Education, IT and Military - Information Management Today

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. Yet, there’s still work to be done to make this path more accessible and known among the veteran and transitioning military community. This experience can also be helpful when training cybersecurity talent. And it works.

Cybersecurity

Cybersecurity Military Education Government

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Educate your employees on threats and risks such as phishing and malware. Cyber attack targets. Accounting for humans.

Cybersecurity

Cybersecurity Passwords Military Education

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. ” he observed.

Cloud

Cloud Education Government Communications

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. DataLocker actually got traction, early on, selling to the military. Related: How DataLocker got its start h. Park: Exactly.

Encryption

Encryption Military Passwords Authentication

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Michigan is known as the Wolverine State in deference to the ornery quadruped that roams its wild country. However, after a recent visit to Detroit, Ann Arbor and Grand Rapids as a guest of the Michigan Economic Development Corp., or MEDC, I’m prepared to rechristen Michigan the Cybersecurity Best Practices State. But it does fit like a glove.

Cybersecurity

Cybersecurity Military Education Government

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Security Affairs

FEBRUARY 24, 2023

This year, 750 cyber specialists have participated in the military cyberwarfare exercise. We must innovate to stay ahead of those that would wish us harm and Defence Cyber Marvel 2 is the next evolution of our pioneering collective education.” ” reads the press release published by the UK Ministry of Defence. .”

Military

Military Education Government IT

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

Military

Military File names Education Phishing

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Educate employees. Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). The headlines are disturbing: Breach of patient records ; Surgeries and appointments cancelled due to IT outage ; and even, Death attributed to ransomware attack on hospital. Create an asset inventory.

Passwords

Passwords Cybersecurity Education Phishing

Ministry of Defence academy hit by state-sponsored hackers

Security Affairs

MARCH 22, 2021

The Defence Academy of the United Kingdom provides higher education for personnel in the British Armed Forces, Civil Service, other government departments and service personnel from other nations. “Staff were told the hack was by a foreign power, making Russia and China suspects.” They said it’s the work of a foreign power.”

Education

Education Military Government IT

Catches of the Month: Phishing Scams for March 2022

IT Governance

MARCH 8, 2022

The Ukrainian government and its military were targeted by DDoS (distributed denial-of-service) attacks, while a pro-Ukrainian group attacked the Belarusian railway system with ransomware after discovering that it was being used by Russia to transport tanks and weapons. Beware of remote access takeover scams.

Phishing

Phishing Military Access Education

Attention U.S. Veterans: The CIP Exam Has Been Approved for Reimbursement Under the GI Bill

AIIM

MAY 15, 2019

I am very pleased to announce that the Certified Information Professional (CIP) exam has been approved for reimbursement under the Veterans Education Benefit program for Licensing and Certification reimbursements administered by the U.S. Department of Veterans Affairs - aka the GI Bill. This is something that is intensely personal to me.

Education

Education Military IT Security

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

The Last Watchdog

SEPTEMBER 27, 2021

military officials hired data analysts to crack the Japanese secret code known as JN-25. military and the analysts who worked to gather intelligence and relay these critical, decoded messages to prevent further attack. After the devastating blow of Pearl Harbor, U.S. This was considered a significant win for the U.S.

Cybersecurity

Cybersecurity Military Encryption Risk

Another Massive Russian Hack of US Government Networks

Schneier on Security

DECEMBER 15, 2020

SolarWinds’ comprehensive products and services are used by more than 300,000 customers worldwide, including military, Fortune 500 companies, government agencies, and education institutions. The motive for the attack on the agency and the Treasury Department remains elusive, two people familiar with the matter said.

Government

Government Military Education IT

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. . “the U.S. In fact, the U.S. ” continues the alert. ” U.S. ” U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. reads the post published by Proofpoint.

IT

IT Military Phishing Passwords

Russia-linked APT TAG-110 uses targets Europe and Asia

Security Affairs

NOVEMBER 25, 2024

The campaign primarily targeted government entities, human rights groups, and educational institutions in Central Asia, East Asia, and Europe. The researchers pointed out that intelligence gathered in these campaigns supports Russia’s military strategies and enhances understanding of regional dynamics.

Military

Military Phishing Encryption Education

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Government By Numbers: Some Interesting Insights

John Battelle's Searchblog

OCTOBER 28, 2011

Examples include identity (from driver’s licenses and SSNs to Visa, MasterCard, Amex, and Facebook), delivery of important information and items (from the Post Office to Telcos, Internet, and FedEx and UPS), and protection (outsourcing both prisons and military jobs to private companies). Very interesting.

Government

Government Education Military Financial Services

Encryption: How It Works, Types, and the Quantum Future

eSecurity Planet

MAY 25, 2022

Not every application or network requires military-grade encryption – however, enterprise organizations can’t go wrong with the services offering the most strength. Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats.

Encryption

Encryption IT Computer and Electronics Passwords

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates. A new round of the weekly newsletter arrived! The best news of the week with Security Affairs. Hunting the coronavirus in the dark web.

Security

Security Ransomware Military Data breaches

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . Threat actors carried out a highly-sophisticated supply chain attack.

Military

Military Cybersecurity Communications Government

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

The program also commits to providing free training for transitioning military, first responders, veterans, military spouses, women, underrepresented minorities, and government personnel. training and education, to incorporate critical, complementary workforce needs such as cybersecurity, data analytics, mechatronics, and robotics.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Security Affairs

SEPTEMBER 18, 2024

and Taiwan across various sectors, including military, government, higher education, telecommunications, defense industrial base, and IT.” The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. “This botnet has targeted entities in the U.S.

IoT

IoT Military Education Cybersecurity

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

The Central Military Commission will develop the measures regulating military Data Activities. The public comment period for the Draft will end on August 16, 2020. It is expected that the Draft will be finalized within the year and that the regulatory requirements relating to data security eventually will be reflected in law in China.

Security

Security Military Government Risk

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. The China-linked APT group Thrip is continuing to target entities in Southeast Asia even after its activity was uncovered by Symantec. ” concludes the report.

Military

Military Communications Government Education

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries. In some attacks, the threat actors used weaponized Excel documents as a downloader. ” continues the report.

Manufacturing

Manufacturing Phishing Military Retail

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Access

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

IT Governance

OCTOBER 3, 2022

Welcome to our September 2022 list of data breaches and cyber attacks. Compared to August, it was a comparatively quiet month, as we identified 88 publicly disclosed security incidents and 35,566,046 compromised records. However, we’d like to know more about how our readers use this data, and what you’d like to see in this list in the future.

Data breaches

Data breaches Ransomware Education Phishing

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

JUNE 22, 2020

The law also allows operators to use covered information to comply with applicable law or for legitimate research purposes (in certain circumstances), and to disclose covered information to a State or local educational agency for PreK-12 school purposes, as permitted by State or federal law.

Data breaches

Data breaches Privacy Education Data Privacy

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

This campaign was carried out by threat actors impersonating an educational accreditation council to hit users in the United States. The attackers used decoy documents apparently coming from the Council on Social Work Education (CSWE), a US association representing social work education.

Archiving

Archiving File names Education Libraries

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes. link] #GCHQ100 pic.twitter.com/t2ixVE6j7H — GCHQ (@GCHQ) March 14, 2019.

Encryption

Encryption Military Education Communications

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Exploitation requires successful authentication by a user with the necessary privileges. The researchers identified four U.S.

Energy and Utilities

Energy and Utilities Communications Authentication Access

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. Andrey Shevlyakov, an Estonian national, was charged in the US with conspiracy and other charges related to acquiring U.S.-made

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. The group targeted multiple sectors, including government, defense, energy, transportation/logistics, education, and humanitarian organizations.

Phishing

Phishing Military Ransomware Education

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” continues Microsoft.

IoT

IoT Military Access Education

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” continues the alert.

Systems administration

Systems administration Military Phishing Government

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Security Affairs

APRIL 21, 2023

The organisation works with national authorities, air navigation service providers, civil and military airspace users, airports, and other organisations. Pro-Russia hackers KillNet launched a massive DDoS attack against Europe’s air-traffic agency EUROCONTROL. ” reads the statement published by the agency on its website.

Military

Military Education Access Cybersecurity

UK Foreign Office targeted by ‘serious’ cyber attack

IT Governance

FEBRUARY 10, 2022

It led to worrying signs that the tensions would play out as an online proxy war, with UK and other countries that opposed Russia’s military action coming under attack. The tender information page shows that the FCDO paid its cyber security contractor, BAE Systems Applied Intelligence, £467,325.60 on 12 January.

Government

Government Military Security Paper

How the U.S. Army Served its Movie-Mad GIs during World War II

Unwritten Record

JANUARY 9, 2020

Army Signal Corps as part of its “Film Bulletin” series , showcases the military’s efforts to produce and bring films to soldiers overseas during the Second World War. The military went to tremendous lengths to supply a steady diet of fiction and nonfiction film to its troops with great speed. envision the labor of media distribution.

Military

Military IT Libraries Education

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

In the midst of all this, organisations across Europe have reported delays as a result of alleged state-sponsored attacks – including Toyota’s Japanese plants and a kettle manufacturer in the Isle of Man. It will take place on Thursday, 3 March at 3pm, and you can register for on our website.

Data breaches

Data breaches Ransomware Government Blockchain

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” continues the advisory.

Military

Military Access Cybersecurity Education

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

Cyber security of satellite systems is becoming crucial due to the growing number of commercial and military applications that rely on them. According to classified U.S. intelligence documents , China is developing capabilities to seize control of satellites operated by hostile states. ” continues the report.

Cybersecurity

Cybersecurity Military Access Education

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Trending Sources

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Stark Industries Solutions: An Iron Hammer in the Cloud

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

Ministry of Defence academy hit by state-sponsored hackers

Catches of the Month: Phishing Scams for March 2022

Attention U.S. Veterans: The CIP Exam Has Been Approved for Reimbursement Under the GI Bill

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

Another Massive Russian Hack of US Government Networks

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Russia-linked APT TAG-110 uses targets Europe and Asia

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Government By Numbers: Some Interesting Insights

Encryption: How It Works, Types, and the Quantum Future

Security Affairs newsletter Round 253

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

Experts warn of China-linked APT’s Raptor Train IoT Botnet

China Issues Draft Data Security Law

Symantec uncovered the link between China-Linked Thrip and Billbug groups

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

FBI chief says China is preparing to attack US critical infrastructure

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

GCHQ implements World War II cipher machines in encryption app CyberChef

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Google TAG warns of Russia-linked APT groups targeting Ukraine

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

UK Foreign Office targeted by ‘serious’ cyber attack

How the U.S. Army Served its Movie-Mad GIs during World War II

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Stay Connected