Blog and Military - Information Management Today

Anonymous targets the Russian Military and State Television and Radio propaganda

Security Affairs

APRIL 5, 2022

Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Anonymous leaked personal details of the Russian military stationed in Bucha where the Russian military carried out a massacre of civilians that are accused of having raped and shot local women and children.

Military

Military Cybersecurity Security Government

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.

Military

Military Manufacturing Ransomware Mining

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013.

Military

Military Phishing File names Archiving

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. This gave them access to all sorts of private documents and photos, including photos that are said to show awards and uniforms of the Russian military intelligence service GRU.”

Military

Military Access Security Cybersecurity

Ghostwriter disinformation campaign aimed at discrediting NATO

Security Affairs

AUGUST 3, 2020

The attackers were spreading fabricated content, including falsified news articles, quotes, correspondence, and other documents designed to appear as coming from military officials and political figures in the target countries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Military

Military CMS Security Government

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Security Affairs

MAY 4, 2022

Pro-Ukraine hackers, likely linked to Ukraine IT Army , are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen websites belonging to government, military, and media. The DDoS attacks also targeted three Lithuanian media websites. ” reported Crowdstrike. To nominate, please visit:?

Honeypots

Honeypots Military Mining Government

Nation-state malware could become a commodity on dark web soon, Interpol warns

Security Affairs

MAY 24, 2022

Threat actors could perform reverse engineering of military-made malicious code and use their own versions in attacks in the wild. “The same applies for the digital weapons that, maybe today are used by the military, developed by military, and tomorrow will be available for criminals,” he explained. .

Military

Military Government Communications Security

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

. “After data exfiltration often involving direct communications with victims demanding ransom, Snatch threat actors may threaten victims with double extortion, where the victims’ data will be posted on Snatch’s extortion blog if the ransom goes unpaid.” HENSOLDT is a company specializing in military and defense electronics.

Ransomware

Ransomware Computer and Electronics Military Agriculture

Russia-linked threat actors launched hundreds of cyberattacks on Ukraine

Security Affairs

APRIL 27, 2022

The experts pointed out that starting just before the invasion threat actors linked to the military intelligence service GRU launched destructive wiper attacks on hundreds of systems in Ukraine. 32% percent of destructive attacks were aimed at Ukrainian government organizations at the national, regional, and city levels. Pierluigi Paganini.

Military

Military Government Cybersecurity Security

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. To nominate, please visit:?

Military

Military Government Phishing Security

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

“ Curious Gorge, a group TAG attributes to China’s PLA SSF, has remained active against government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia. The researchers also observed threat actors increasingly targeting organizations in the critical infrastructure. To nominate, please visit:?

Manufacturing

Manufacturing Phishing Passwords Military

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. Andrey Shevlyakov, an Estonian national, was charged in the US with conspiracy and other charges related to acquiring U.S.-made

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

Security Affairs

APRIL 10, 2022

April 5 – Anonymous targets the Russian Military and State Television and Radio propaganda. Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Feb 27- Mar 05 Ukraine – Russia the silent cyber conflict. To nominate, please visit:? Pierluigi Paganini.

Military

Military Phishing Government Cybersecurity

The strange link between Industrial Spy and the Cuba ransomware operation

Security Affairs

MAY 28, 2022

We public schemes, drawings, technologies, political and military secrets, accounting reports and clients databases. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). We gather data using vunlerability in their IT infrastructure. in their IT infrastructure.

Ransomware

Ransomware Military Security IT

Experts spotted Industrial Spy, a new stolen data marketplace

Security Affairs

APRIL 18, 2022

We public schemes, drawings, technologies, political and military secrets, accounting reports and clients databases. Below is the description for the marketplace: “There you can buy or download for free private and compromising data of your competitors. We gather data using vunlerability in their IT infrastructure. Pierluigi Paganini.

Military

Military Sales Ransomware Cybersecurity

Ukrainian WordPress sites under massive complex attacks

Security Affairs

MARCH 3, 2022

Researchers observed a spike in the attacks against Ukrainian WordPress sites since the beginning of the military invasion of the country. We will use the term “attack” in this blog post to indicate a sophisticated exploit attempt.” Ukrainian TLD before and after the invasion. This data set includes 8,320.UA UA websites.

Military

Military Government Security Access

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

RedFoxtrot has been active since at least 2014 and focused on gathering military intelligence from neighboring countries, it is suspected to work under the PLA China-linked Unit 69010. Experts observed overlap between the TTPs of the Moshen Dragon group with the ones of the Chinese Nomad Panda (aka RedFoxtrot). To nominate, please visit:?

Security

Security Military Insurance Cybersecurity

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. reads the post published by Proofpoint.

IT

IT Military Phishing Passwords

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” continues the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

Since February the notorious cybercrime operation Trickbot is controlled by Conti ransomware, the ransomware gang that publicly announced its support to Russia after the invasion of Ukraine by Russian cyber militaries. The alert published by the Ukraine CERT-UA includes Indicators of Compromise (IoCs) for this campaign and recommendations.

Phishing

Phishing Military Ransomware Encryption

Maze Ransomware operators hacked the Xerox Corporation

Security Affairs

JULY 1, 2020

Blog Link) [link] — Cyble (@AuCyble) June 30, 2020. Maze ransomware operators are very active in this period, recently they have stolen data from US military contractor Westech and the ST Engineering group , and they have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week.

Ransomware

Ransomware Encryption Military IT

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

The attack chain observed by the researchers starts with spear-phishing messages using weaponized Word document disguised as a news report related to military affairs in Iran. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:?

IT

IT Military Communications Phishing

New ToddyCat APT targets high-profile entities in Europe and Asia

Security Affairs

JUNE 21, 2022

The affected organizations, both governmental and military, show that this group is focused on very high-profile targets and is probably used to achieve critical goals, likely related to geopolitical interests. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”).

Military

Military Security Cybersecurity IT

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz

Security Affairs

NOVEMBER 8, 2023

blog, which was chosen by the attackers in an attempt to appear as the legitimate cryptocurrency exchange swissborg.com. ” North Korea-linked threat actors continue to target organizations in the cryptocurrency industry to circumvent international sanctions and finance its military operations.

Blockchain

Blockchain Military Communications IT

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

Security Affairs

APRIL 13, 2023

Poland’s Military Counterintelligence Service and its Computer Emergency Response Team linked a recent string of attacks targeting NATO and European Union countries to the Russia-linked APT29 group (aka SVR group , Cozy Bear , Nobelium , and The Dukes ). The Military Counterintelligence Service and CERT.PL

Libraries

Libraries Military Education Government

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. Yet, there’s still work to be done to make this path more accessible and known among the veteran and transitioning military community. This experience can also be helpful when training cybersecurity talent.

Cybersecurity

Cybersecurity Military Education Government

Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)

Security Affairs

MAY 8, 2022

The agency is responsible for national, military and police intelligence, as well as counterintelligence. The Conti ransomware gang added the Peru MOF – Dirección General de Inteligencia (DIGIMIN) to the list of its victims on its Tor leak site. The National Directorate of Intelligence is the premier intelligence agency in Peru.

Ransomware

Ransomware Military Cybersecurity Risk

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. ” reads the report published by the Google TAG.

Phishing

Phishing Military Ransomware Education

Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

Security Affairs

NOVEMBER 23, 2018

The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent wave of attacks aimed at many important US entities, such as military agencies, law enforcement, defense contractors , media companies and pharmaceutical companies. New “Cozy Bear” campaign, old habits.

Healthcare

Healthcare Phishing Military Security

Pro-Russian hacktivists target Italy government websites

Security Affairs

MAY 14, 2022

Our Legion conducts military cyber exercises in your countries in order to improve their skills. Killnet published a message on its Telegram channel, threatening further attacks may: “Dear media of Italy and Spain. killnet does not actually attack your countries like it did in Romania. To nominate, please visit:? Pierluigi Paganini.

Government

Government Military Data breaches Cybersecurity

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Access Cybersecurity Education

Why Edward Snowden is urging users to stop using ExpressVPN?

Security Affairs

SEPTEMBER 19, 2021

military and various government contractors, then with a U.S. This is just a first step, and we will continue to strive to earn your trust,” ExpressVPN blog post on the issue read. . The surveillance it represents is completely antithetical to our mission.” ” reads the response. and its ally, the U.A.E.,

Cybersecurity

Cybersecurity Military Privacy Compliance

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Security Affairs

APRIL 21, 2023

The organisation works with national authorities, air navigation service providers, civil and military airspace users, airports, and other organisations. A senior Eurocontrol official told The Wall Street Journal , that the Pro-Russia hackers cannot access systems for aviation safety because these systems are air-gapped.

Military

Military Education Access Cybersecurity

Facebook blocked Russia and Belarus threat actors’ activity against Ukraine

Security Affairs

APRIL 10, 2022

The APT group has attempted to hack into the Facebook accounts of dozens of Ukrainian military personnel, in some cases they posted videos calling on the Army to surrender as if these posts were coming from the legitimate account owners. Meta revealed to have blocked the sharing of these videos. To nominate, please visit:? Pierluigi Paganini.

Military

Military Cybersecurity Government Security

Security Affairs newsletter Round 360 by Pierluigi Paganini

Security Affairs

APRIL 10, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice. Pierluigi Paganini.

Security

Security Data breaches Military Manufacturing

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Krebs on Security

DECEMBER 14, 2020

A blog post by Microsoft says the attackers were able to add malicious code to software updates provided by SolarWinds for Orion users. . “Treat all hosts monitored by the SolarWinds Orion monitoring software as compromised by threat actors and assume that further persistence mechanisms have been deployed,” CISA advised.

Military

Military Government Cybersecurity Security

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021. Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors.

Ransomware

Ransomware Passwords Military Authentication

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

Cyber security of satellite systems is becoming crucial due to the growing number of commercial and military applications that rely on them. .” Thales pointed out that throughout the entire exercise, ESA had access to the satellite’s systems to retain control. ” said Pierre-Yves Jolivet, VP Cyber Solutions, Thales.

Cybersecurity

Cybersecurity Military Access Education

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

However, the attackers chose a domain name that gives the impression of a connection to the South African military. This domain has been hosted on eight other IPs throughout its history, none of these IPs were directly affiliated with the South African government. Experts added that the IP 196.216.136[.]139 139 resolved to vpn729380678.softether[.]net

Communications

Communications Military Government Libraries

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs

APRIL 19, 2023

“Microsoft assesses that Mint Sandstorm is associated with an intelligence arm of Iran’s military, the Islamic Revolutionary Guard Corps (IRGC), an assessment that has been corroborated by multiple credible sources including Mandiant , Proofpoint , and SecureWorks.” ” reads the report published by Microsoft.

Energy and Utilities

Energy and Utilities Military Education Phishing

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

billion rubles. Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Security

Security Computer and Electronics Ransomware Marketing

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere.

Phishing

Phishing Passwords Military Education

SideWinder carried out over 1,000 attacks since April 2020

Security Affairs

MAY 31, 2022

SideWinder has been active since at least 2012, the group main targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:? Pierluigi Paganini.

Encryption

Encryption Military Phishing Communications

Anonymous targets the Russian Military and State Television and Radio propaganda

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Webinars

Trending Sources

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Webinars

Russian APT28 hacker accused of the NATO think tank hack in Germany

Ghostwriter disinformation campaign aimed at discrediting NATO

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Nation-state malware could become a commodity on dark web soon, Interpol warns

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Russia-linked threat actors launched hundreds of cyberattacks on Ukraine

Microsoft disrupted APT28 attacks on Ukraine through a court order

China-linked APT Curious Gorge targeted Russian govt agencies

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

The strange link between Industrial Spy and the Cuba ransomware operation

Experts spotted Industrial Spy, a new stolen data marketplace

Ukrainian WordPress sites under massive complex attacks

China-linked Moshen Dragon abuses security software to sideload malware

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Maze Ransomware operators hacked the Xerox Corporation

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

New ToddyCat APT targets high-profile entities in Europe and Asia

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)

Google TAG warns of Russia-linked APT groups targeting Ukraine

Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

Pro-Russian hacktivists target Italy government websites

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Why Edward Snowden is urging users to stop using ExpressVPN?

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Facebook blocked Russia and Belarus threat actors’ activity against Ukraine

Security Affairs newsletter Round 360 by Pierluigi Paganini

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Iran-linked APT groups continue to evolve

White hat hackers showed how to take over a European Space Agency satellite

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

SideWinder carried out over 1,000 attacks since April 2020

Stay Connected