Remove Access Remove Military Remove Systems administration
article thumbnail

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Spielerkid89, who wished to remain anonymous, did not intend to harm the organization and left its systems intact. Original post at [link].

article thumbnail

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Security Affairs

“Russian military cyber actors, publicly known as Sandworm Team, have been exploiting a vulnerability in Exim mail transfer agent (MTA) software since at least last August.” Using a previous version of Exim leaves a system vulnerable to exploitation. The flaw resides in the deliver_message() function in /src/deliver.c

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CISA’s MAR warns of North Korean BLINDINGCAN RAT

Security Affairs

According to the government experts, the BLINDINGCAN malware was employed in attacks aimed at US and foreign companies operating in the military defense and aerospace sectors. A threat group with a nexus to North Korea targeted government contractors early this year to gather intelligence surrounding key military and energy technologies.”

Military 108
article thumbnail

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

article thumbnail

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

The BlindingCan was employed in attacks on US and foreign companies operating in the military defense and aerospace sectors. The CISA MAR provided indicators of compromise (IoCs), Yara rules, and other technical info that could be used by system administrators to discover compromise systems within their networks.

IT 130
article thumbnail

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

Michigan is cultivating a collection of amazing cybersecurity training facilities, called Cyber Range hubs, that are shining models for what’s possible when inspired program leaders are given access to leading-edge resources, wisely supplied by public agencies and private foundations. Merit 1981.

article thumbnail

£60 million in recovery costs for Norsk Hydro after refusing ransom demand

IT Governance

On 19 March 2019, Norsk Hydro’s systems were infected with the LockerGoga ransomware. TrendMicro’s analysis into the ransomware found that it was the same system administration tool abused by the likes of SOREBRECT and Bad Rabbit. To access the decoder, the organisation was asked to pay a large ransomin bitcoin.