Security Affairs

MARCH 10, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 321

Security Data breaches Military Ransomware 321

Security Affairs

FEBRUARY 23, 2025

Every week the best security articles from Security Affairs are free in your email box. Military & Defense Sector: A Cybersecurity Disaster in the Making Analyzing ELF/Sshdinjector.A!tr A new round of the weekly SecurityAffairs newsletter arrived! Lazarus APT stole $1.5B

Security 168

Security CMS Phishing Encryption 168

Security Affairs

SEPTEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. Quishing, an insidious threat to electric car owners Google fixed actively exploited Android flaw CVE-2024-32896 Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them!

Security 309

Security Data breaches Artificial Intelligence Ransomware 309

Security Affairs

SEPTEMBER 14, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 310

Security Data breaches Computer and Electronics Ransomware 310

Security Affairs

MAY 12, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 292

Data breaches Security Military Ransomware 292

Security Affairs

MARCH 24, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

Security 316

Security Passwords Military Marketing 316

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. x and Ivanti Policy Secure. The second flaw, tracked as CVE-2024-21887 (CVSS score 9.1) is a command injection vulnerability in web components of Ivanti Connect Secure (9.x,

Security 323

Security Authentication Military Government 323

Security Affairs

OCTOBER 1, 2024

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. Diehl Defence GmbH & Co.

Military 338

Military Manufacturing Phishing Information Security 338

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. x and Ivanti Policy Secure. The second flaw, tracked as CVE-2024-21887 (CVSS score 9.1) is a command injection vulnerability in web components of Ivanti Connect Secure (9.x,

Authentication 322

Authentication Military Security Communications 322

Security Affairs

AUGUST 3, 2024

The campaign began around March 2024, the attackers leveraged phishing tactics that have been effective against diplomats for years, exploiting themes that prompt targets to engage with malicious content. The experts attribute the March 2024 campaign to Fighting Ursa with a medium to high level of confidence.

Sales 339

Sales Phishing Military Archiving 339

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The security firm did not provide details about the attacks exploiting this vulnerability. Version Affected Solution FortiOS 7.6 Not affected Not Applicable FortiOS 7.4 through 7.4.2

Military 333

Military Government Security IT 333

Security Affairs

FEBRUARY 13, 2024

Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally. It’s perhaps the election year.”

Military 338

Military Passwords Government IT 338

Security Affairs

AUGUST 27, 2024

China-linked APT Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717 , in Versa Director, to deploy a custom webshell on breached networks. Versa Director servers between June 12 and mid-July 2024. ISP on June 12, 2024. Black Lotus Labs detected unusual traffic indicating the exploitation of several U.S.

Energy and Utilities 328

Energy and Utilities Communications Authentication Access 328

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Military 344

Military Government Access Cybersecurity 344

Security Affairs

AUGUST 6, 2024

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. In January 2024, the Kimsuky APT group was spotted distributing malware through the website of a construction industry association in South Korea. ” reads the advisory.

Information capture 327

Information capture Authentication Military Government 327

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

Energy and Utilities 335

Energy and Utilities Military Government Phishing 335

Security Affairs

MARCH 15, 2024

” Steadfast Defender 2024 is NATO’s largest military exercise since the Cold War aimed at testing the alliance’s readiness and ability to defend itself across multiple domains. The exercise is held from January 22nd to May 31st, 2024.

Communications 346

Communications Military Risk IT 346

Security Affairs

JUNE 25, 2024

He left Belmarsh maximum security prison on the morning of 24 June, after having spent 1901 days there. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. JULIAN ASSANGE IS FREE Julian Assange is free. ” and the court’s proximity to the defendant’s country of citizenship, Australia.

Military 302

Military Passwords Access Government 302

Security Affairs

JANUARY 20, 2020

The Chairman of the NATO Military Committee announced that the alliance has sent a counter-hybrid team to Montenegro to face Russian hybrid attacks. Last week in Brussels, the Chairman of the NATO Military Committee (MC), Marshal Sir Stuart Peach, announced the effort of the Alliance in facing Russian hybrid attacks.

Military 251

Military Government Phishing Cybersecurity 251

Security Affairs

SEPTEMBER 10, 2024

Poland ‘s security officials announced that they successfully thwarted cyberattacks that were carried out by Russia and Belarus. Nation-state actors targeted government institutions and state-owned companies involved in military contracts. ” reported the Associated Press. . ” reported the Associated Press.

Ransomware 326

Ransomware Government Military Security 326

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Archiving 336

Archiving Military Communications Phishing 336

Security Affairs

OCTOBER 4, 2024

Intelligence Community, Department of Defense, Department of State, Department of Energy, and military defense contractors. In December 2023, the UK National Cyber Security Centre (NCSC) and Microsoft reported that the Russia-linked APT group Callisto Group was targeting organizations worldwide.

Phishing 328

Phishing Military Government IT 328

OpenText Information Management

SEPTEMBER 27, 2024

The latest 2024 Threat Hunter Perspective from OpenText sheds light on the most pressing threats, nation-state activities, and security recommendations enterprises must consider in the months ahead. The top threat actors in 2024 Our report identifies the top 15 threats and threat actors that enterprises need to be aware of.

Military 105

Military Cybersecurity Ransomware Security 105

Krebs on Security

AUGUST 1, 2024

Duanev was sentenced in January 2024 to five years and four months in prison. The fifth convicted Russian sent back home this week is Maxim Marchenko , 52, who pleaded guilty in February 2024 to illicitly procuring large quantities of U.S.-made made microelectronics on behalf of Russian clients in support of the war on Ukraine.

Military 287

Military Ransomware Government IT 287

Security Affairs

JANUARY 16, 2025

In November 2024, Microsoft researchers observed the Russia-linked APT group Star Blizzard targeting WhatsApp accounts via spear-phishing, shifting tactics to avoid detection. The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection.

Phishing 246

Phishing Military Access Government 246

Krebs on Security

AUGUST 1, 2024

Duanev was sentenced in January 2024 to five years and four months in prison. The fifth convicted Russian sent back home this week is Maxim Marchenko , 52, who pleaded guilty in February 2024 to illicitly procuring large quantities of U.S.-made made microelectronics on behalf of Russian clients in support of the war on Ukraine.

Military 271

Military Ransomware Government IT 271

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 329

Government Cybersecurity Sales Blockchain 329

The Last Watchdog

MAY 2, 2024

Tel Aviv, Israel, May 2, 2024, CyberNewsWire — LayerX , pioneer of the LayerX Browser Security platform, today announced $24 million in Series A funding led by Glilot+, the early-growth fund of Glilot Capital Partners, with participation from Dell Technologies Capital and other investors.

Security 130

Security IT Marketing Phishing 130

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. The North Korean regime is known to use stolen cryptocurrencies to fund its military and other state projects.

Phishing 332

Phishing Blockchain Military Passwords 332

eSecurity Planet

JULY 17, 2024

The North Atlantic Treaty Organization (NATO), a military alliance formed in 1949 to counter the Soviet threat during the Cold War, has traditionally focused on deterring and defending against conventional military attacks. Finally, the NICC aims to promote a secure and stable cyberspace based on international norms.

Military 121

Military Cybersecurity Security IT 121

The Last Watchdog

MAY 28, 2024

I had an evocative discussion about this at RSAC 2024 with Dispersive CEO Rajiv Plimplaskar. military scattered radio-signals and added noise to radio transmissions — to prevent the jamming of torpedo controls. For its next act, could spread spectrum undergird digital resiliency? For historical context, the U.S.

Military 130

Military Encryption Communications Cloud 130

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. million for security failings relating to a 2018 cyber attack on its mobile banking platform. Source (New) Professional services Netherlands Yes 28.3 UniCredit fined €2.8

Data Privacy 78

Data Privacy Privacy Security Data breaches 78

Krebs on Security

MAY 23, 2024

A report from the security firm Team Cymru found the DDoS attack infrastructure used in NoName campaigns is assigned to two interlinked hosting providers: MIRhosting and Stark Industries. That conflict was thought to be the first war ever fought in which a notable cyberattack and an actual military engagement happened simultaneously.

Cloud 330

Cloud Education Government Communications 330

eSecurity Planet

JUNE 21, 2024

Keeper and Dashlane are top password managers prioritizing multi-layered encryption systems for secure password sharing. Keeper emphasizes extensive security measures and is a more affordable option, while Dashlane promotes a user-friendly interface and robust administrative tools perfect for streamlining logins. 5 Security: 4.6/5

Passwords 103

Passwords Encryption Authentication Access 103

Schneier on Security

JUNE 25, 2021

News from Georgetown’s Center for Security and Emerging Technology: China Claims Its AI Can Beat Human Pilots in Battle: Chinese state media reported that an AI system had successfully defeated human pilots during simulated dogfights. At the moment, the system appears to be used only for training human pilots.

Military 104

Military IT Security Artificial Intelligence 104

eSecurity Planet

MARCH 4, 2024

February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect. February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. The fix: Apply Windows patches ASAP.

IoT 118

IoT Ransomware Access Cybersecurity 118

Schneier on Security

OCTOBER 5, 2023

There’s no reason to expect 2023 and 2024 to be any different. As a security expert , I believe it’s a tool uniquely suited to Internet-era propaganda. Nine African democracies, including South Africa, will have elections in 2024. They talked about their expectations regarding election interference in 2024.

Artificial Intelligence 133

Artificial Intelligence Military IT Cybersecurity 133