns that the Russia-linked APT28 group has breached several critical networks. The document provides details about the tactics, techniques and procedures (TTP) associated with threar actors since the second half of 2021. ” The script was hosted on “mocky[.]io,”

Military

Military Phishing Government Security

Flaws in DataVault encryption software impact multiple storage devices

Security Affairs

DECEMBER 30, 2021

Researcher Sylvain Pelissier has discovered that the DataVault encryption software made by ENC Security and used by multiple vendors is affected by a couple of key derivation function issues. ” The vulnerabilities have been tracked as CVE-2021-36750 and CVE-2021-36751. ” reads the security advisory published by ENC.

Encryption

Encryption Passwords Military Security

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Government Phishing Authentication

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Related: High-profile healthcare hacks in 2021. A data inventory allows you to focus the greatest security (and monitoring) where it needs to be. Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). These six areas will help improve your security program.

Passwords

Passwords Cybersecurity Education Phishing

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Security Affairs

APRIL 12, 2021

President Joe Biden has assigned to two former senior National Security Agency (NSA) officials key cyber roles in his administration. The first name was John Chris Inglis, who was nominated as the first-ever National Cyber Director, a role that was introduced by Congress in the Fiscal Year 2021. Pierluigi Paganini.

Military

Military Government Cybersecurity Security

ENC Security, the encryption provider for Sony and Lexar, leaked sensitive data for over a year

Security Affairs

NOVEMBER 30, 2022

CyberNews experts discovered that ENC Security, a Netherlands software company, had been leaking critical business data since May 2021. The software is developed by a third-party vendor – ENC Security. The data was accessible from 27 May 2021 up until 9 November 2022. SecurityAffairs – hacking, ENC Security).

Encryption

Encryption Security Phishing Sales

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

.” The Snatch ransomware was first spotted at the end of 2019, Sophos researchers discovered a piece of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions. HENSOLDT is a company specializing in military and defense electronics.

Ransomware

Ransomware Computer and Electronics Military Agriculture

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. ” reads the post published by Microsoft.

Military

Military Manufacturing Access Security

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Security Affairs

JUNE 25, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Military Ransomware Cybersecurity

Nobelium APT targets French orgs, French ANSSI agency warns

Security Affairs

DECEMBER 6, 2021

The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. Le CERT-FR vient de publier un rapport sur des campagnes d’hameçonnage du mode opératoire d’attaquants Nobelium contre des entités françaises menées depuis février 2021.

Phishing

Phishing Military Government Cybersecurity

Colonial Pipeline discloses data breach after May ransomware attack

Security Affairs

AUGUST 17, 2021

Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. On May 6, 2021, an unauthorized third party acquired certain records stored in our systems,” states the letter. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches

Data breaches Ransomware Military Insurance

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The researchers noticed that the attackers also commonly employed multiple known vulnerabilities, including CVE-2023-38831 in WinRAR or CVE-2021-40444 in Windows MSHTML.

Military

Military Government Access Phishing

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Data breaches Military Ransomware

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . TAG sent a above average batch of government-backed security warnings yesterday. — Shane Huntley (@ShaneHuntley) October 7, 2021. ” Huntley added. “At

Phishing

Phishing Military Government Security

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Security Affairs

MARCH 15, 2021

A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on vulnerable Microsoft Exchange servers. A security researcher has released a new proof-of-concept exploit that could be adapted to install web shells on Microsoft Exchange servers vulnerable ProxyLogon issues.

Military

Military Ransomware Manufacturing Security

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

eSecurity Planet

MARCH 7, 2022

A SaaS security company says a spike in cyber attacks from Russia and China in recent weeks suggests the two countries may be coordinating their cyber efforts. reported that hackers – some linked to Russian GRU military intelligence – breached computers at nearly two dozen U.S. SaaS Apps Under Attack.

Security

Security Risk Military Cybersecurity

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Cyber security department director Chien Hung-wei told parliament representatives that government infrastructure faces “five million attacks and scans a day” . On the other end, the Chinese government considers the island its territory and does not exclude its military occupation in the future. Pierluigi Paganini.

Government

Government Military Information Security Security

NK-linked InkySquid APT leverages IE exploits in recent attacks

Security Affairs

AUGUST 18, 2021

APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. The watering hole attacks on the Daily NK was conducted from March 2021 until early June 2021. ” reads the post published by Volexity. com to malicious subdomains of jquery[.]services.

Metadata

Metadata Military Archiving Cybersecurity

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

From Cybercrime Saul Goodman to the Russian GRU

Trending Sources

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Inside Ireland’s Public Healthcare Ransomware Scare

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

New Leak Shows Business Side of China’s APT Menace

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

EU leaders aim at boosting defense and security, including cybersecurity

US Gov dismantled the Moobot botnet controlled by Russia-linked APT28

REvil ransomware gang hit US nuclear weapons contractor Sol Oriens

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Ransomware Protection in 2021

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Iran-linked APT groups continue to evolve

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Pakistan-linked Transparent Tribe APT expands its arsenal

The Netherlands declares war on ransomware operations

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs newsletter Round 392

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Flaws in DataVault encryption software impact multiple storage devices

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

ENC Security, the encryption provider for Sony and Lexar, leaked sensitive data for over a year

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Nobelium APT targets French orgs, French ANSSI agency warns

Colonial Pipeline discloses data breach after May ransomware attack

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs newsletter Round 404 by Pierluigi Paganini

Google warns of APT28 attack attempts against 14,000 Gmail users

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

Taiwan Government faces 5 Million hacking attempts daily

NK-linked InkySquid APT leverages IE exploits in recent attacks

Stay Connected