Communications and Government - Information Management Today

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

broadband providers and gained access to private communications of a limited number of U.S. government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. China-linked threat actors breached U.S. broadband providers.

Government

Government Communications Access Risk

NSA releases guidance for securing Unified Communications and VVoIP

Security Affairs

JUNE 21, 2021

The US National Security Agency (NSA) released guidance for securing Unified Communications/Voice and Video over IP Systems (VVoIP). NSA last week released guidance for securing their communication systems, specifically Unified Communications (UC) and Voice and Video over IP (VVoIP). Pierluigi Paganini.

Communications

Communications Security Authentication Encryption

Foreign adversary hacked email communications of the Library of Congress says

Security Affairs

NOVEMBER 18, 2024

The Library of Congress informed lawmakers about a security breach, an alleged foreign adversary compromised some of their IT systems and gained access to email communications between congressional offices and some library staff, including the Congressional Research Service. Copyright Office systems, were not impacted by the incident.

Libraries

Libraries Communications Access Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Data breaches

Data breaches Communications Artificial Intelligence Government

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

WIRED Threat Level

NOVEMBER 7, 2023

The Government Surveillance Reform Act of 2023 pulls from past privacy bills to overhaul how police and the feds access Americans’ data and communications.

Government

Government Communications Privacy Access

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures.

Government

Government Communications Access Passwords

Ukraine bans Telegram for government agencies, military, and critical infrastructure

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. .”

Military

Military Government Personal data Phishing

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

According to Microsoft, the campaign aimed at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

e-Discovery

e-Discovery Communications Ransomware Government

A massive DDoS attack hit Israel, government sites went offline

Security Affairs

MARCH 14, 2022

Many Israel government websites were offline after a cyberattack, defense sources claim that this is the largest-ever attack that hit the country. Israeli media reported that a massive DDoS attack has taken down many Israel government websites. As of now, all of the websites are operational.” Pierluigi Paganini.

Government

Government Communications Access Security

Conti Ransomware gang threatens to overthrow the government of Costa Rica

Security Affairs

MAY 18, 2022

The Conti ransomware gang is threatening to ‘overthrow’ the new government of Costa Rica after last month’s attack. Last month, the Conti ransomware gang claimed responsibility for the attack on Costa Rica government infrastructure after that the government refused to pay a ransom. ” reads the message.

Government

Government Ransomware Military Encryption

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. “Gaining a foothold on these devices allows an actor to directly pivot into an organization, reroute or modify traffic and monitor network communications.”

Government

Government Authentication Communications Access

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The post Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Phishing

Phishing e-Delivery Government Passwords

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The backdoor uses HTTP for its communications. report – CurKeep collects information about the infected machine. In turn, the C2 responds with strings of commands. Is it linked to ToddyCat APT?

Government

Government IT Encryption Libraries

China-linked APT Sharp Panda targets government entities in Southeast Asia

Security Affairs

MARCH 8, 2023

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia.

Government

Government Communications Phishing IT

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication. SEC investigators gathered evidence that Unisys Corp.,

Cybersecurity

Cybersecurity Risk Government Compliance

Bank of Seychelles hit by a ransomware attack

Security Affairs

SEPTEMBER 12, 2020

DBS is a joint venture by the Seychelles government and some shareholders including Bank, Caisse Francaise de Cooperation, European Investment Bank, DEG, Standard Chartered Bank, and Barclays Bank. . DBS bought back Barclays’ share and Government purchased the shares of DEG, hence, increasing its shareholding to 60.50%.

Ransomware

Ransomware Communications Government Encryption

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Security Affairs

MAY 17, 2024

Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. Notably, the attacker also included a second backdoor – which we named LunarMail – that uses a different method for command and control (C&C) communications.” ” continues the report.

Communications

Communications Phishing Government Encryption

US adds Tencent to the list of companies supporting Chinese military

Security Affairs

JANUARY 7, 2025

The US government does not explain the decision. The organizations in the Section 1260 list support the Military-Civil Fusion strategy of the Chinese government. The platform could support military communication, strategic message dissemination, public sentiment monitoring, and intelligence gathering.

Military

Military Cloud Government Analytics

US FCC bans China Unicom Americas telecom over national security risks

Security Affairs

JANUARY 29, 2022

The Federal Communications Commission (FCC) revoked the license for the China Unicom Americas over serious national security concerns. The Federal Communications Commission (FCC) has revoked the license for China Unicom Americas over “serious national security concerns.” ” reads the order. Pierluigi Paganini.

Risk

Risk Security Communications Government

Russian internet watchdog Roskomnadzor bans six more VPN services

Security Affairs

DECEMBER 2, 2021

Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. In September Russian communications watchdog Roskomnadzor blocked access to Hola! In September Russian communications watchdog Roskomnadzor blocked access to Hola!VPN,

Communications

Communications Access Government Security

Anonymous continues to support Ukraine against the Russia

Security Affairs

MARCH 17, 2022

The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. Let’s summarize the most interesting attacks observed in the last few days.

Military

Military Communications Government Access

U.S. gov adds more Chinese Telecom firms to the Covered List

Security Affairs

SEPTEMBER 21, 2022

Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. Federal Communications Commission (FCC) has added Pacific Network Corp, ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the Covered List. subject to section 214 of the Communications Act of 1934.

Communications

Communications Risk Government Information Security

WhatsApp, Signal Preview UK Exit Over Threat to Encryption

Data Breach Today

APRIL 18, 2023

UK's Online Safety Bill Criticized for Infringing on Private Communications Major internet chat platforms are urging the United Kingdom government to reconsider a bill intended to decrease exposure to online harms but which opponents say would open the door to massive government surveillance.

Encryption

Encryption Communications Government

North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

Security Affairs

MAY 19, 2024

Troll Stealer can also copy the GPKI (Government Public Key Infrastructure) folder on infected computers. GPKI is the public key infrastructure schema for South Korean government personnel and state organizations, suggesting that government agencies were among the targeted by state-sponsored hackers. ” (hardcoded).

Communications

Communications Government IT Encryption

New Android Banking Trojan Targets Southeast Asia Region

Data Breach Today

AUGUST 30, 2023

Android Banking Trojan Disguised As Dating or Government App Hackers are deploying a novel Android malware using an uncommon communication method to steal banking login data from compromised devices primarily in Southeast Asia.

Phishing

Phishing Communications Government

Experts found information of European politicians on the dark web

Security Affairs

JUNE 3, 2024

40% of 2,280 official government email addresses from the British, European, and French Parliaments were exposed, including passwords, birth dates, and other details. Many of these MPs, MEPs, deputies, and senators hold senior positions, including heads of committees, government ministers, and senior opposition leaders.

Passwords

Passwords Government Data breaches Risk

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. Historically, Royal actors were observed leveraging Chisel , Secure Shell (SSH) client, PuTTY, OpenSSH, and MobaXterm for C2 communications.

Ransomware

Ransomware Communications Manufacturing Phishing

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Security Affairs

OCTOBER 6, 2024

“A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.” broadband providers is still ongoing, government experts are assessing its scope.

Government

Government Access Risk Security

US govt offers $10 million reward for info on nation-state cyber operations

Security Affairs

JULY 17, 2021

The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors. The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers. The move was announced by the U.S. “The U.S.

Government

Government Ransomware Access Communications

Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthday

Security Affairs

OCTOBER 7, 2024

A Ukrainian government source told Reuters that Kyiv’s hackers are behind the cyber attack that disrupted operations at the Russian state media company VGTRK on Putin’s birthday. The cyberattack on VGTRK disrupted online broadcasts, internal services, and communications, reportedly wiping servers and backups.

Government

Government Communications IT Information Security

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Security Affairs

SEPTEMBER 23, 2024

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-linked APT group Earth Baxia has targeted a government organization in Taiwan and potentially other countries in the Asia-Pacific (APAC) region.

Phishing

Phishing File names Cloud Government

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

The US Census Bureau is the largest US federal government statistical agency responsible dedicated to providing current facts and figures about America’s people, places, and economy. Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year.

Government

Government Data collection Access Communications

Poland institutions and individuals targeted by an unprecedented series of cyber attacks

Security Affairs

JUNE 16, 2021

Poland ‘s government announced that it was targeted by an ‘Unprecedented’ series of cyber attacks, hackers hit against institutions and individuals. Mateusz Morawiecki had to provide details about the attacks presenting secret documents related to attacks, as anticipated by government spokesman Piotr Muller.

Metadata

Metadata Government Phishing Communications

APT28 relies on PowerPoint Mouseover to deliver Graphite malware

Security Affairs

SEPTEMBER 29, 2022

The latter downloads a payload that extracts and injects in itself a new PE (Portable Executable) file, that the analysis showed to be a variant of a malware family known as Graphite, that uses the Microsoft Graph API and OneDrive for C&C communications.” ” reads the analysis published by Cluster25. Microsoft[.]com,

Metadata

Metadata Communications Government IT

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

According to Microsoft, the campaign aimed at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

Communications

Communications Manufacturing Education Government

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

Security Affairs

MAY 26, 2021

The Federal Public Service Interior’s communications director, Olivier Maerens, confirmed that the attackers were not able to breach the server of the ministry, this means that threat actors did not steal any data. The websites of the Belgium government and police services were also unavailable.

IT

IT Education Government Communications

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Exclusive, Ghost Squad Hackers defaced European Space Agency (ESA) site

Security Affairs

JULY 15, 2020

“This attack was done solely for fun” The group claims to have hacked numerous organizations and government agencies over the years, including US military, European Union, Washington DC, Israeli Defense Forces, the Indian Government, and some central banks.

Military

Military Government Communications Access

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Security Affairs

SEPTEMBER 6, 2024

The government expert pointed out that Unit 29155 operates independently from other GRU-affiliated groups like Unit 26165 and Unit 74455. The threat actors targeted critical infrastructure sectors such as government, finance, transportation, energy, and healthcare. Since 2022, the unit focused on disrupting aid efforts for Ukraine.

Financial Services

Financial Services Government IoT Communications

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” The activity will be completed in the coming months.

Government

Government Communications Risk Cybersecurity

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. i-SOON is a prominent contractor for various agencies of the Chinese government, including Ministry of Public Security, Ministry of State Security, and the People’s Liberation Army.

Government

Government IoT Marketing Data breaches

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Krebs on Security

DECEMBER 16, 2020

FireEye said hacked networks were seen communicating with a malicious domain name — avsvmcloud[.]com Today, FireEye responded that the domain seizure was part of a collaborative effort to prevent networks that may have been affected by the compromised SolarWinds software update from communicating with the attackers.

Communications

Communications Sales Cybersecurity Government

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Communications Military Access

Law enforcement announced global action against NetWalker Ransomware

Security Affairs

JANUARY 27, 2021

and foreign government organizations. In July, the FBI warned of NetWalker attacks targeting government organizations. Bulgarian authorities seized a dark website used by NetWalker affiliates to communicate with victims. In August 2020, the FBI has issued a security alert about Netwalker ransomware attacks targeting U.S.

Ransomware

Ransomware Government Communications Security

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

NSA releases guidance for securing Unified Communications and VVoIP

Webinars

Trending Sources

Foreign adversary hacked email communications of the Library of Congress says

Webinars

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Ukraine bans Telegram for government agencies, military, and critical infrastructure

China’s Volt Typhoon botnet has re-emerged

A massive DDoS attack hit Israel, government sites went offline

Conti Ransomware gang threatens to overthrow the government of Costa Rica

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

China-linked APT Sharp Panda targets government entities in Southeast Asia

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Bank of Seychelles hit by a ransomware attack

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

US adds Tencent to the list of companies supporting Chinese military

US FCC bans China Unicom Americas telecom over national security risks

Russian internet watchdog Roskomnadzor bans six more VPN services

Anonymous continues to support Ukraine against the Russia

U.S. gov adds more Chinese Telecom firms to the Covered List

WhatsApp, Signal Preview UK Exit Over Threat to Encryption

North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

New Android Banking Trojan Targets Southeast Asia Region

Experts found information of European politicians on the dark web

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

US govt offers $10 million reward for info on nation-state cyber operations

Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthday

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Hackers targeted the US Census Bureau network, DHS report warns

Poland institutions and individuals targeted by an unprecedented series of cyber attacks

APT28 relies on PowerPoint Mouseover to deliver Graphite malware

China-linked APT Volt Typhoon linked to KV-Botnet

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Exclusive, Ghost Squad Hackers defaced European Space Agency (ESA) site

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

FBI chief says China is preparing to attack US critical infrastructure

Law enforcement announced global action against NetWalker Ransomware

Stay Connected