Authentication and Military - Information Management Today

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. “The information exfiltrated is a combination of system device information, commercial application information and applications specific to the Ukrainian military. ” concludes the report.

Military

Military Authentication Access Government

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. Attorney General Bill Barr said at a press conference today that the Justice Department doesn’t normally charge members of another country’s military with crimes (this is only the second time the agency has indicted Chinese military hackers).

Military

Military Phishing Government Sales

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

The credential harvesting pages created by the group can defeat two-factor authentication and CAPTCHA challenges by relaying requests between legitimate services and compromised Ubiquiti routers. Insikt Group speculates the operation is aimed at influencing regional and military dynamics.

Military

Military Phishing Government Authentication

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

As 2-factor authentication falls short, ‘adaptive multi-factor authentication’ goes mainstream

The Last Watchdog

JUNE 28, 2018

The use of an additional form of authentication to protect the accessing of a sensitive digital system has come a long way over the past decade and a half. An Israeli start-up, Silverfort , is seeking to make a great leap forward in the state-of-the-art of authentication systems. LW: Let’s come back to ‘adaptive authentication.’

Authentication

Authentication Digital transformation Cloud Data science

NEW TECH: Silverfort extends ‘adaptive multi-factor authentication’ via key partnerships

The Last Watchdog

OCTOBER 22, 2018

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Silverfort is the brainchild of a band of colleagues who toiled together in the encryption branch of Unit 8200 , the elite cybersecurity arm of the Israeli military.

Authentication

Authentication Digital transformation Military IoT

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Government Phishing Authentication

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

MARCH 16, 2022

However, evidence suggests that the rogue superstate’s cyber capabilities are as weak as its military stance in Ukraine, especially when met with resistance. Spurred into action by the invasion of Ukraine, Spielerkid89 decided to investigate whether he could find Russian IPs with disabled authentication to fool with.

Authentication

Authentication Access Systems administration Ransomware

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 10, 2024

Threat actors breached two crucial systems of the US CISA CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices QNAP fixed three flaws in its NAS devices, including an authentication bypass Threat actors breached two crucial systems (..)

Security

Security Data breaches Military Ransomware

Nobelium APT uses new Post-Compromise malware MagicWeb

Security Affairs

AUGUST 25, 2022

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. “Like domain controllers, AD FS servers can authenticate users and should therefore be treated with the same high level of security.

Authentication

Authentication Military Access Government

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). The third vulnerability, tracked as CVE-2021-26858 , is a post-authentication arbitrary file write vulnerability in Exchange.

Authentication

Authentication Military Ransomware Manufacturing

Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

Security Affairs

AUGUST 3, 2024

The credential harvesting pages created by the group can defeat two-factor authentication and CAPTCHA challenges by relaying requests between legitimate services and compromised Ubiquiti routers. Insikt Group speculated the operation was aimed at influencing regional and military dynamics.

Sales

Sales Phishing Military Archiving

Iran-linked APT35 accidentally exposed 40 GB associated with their operations

Security Affairs

JULY 17, 2020

“IBM X-Force IRIS did not find evidence of the two military members’ professional network credentials being compromised, and no professional information appears to have been included.” continues IBM. and Greek Navy.”. Fortunately, in both cases, the operations conducted by the group failed.

Military

Military Authentication Cloud IT

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 27, 2023

military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85 military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85 Korean Kimsuky APT targets S.

Security

Security Military Ransomware Passwords

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, An authenticated administrator can exploit the issue by sending specially crafted requests and execute arbitrary commands on the appliance. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

Security

Security Authentication Military Government

New Charges Derail COVID Release for Hacker Who Aided ISIS

Krebs on Security

JANUARY 19, 2021

military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. military members and government employees. 2015 by criminals who social engineered PayPal employees over the phone into changing my password and bypassing multi-factor authentication.

Military

Military Government Passwords Personal data

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, An authenticated administrator can exploit the issue by sending specially crafted requests and execute arbitrary commands on the appliance. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

Authentication

Authentication Military Security Communications

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The vulnerability is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

Military

Military Government Access Phishing

Nobelium continues to target organizations worldwide with custom malware

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. In some campaigns analyzed by Mandiant, the threat actor was using residential IP address ranges to authenticate to target environments.

Authentication

Authentication Military Access Government

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet has obtained a copy of the list with the help of threat intelligence firm KELA and verified confirmed the authenticity of the data. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

Passwords

Passwords Security Ransomware Military

Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration Suite

Security Affairs

AUGUST 12, 2022

Threat actors are exploiting an authentication bypass Zimbra flaw, tracked as CVE-2022-27925, to hack Zimbra Collaboration Suite email servers worldwide. An authentication bypass affecting Zimbra Collaboration Suite, tracked as CVE-2022-27925, is actively exploited to hack ZCS email servers worldwide.

Authentication

Authentication Military Security IT

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

New strain of Cerberus Android banking trojan can steal Google Authenticator codes. Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates. Facial recognition firm Clearview AI reveals intruders stole its client list. Hunting the coronavirus in the dark web.

Security

Security Ransomware Military Data breaches

Russian APT29 conducts phishing attacks through Microsoft Teams

Security Affairs

AUGUST 3, 2023

Then the APT29 leverages Teams messages to send lures that attempt to steal credentials from a targeted organization by engaging a user and tricking it into approve multifactor authentication (MFA) prompts. Then the threat actor gains access to the victim’s Microsoft 365 account. ” concludes the report.

Phishing

Phishing Authentication Government Military

NEW TECH: How ‘adaptive multi-factor authentication’ is gaining traction via partnerships

The Last Watchdog

NOVEMBER 1, 2018

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Silverfort is the brainchild of a band of colleagues who toiled together in the encryption branch of Unit 8200 , the elite cybersecurity arm of the Israeli military.

Authentication

Authentication Digital transformation Military IoT

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

The malware was concealed within security authentication software used during website login. “When the tampered security authentication software installation file is executed, malware in the form of a DLL is run in the %APPDATA% directory, along with legitimate programs.

Information capture

Information capture Authentication Military Government

Facebook deleted Russia-Linked efforts focusing on Ukraine ahead of the election

Security Affairs

JULY 29, 2019

In this case, threat actors used fake accounts to impersonate military members in Ukraine and managed Groups posing as authentic military communities. Content published by the operators includes topics like the military conflict in Eastern Ukraine, Ukrainian public figures and politics.

Military

Military Government Authentication Security

Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 23, 2025

Military & Defense Sector: A Cybersecurity Disaster in the Making Analyzing ELF/Sshdinjector.A!tr

Security

Security CMS Phishing Encryption

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 16, 2024

Japanese video-sharing platform Niconico was victim of a cyber attack UK NHS call for O-type blood donations following ransomware attack on London hospitals Christie’s data breach impacted 45,798 individuals Sticky Werewolf targets the aviation industry in Russia and Belarus Frontier Communications data breach impacted over 750,000 individuals PHP (..)

Data breaches

Data breaches Security Ransomware Sales

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. DataLocker actually got traction, early on, selling to the military. You need to rely on external storage to securely transport your data.

Encryption

Encryption Military Passwords Authentication

SolarWinds hackers stole some of Mimecast source code

Security Affairs

MARCH 17, 2021

Back in December, the SolarWinds supply chain attack made the headlines when a Russian cyber espionage group tampered with updates for SolarWinds’ Orion Network Management products that the IT company provides to government agencies, military, and intelligence offices. Completely replaced all compromised servers.

Encryption

Encryption Military Access Archiving

UK, US agencies warn of large-scale brute-force attacks carried out by Russian APT

Security Affairs

JULY 1, 2021

US and UK cybersecurity agencies said today that a Russian military cyber unit has been behind a series of brute-force attacks that have targeted the cloud IT resources of government and private sector companies across the world. and foreign organizations using brute force access to penetrate government and private sector victim networks.”

Energy and Utilities

Energy and Utilities Military Cybersecurity Cloud

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

Maze ransomware operators are very active in this period, recently they have stolen data from US military contractor Westech and the ST Engineering group , and they have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week.

Ransomware

Ransomware Computer and Electronics Military Data breaches

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

MiCODUS is used today by 420,000 customers in multiple industries, including government, military, law enforcement agencies, and Fortune 1000 companies. CVE-2022-2141 (CVSS score: 9.8) – Improper authentication allows a user to send some SMS commands to the GPS tracker without a password.

Passwords

Passwords Manufacturing Military Authentication

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 6, 2023

It’s Testing U.S.

Security

Security Military Phishing Sales

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Microsoft added that password spray attacks on Office 365 accounts with multifactor authentication (MFA) enabled failed. Threat actors are launching extensive password spraying attacks aimed at the target organizations, the malicious campaign was first spotted in July 2021.

Ransomware

Ransomware Passwords Military Authentication

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs

NOVEMBER 27, 2023

The announcement marks the first time that a government admitted to having used hacking as part of its military strategy during a conflict. As of March 2022, Russia had about 820 foreign-made civilian aircraft. “Today, Moscow is trying to hide the endless pile of problems with civil aviation, endangering its residents, by all means.”

Military

Military Manufacturing Government Authentication

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

Exploitation requires successful authentication by a user with the necessary privileges. The web shell’s primary purpose is to intercept and harvest credentials which would enable access into downstream customers’ networks as an authenticated user. ” reads the advisory published by Versa Networks. . victims and one non-U.S.

Energy and Utilities

Energy and Utilities Communications Authentication Access

Iran-linked DEV-0343 APT target US and Israeli defense technology firms

Security Affairs

OCTOBER 11, 2021

.” Microsoft added that password spray attacks on Office 365 accounts with multifactor authentication (MFA) enabled failed. Below is the list of defensive measures shared by Microsoft to mitigate DEV-0343 attacks: Enable multifactor authentication to mitigate compromised credentials.

Passwords

Passwords Authentication Military Analytics

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

Security Affairs

MARCH 5, 2022

At the moment it has not been possible to verify the authenticity of the published documents, therefore the reliability of the source remains difficult to verify.” ” Anonymous also attempted to support military operations on the field by hacking into IP cameras that were used to monitor the movements of Ukrainians.

Passwords

Passwords Government Military Authentication

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

Security Affairs

DECEMBER 14, 2023

The vulnerability is an authentication bypass issue affecting the on-premises version of TeamCity. and below is prone to an authentication bypass, which allows an unauthenticated attacker to gain remote code execution (RCE) on the server. in TeamCity. TeamCity server version 2023.05.3 The flaw impacts on-premises version 2023.05.3

Authentication

Authentication Military Access Manufacturing

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

BSI remarks that the trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of any defense software. The alert pointed out that antivirus software operates with high privileges on machines and if compromised could allow an attacker to take over them.

Manufacturing

Manufacturing Information Security Military Cybersecurity

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

JANUARY 13, 2020

military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. Sources tell KrebsOnSecurity that Microsoft Corp. 14, the first Patch Tuesday of 2020. .”

Military

Military Cybersecurity Encryption Authentication

Defense contractor Belcan leaks admin password with a list of flaws

Security Affairs

AUGUST 22, 2023

However, hashes can still be cracked, and other authentication data may be used in spear phishing attacks. The most significant risk is state-sponsored advanced persistent threats (APT) driven by political and military objectives such as espionage, influence, or proxy warfare.

Passwords

Passwords Military Manufacturing Analytics

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. The orchestrator reads the email address in /etc/transport/mail/mailboxes/0/command_addr by parsing the inbox HTML page (using Gumbo HTML parser ) and the cookies to authenticate on Gmail in /etc/transport/mail/mailboxes/0/cookie.

Communications

Communications Military Encryption Authentication

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Webinars

Trending Sources

APT28 targets key networks in Europe with HeadLace malware

Webinars

As 2-factor authentication falls short, ‘adaptive multi-factor authentication’ goes mainstream

NEW TECH: Silverfort extends ‘adaptive multi-factor authentication’ via key partnerships

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Hacker breaches key Russian ministry in blink of an eye

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Nobelium APT uses new Post-Compromise malware MagicWeb

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

Iran-linked APT35 accidentally exposed 40 GB associated with their operations

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

New Charges Derail COVID Release for Hacker Who Aided ISIS

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Nobelium continues to target organizations worldwide with custom malware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration Suite

Security Affairs newsletter Round 253

Russian APT29 conducts phishing attacks through Microsoft Teams

NEW TECH: How ‘adaptive multi-factor authentication’ is gaining traction via partnerships

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Facebook deleted Russia-Linked efforts focusing on Ukraine ahead of the election

Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

SolarWinds hackers stole some of Mimecast source code

UK, US agencies warn of large-scale brute-force attacks carried out by Russian APT

Maze ransomware operators claim to have breached LG Electronics

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Iran-linked APT groups continue to evolve

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Iran-linked DEV-0343 APT target US and Israeli defense technology firms

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

Russia-linked APT29 spotted targeting JetBrains TeamCity servers

The German BSI agency recommends replacing Kaspersky antivirus software

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Defense contractor Belcan leaks admin password with a list of flaws

New Turla ComRAT backdoor uses Gmail for Command and Control

Stay Connected