Encryption, Government and Military - Information Management Today

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

How Shady Chinese Encryption Chips Got Into the Navy, NATO, and NASA

WIRED Threat Level

JUNE 15, 2023

The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.

Encryption

Encryption Military Government IT

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

JUNE 6, 2020

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. Threat actors first compromised the Westech’s network, then stole the documents before encrypting them. The LGM-30 Minuteman is a U.S. Pierluigi Paganini.

Military

Military Ransomware Encryption Risk

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. Attorney General Bill Barr said at a press conference today that the Justice Department doesn’t normally charge members of another country’s military with crimes (this is only the second time the agency has indicted Chinese military hackers).

Military

Military Phishing Government Sales

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ released emulators for World War II cipher machines (Enigma, Typex and The Bombe) that can be executed in the encryption app CyberChef. In 1939, just before Germany was invading Poland, the British government received an Enigma machine from Polish code breakers. Pierluigi Paganini.

Encryption

Encryption Military Education Communications

Conti Ransomware gang threatens to overthrow the government of Costa Rica

Security Affairs

MAY 18, 2022

The Conti ransomware gang is threatening to ‘overthrow’ the new government of Costa Rica after last month’s attack. Last month, the Conti ransomware gang claimed responsibility for the attack on Costa Rica government infrastructure after that the government refused to pay a ransom. GB of data.

Government

Government Ransomware Military Encryption

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. We discussed why encrypted flash drives have become established as a must-have portable business tool in the digital age. Park: Exactly.

Encryption

Encryption Military Passwords Authentication

Ukraine’s GUR hacked the Russian Ministry of Defense

Security Affairs

MARCH 4, 2024

Stolen documents include: confidential documents, including orders and reports circulated among over 2000 structural units of the Russian military service. software used by the Russian Ministry of Defense to encrypt and protect its data. ” reads the press release published by Ukraine’s GUR.

Military

Military Data breaches Encryption Government

US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware

Security Affairs

JANUARY 30, 2020

The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack , the news was reported by ZDNet. L ast week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers. EWA Technologies Inc.,

Ransomware

Ransomware Encryption Military Government

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

The malware stole data and encrypted files to block remediation attempts. “The malware that exploited the vulnerability discovered by Guan was designed to steal information from infected computers and to encrypt files on them if a victim attempted to remediate the infection. ” reads the press release published by DoJ.

Passwords

Passwords Encryption Access Ransomware

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Security Affairs

FEBRUARY 23, 2022

The name “ Bvp47 ” comes form numerous references to the string “Bvp” and the numerical value “0x47” used in the encryption algorithm. The Bvp47 backdoor was first discovered in 2013 while conducting a forensic investigation into a security breach suffered by a Chinese government organization.

Encryption

Encryption Military Archiving Government

Russia-linked APT28 targets govt bodies with fake NATO training docs

Security Affairs

SEPTEMBER 23, 2020

Russia-linked cyberespionage group APT28 uses fake NATO training documents as bait in attacks aimed at government bodies. The Russia-linked cyberespionage group APT28 is behind a string of attacks that targeting government bodies with Zebrocy Delphi malware. ” reads the report published QuoIntelligence. 245/protect/get-upd-id[.]PHP”

Military

Military Government Encryption Communications

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

SolarWinds hackers stole some of Mimecast source code

Security Affairs

MARCH 17, 2021

Back in December, the SolarWinds supply chain attack made the headlines when a Russian cyber espionage group tampered with updates for SolarWinds’ Orion Network Management products that the IT company provides to government agencies, military, and intelligence offices. ” reads the incident report published by mimecast.

Encryption

Encryption Military Access Archiving

Crypto AG was spied for US, German intelligence agencies for decades

Security Affairs

FEBRUARY 12, 2020

Swiss authorities are investigating into allegations the company Crypto AG, a Switzerland-based maker of encryption devices, was a front company for the CIA and German intelligence. The list of Crypto’s customers included Iran, India and Pakistan, military juntas in Latin America and the Vatican. That’s not credible,” he said.

Military

Military Communications Encryption Government

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches

Data breaches Security Military Ransomware

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Security Affairs

FEBRUARY 16, 2020

billion for cyber operations in next year’s budget for the Department of Defense, a data that confirms the strategic importance of the fifth domain of the warfare for the US Government. The US administration requested $9.8 The budget was released on February 10, it requests $9.8 billion in the fiscal year 2020.

Artificial Intelligence

Artificial Intelligence Military Cybersecurity Risk

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Security Affairs

JANUARY 18, 2024

The ColdRiver APT (aka “ Seaborgium “, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group that has been targeting government officials, military personnel, journalists and think tanks since at least 2015. When the victims opens the PDF, an encrypted text is displayed.

Phishing

Phishing Encryption Military Archiving

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The analysis of the encrypted files used in the second stage revealed a previously undiscovered backdoor associated with the Platinum group.

Communications

Communications Encryption Military Government

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs

DECEMBER 25, 2022

Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom and Governments TikTok parent company ByteDance revealed the use of TikTok data to track journalists BetMGM discloses security breach impacting 1.5 Follow me on Twitter: @securityaffairs and Facebook and Mastodon.

Security

Security Military Ransomware Encryption

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. Kr00k Wi-Fi Encryption flaw affects more than a billion devices. Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates. ISS reveals malware attack impacted parts of the IT environment.

Security

Security Ransomware Military Data breaches

Russia-linked Nobelium APT group uses custom backdoor to target Windows domains

Security Affairs

SEPTEMBER 28, 2021

.” The attackers use the version.dll DLL to load FoggyWeb which is stored in the encrypted file Windows.Data.TimeZones.zh-PH.pri. The loader uses the custom Lightweight Encryption Algorithm (LEA) routine to decrypt the backdoor directly in the memory. Follow me on Twitter: @securityaffairs and Facebook.

Encryption

Encryption Military Government Access

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

DECEMBER 7, 2019

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. ” continues the analysis. .

Military

Military Government Phishing Archiving

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. The alert published by the Ukraine CERT-UA includes Indicators of Compromise (IoCs) for this campaign and recommendations.

Phishing

Phishing Military Ransomware Encryption

EU bodies agree on new EU export rules for dual-use technology

Security Affairs

NOVEMBER 11, 2020

European Parliament votes to tighten up rules for the sale and export of surveillance and encryption technology. The term “ dual-use ” refers to technology that can be used for both peaceful and military aims. EU authorities also request countries more transparency about the export licenses they grant. .

Sales

Sales Military Government Risk

Encryption: How It Works, Types, and the Quantum Future

eSecurity Planet

MAY 25, 2022

Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms.

Encryption

Encryption IT Computer and Electronics Passwords

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

In January 2022, researchers at Kaspersky ICS CERT uncovered a series of targeted attacks on military industrial enterprises and public institutions in Afghanistan and East Europe. China-linked threat actors targeted dozens of industrial enterprises and public institutions in Afghanistan and Europe.

Encryption

Encryption Military Archiving Phishing

The Dangers of Using Unsecured Wi-Fi Networks

Security Affairs

AUGUST 22, 2019

Data that travels over a public hotspot network is rarely encrypted. The answer is a virtual private network (VPN) which creates a private tunnel between your device and the internet and encrypts your data. BullGuard VPN for instance uses military grade encryption which would take more than a lifetime to crack.

Encryption

Encryption Passwords Military Privacy

Dark Pink APT targets Govt entities in South Asia

Security Affairs

MARCH 13, 2023

In February 2023, EclecticIQ researchers spotted multiple KamiKakaBot malware samples that were employed by the Dark Pink APT group (aka Saaiwc) in attacks against government entities in Southeast Asia countries. “The ISO file also contains a decoy Word document that has an XOR-encrypted section.

Phishing

Phishing Encryption Military Government

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

OCTOBER 17, 2018

The victim was one of the most important leaders in the field of security and defensive military grade Naval ecosystem in Italy. At a first sight, the office document had an encrypted content available on OleObj.1 And why the attacker used an encrypted payload if the victim cannot open it? Stage1: Encrypted Content.

Computer and Electronics

Computer and Electronics Encryption Security Military

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs

JUNE 23, 2022

The Tropic Trooper APT has been active at least since 2012, it was first spotted by security experts at Trend Micro in 2015, when the threat actors targeted government ministries and heavy industries in Taiwan and the military in the Philippines. The collected information is formatted and sent to the C&C server.

Military

Military Encryption Passwords Security

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. Despite their extensions, the attachments are not Office documents, but rather encrypted blobs of data that include a specific command to be executed.

Communications

Communications Military Encryption Authentication

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . ” The spam messages contain URLs to.ZIP files that serve VBS content designed to download the payload from one of six hardcoded encrypted URLs. . .

Passwords

Passwords Military Manufacturing Encryption

It is time to re-evaluate Cyber-defence solutions

Security Affairs

JANUARY 10, 2021

Just where is the Global Cyber-defense Market going, and why is it failing so spectacularly to protect the data assets of the largest and most heavily protected government institutions and corporate companies in the world. The Cyber-attack resulted in a large volume of data to be encrypted including database servers and backup data.

IT

IT Cybersecurity Ransomware Manufacturing

The Myth of Consumer-Grade Security

Schneier on Security

AUGUST 28, 2019

The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Barr repeated a common fallacy about a difference between military-grade encryption and consumer encryption: "After all, we are not talking about protecting the nation's nuclear launch codes.

Military

Military Computer and Electronics Encryption Security

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. government institutions, and about 250 Ukrainian victims. ” reads the joint advisory. ” continues the advisory.

Military

Military Access Cybersecurity Education

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

The Last Watchdog

JANUARY 18, 2019

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise.

Encryption

Encryption Authentication Military Government

Donot Team cyberespionage group updates its Windows malware framework

Security Affairs

AUGUST 21, 2022

The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries. The Donot Team threat actor, aka APT-C-35 , has added new capabilities to its Jaca Windows malware framework.

IT

IT Phishing Military Government

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. The downloaded code has been encrypted through the Rijndael algorithm with a hard-coded key. Introduction.

Military

Military Communications Encryption IT

Texas Government Agencies Hit by Ransomware

Adam Levin

AUGUST 19, 2019

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files.

Government

Government Ransomware Military Encryption

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

It intercepts credentials by hooking into Versa’s “setUserPassword” method, encrypting and storing them on disk. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Authentication Access

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs

AUGUST 10, 2020

There are four operators in Myanmar: state-owned Myanma Posts and Telecommunications ( MPT ) , Qatar based Ooredoo, military-aligned Mytel, and privately owned Telenor Myanmar. The block page uses the domain “ urlblocked.pw ” registered the 26th of March 2020 with a free Let’s encrypt certificate. Domain Name: URLBLOCKED.PW

Military

Military Communications Access Risk

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

billion rubles. billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

GUEST ESSAY: How tech tricks used by Amazon, Netflix aid Ukraine in repelling Russia’s invasion

The Last Watchdog

OCTOBER 10, 2023

Accessing video-based intelligence at the right time and place is a very effective method for gaining information about the constantly changing military landscape. Value of protocols Technological innovations have widely been credited for helping Ukraine even the odds against Russia’s military might.

Metadata

Metadata Military Encryption Communications

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

How Shady Chinese Encryption Chips Got Into the Navy, NATO, and NASA

Webinars

Trending Sources

Maze ransomware operators stole data from US military contractor Westech

Webinars

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

GCHQ implements World War II cipher machines in encryption app CyberChef

Conti Ransomware gang threatens to overthrow the government of Costa Rica

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

Ukraine’s GUR hacked the Russian Ministry of Defense

US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware

Chinese national charged for hacking thousands of Sophos firewalls

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Russia-linked APT28 targets govt bodies with fake NATO training docs

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

SolarWinds hackers stole some of Mimecast source code

Crypto AG was spied for US, German intelligence agencies for decades

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Platinum APT and leverages steganography to hide C2 communications

Security Affairs newsletter Round 399 by Pierluigi Paganini

Security Affairs newsletter Round 253

Russia-linked Nobelium APT group uses custom backdoor to target Windows domains

Russia-linked Gamaredon group targets Ukraine officials

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

EU bodies agree on new EU export rules for dual-use technology

Encryption: How It Works, Types, and the Quantum Future

Chinese actors behind attacks on industrial enterprises and public institutions

The Dangers of Using Unsecured Wi-Fi Networks

Dark Pink APT targets Govt entities in South Asia

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

New Turla ComRAT backdoor uses Gmail for Command and Control

Qbot uses a new email collector module in the latest campaign

It is time to re-evaluate Cyber-defence solutions

The Myth of Consumer-Grade Security

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

Donot Team cyberespionage group updates its Windows malware framework

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Texas Government Agencies Hit by Ransomware

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

GUEST ESSAY: How tech tricks used by Amazon, Netflix aid Ukraine in repelling Russia’s invasion

Stay Connected