Events, Military and Security - Information Management Today

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Security Affairs

JUNE 14, 2023

The IT giant pointed out that Cadet Blizzard is distinct from other known APT groups operating under the control of the Russian military intelligence GRU, such as Forest Blizzard ( STRONTIUM ) and Seashell Blizzard (IRIDIUM). Unlike other Russia-linked APT group, CadetBlizzard operations are extremely disruptive.

Military

Military Government IT Security

Crooks use software skimmer that pretends to be a security firm

Security Affairs

NOVEMBER 16, 2020

Security experts from Sucuri analyzing a software skimmer that is abusing its brand name in order to evade detection. The skimmer is added to the onclick event of the checkout button and onunload event of the web page. The e-skimmer is a base64-encoded JavaScript blob that attackers inject into target webpages.

Security

Security Military Risk IT

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? “These events ensue an unsatisfying narrative – Is it really hacktivism or cyber espionage?” ” reads the post published by Cyble. Pierluigi Paganini. SecurityAffairs – hacking, NATO).

Military

Military Manufacturing Phishing Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

Security Affairs

APRIL 10, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion of Ukraine that occurred in the previous weeks: April 8 – Anonymous and the IT ARMY of Ukraine continue to target Russian entities.

Military

Military Phishing Cybersecurity Government

Poland to establish Cyberspace Defence Force by 2024

Security Affairs

SEPTEMBER 12, 2019

. “We’re well aware that in today’s world it’s possible to influence the situation in states by using these methods ( cyberwar ),” Mariusz Blaszczak told to local media at a military cyber training centre in Zegrze. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Military

Military Cybersecurity Government IT

Report: Recent 10x Increase in Cyberattacks on Ukraine

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. Of those 121 million events, 4.6

Phishing

Phishing Military Government Data collection

Google TAG details cyber activity with regard to the invasion of Ukraine

Security Affairs

MARCH 31, 2022

The researchers uncovered a phishing campaign conducted by a Russia-linked threat actor tracked as COLDRIVER (aka Calisto ) against a NATO Centre of Excellence and Eastern European militaries. Google experts pointed out that this is the first time that the cyberspies target NATO and military of multiple Eastern European countries.

Military

Military Phishing Government Ransomware

DHS announces its ‘Hack DHS’ bug bounty program

Security Affairs

DECEMBER 14, 2021

The DHS has launched a new bug bounty program dubbed ‘Hack DHS’ to discover security vulnerabilities in external DHS systems. As the federal government’s cybersecurity quarterback, DHS must lead by example and constantly seek to strengthen the security of our own systems,” said Secretary Alejandro N. “As Mayorkas. “The

IT

IT Cybersecurity Military Government

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. national security secrets. national security secrets.

Security

Security Risk Military Government

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

“The group also relies on valid accounts and leverage strong operational security, which combined, allows for long-term undiscovered persistence. The Volt Typhoon’s activities suggest that the group primarily aims to establish a foothold within networks to secure access to Operational Technology (OT) assets. ” U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict

Security Affairs

FEBRUARY 27, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. February 25 – Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing. February 15 – Ukraine: Military defense agencies and banks hit by cyberattacks.

Military

Military Phishing Ransomware Security

Mar 06- Mar 12 Ukraine – Russia the silent cyber conflict

Security Affairs

MARCH 13, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Below is the timeline of the events related to the previous weeks: [link].

Blockchain

Blockchain Phishing Military Passwords

Crypto AG was spied for US, German intelligence agencies for decades

Security Affairs

FEBRUARY 12, 2020

The list of Crypto’s customers included Iran, India and Pakistan, military juntas in Latin America and the Vatican. The events under discussion date back to 1945 and are difficult to reconstruct and interpret in the present-day context,”. The company was completely under the control of the spy agencies since 1970.

Military

Military Communications Encryption Government

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Garda and military intelligence agencies believe the Russian agents were sent by the military intelligence branch of the Russian armed forces, the GRU. The post Russian spies are attempting to tap transatlantic undersea cables appeared first on Security Affairs. Source [link]. Pierluigi Paganini.

Military

Military Communications Data collection Access

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Security Affairs

OCTOBER 6, 2019

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to breach into the target networks. Pierluigi Paganini.

Military

Military Data breaches Security Government

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

The Last Watchdog

SEPTEMBER 27, 2021

To minimize their impact, implementing preventive security measures into these advanced systems is crucial. Businesses across all industries can function adequately without worrying about would-be hackers with malicious intent when they secure their networks. Related: How Russia uses mobile apps to radicalize U.S. As a result, the U.S.

Cybersecurity

Cybersecurity Military Encryption Risk

Remarks on NATO and its approach to the cyber offensive

Security Affairs

MAY 26, 2019

We register suspicious events against NATO cyber systems every day. ” Since 2016 NATO members agreed that a cyber attack against one of them could trigger a military response under Article 5. At the heart of our military command structure.” “NATO is not immune. ” said Stoltenberg. Pierluigi Paganini.

IT

IT Military Artificial Intelligence Cybersecurity

Operation Shaheen – Pakistan Air Force members targeted by nation-state attackers

Security Affairs

NOVEMBER 13, 2018

Security firm Cylance has uncovered a sophisticated state-sponsored campaign, tracked as Operation Shaheen, against the Pakistan Air Force. the Pakistani Air Force, the Pakistani government, and Chinese Military and advisers in Pakistan). .” ” reads the press release published by Cylance.

Military

Military Phishing Government Security

Facebook blocked Russia and Belarus threat actors’ activity against Ukraine

Security Affairs

APRIL 10, 2022

. “On March 14, they pivoted back to Poland and created an event in Warsaw calling for a protest against the Polish government. We disabled the account and event that same day.” The post Facebook blocked Russia and Belarus threat actors’ activity against Ukraine appeared first on Security Affairs.

Military

Military Cybersecurity Government Security

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Security Affairs

MARCH 28, 2022

to preserve its network infrastructure and to continue providing services to Ukraine’s Armed Forces and other military formations as well as to the customers, Ukrtelecom has temporarily limited providing its services to the majority of private users and business-clients,” the SSSCIP added. Follow me on Twitter: @securityaffairs and Facebook.

IT

IT Communications Military Security

Don’t use AI-based apps, Philippine defense ordered its personnel

Security Affairs

OCTOBER 23, 2023

Teodoro ordered “to refrain from using AI photo generator applications and practice vigilance in sharing information online” At this time, it remains unclear whether the order was issued in response to a specific event or to address potential attacks aimed at exploiting the data collected by these applications.

IT

IT Data collection Phishing Risk

Feb 27- Mar 05 Ukraine – Russia the silent cyber conflict

Security Affairs

MARCH 6, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Thousands of satellite internet users across Europe were disconnected from the internet by a cyber-event, experts suspect a cyber attack. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Phishing Military Government

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

The group also relies on valid accounts and leverage strong operational security, which combined, allows for long-term undiscovered persistence. The Volt Typhoon’s activities suggest that the group primarily aims to establish a foothold within networks to secure access to Operational Technology (OT) assets. In fact, the U.S.

Energy and Utilities

Energy and Utilities Communications Military Access

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours

Security Affairs

MAY 31, 2024

“The event was unprecedented due to the number of units affected – no attack that we can recall has required the replacement of over 600,000 devices. In addition, this type of attack has only ever happened once before, with AcidRain used as a precursor to an active military invasion.” ” concludes the report.

Military

Military IoT Encryption Communications

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

SEPTEMBER 9, 2019

government IT contractor that does business with more than 20 federal agencies, including several branches of the military. Department of Homeland Security that manages the nation’s naturalization and immigration system. Image: Hold Security. Department of Transportation , the National Institutes of Health (NIH), and U.S.

IT

IT Government Access Military

SideWinder phishing campaign targets maritime facilities in multiple countries

Security Affairs

JULY 30, 2024

SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. This method helps evade detection by security teams. ” reads the analysis published by the BlackBerry researchers.

Phishing

Phishing Military Access IT

GoDaddy discloses a new data breach

Security Affairs

FEBRUARY 18, 2023

GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. The security breach was discovered in December 2022 after customer reported that their sites were being used to redirect to random domains. ” concludes the company.

Data breaches

Data breaches Military Manufacturing Libraries

Malware-based attacks disrupted operations of Rheinmetall AG and Defence Construction Canada

Security Affairs

SEPTEMBER 28, 2019

German Rheinmetall AG is a market leader in the supply of military technology, in 2019 the group generated sales of $6.9 “As things stand, the Group expects the malware event to have an adverse impact on operating results of between €3 million and €4 million per week starting with week two.” ” continues the post.

Military

Military Sales Communications Ransomware

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security Affairs

SEPTEMBER 27, 2018

Security experts from ESET have spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild. Security experts have debated for a long about UEFI rootkits that are very dangerous malware hard to detect and that could resist to the operating system reinstallation and even to the hard disk replacement.

Military

Military Manufacturing Government Security

Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29

Security Affairs

NOVEMBER 19, 2018

The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent wave of attacks aimed at many important US entities, such as military agencies, law enforcement, defense contractors , media companies and pharmaceutical companies. Security Affairs – APT29, malware).

Healthcare

Healthcare Phishing Military Cybersecurity

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

This week, during the third edition of CYSAT, the European event dedicated to cybersecurity for the space industry, the European Space Agency (ESA) set up a satellite test bench, inviting white hat hackers to attempt seizing control of OPS-SAT , a nanosatellite operated by the agency for demonstration purposes. .”

Cybersecurity

Cybersecurity Military Access Education

The Importance of a Proactive Cyber Defense Solution To Protect Your Critical Data

Security Affairs

FEBRUARY 13, 2021

If your enemy is secure at all points, be prepared for them. The Military Chinese General and Philosopher Sun Tzu (544 BC – 496 BC) wrote these tactics over two thousand years ago, and it is as applicable today as it ever was. If they are in superior strength, evade them. If your opponent is temperamental, seek to irritate him.

Cybersecurity

Cybersecurity Access Security Marketing

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

agencies fear the possibility that these actors could gain access to the networks of critical infrastructure to cause disruptive effects in the event of potential geopolitical tensions and/or military conflicts.

Energy and Utilities

Energy and Utilities Communications Authentication Access

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Cybersecurity Sales Blockchain

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S.

Cybersecurity

Cybersecurity Passwords Military Education

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. The North Korean regime is known to use stolen cryptocurrencies to fund its military and other state projects.

Phishing

Phishing Blockchain Military Passwords

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

eSecurity Planet

MARCH 7, 2022

A SaaS security company says a spike in cyber attacks from Russia and China in recent weeks suggests the two countries may be coordinating their cyber efforts. reported that hackers – some linked to Russian GRU military intelligence – breached computers at nearly two dozen U.S. SaaS Apps Under Attack.

Security

Security Risk Military Cybersecurity

How to Ensure Your Digital Security During the Rugby World Cup

Thales Cloud Protection & Licensing

SEPTEMBER 12, 2019

Sports fans aren’t the only ones who are looking forward to this event. It’s not like bad actors haven’t taken an interest in major sporting events before. Just a couple of months after that, World Rugby itself announced that one of its training websites had suffered a security breach that exposed subscribers’ account information.

Security

Security IoT Personal data Military

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

The Last Watchdog

JANUARY 18, 2019

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. war plans, including strategies to be implemented in event of collapsing diplomatic relations.

Encryption

Encryption Authentication Military Government

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Snyder says his experience as head of Gateway Computers and as an investor in tech security startups, prior to entering politics, gave him an awareness of why putting Michigan ahead of the curve, dealing with cyber threats, would be vital. “I military unit, MEDC and TARDEC this summer hosted the second annual Commercial CyberTruck Challenge.

Cybersecurity

Cybersecurity Military Education Government

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. Network Elements Networks connect physical and virtual assets and control the data flow between them.

Security

Security Cloud Cybersecurity Access

RSAC Fireside Chat: Dispersive adapts WWII radio-signal masking tool to obfuscating network traffic

The Last Watchdog

MAY 28, 2024

military scattered radio-signals and added noise to radio transmissions — to prevent the jamming of torpedo controls. The streams traverse a “situationally- aware” network that can “react in real time to a degraded network situation or even a cyber event.” For a full drill down, please give the accompanying podcast a listen.

Military

Military Encryption Communications Cloud

Fancy Bear continues to target sporting and anti-doping organizations

Security Affairs

OCTOBER 28, 2019

” The attacks began on September 16, 2019, while the World Anti-Doping Agency was warning that Russia could face a ban from all major sports events over “discrepancies” in a lab database. The company has already notified all impacted customers and worked with them to secure compromised accounts or systems.

Phishing

Phishing Military Government Passwords

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Crooks use software skimmer that pretends to be a security firm

Webinars

Trending Sources

Researchers found alleged sensitive documents of NATO and Turkey

Webinars

The Netherlands declares war on ransomware operations

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

Poland to establish Cyberspace Defence Force by 2024

Report: Recent 10x Increase in Cyberattacks on Ukraine

Google TAG details cyber activity with regard to the invasion of Ukraine

DHS announces its ‘Hack DHS’ bug bounty program

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict

Mar 06- Mar 12 Ukraine – Russia the silent cyber conflict

Crypto AG was spied for US, German intelligence agencies for decades

Russian spies are attempting to tap transatlantic undersea cables

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

Remarks on NATO and its approach to the cyber offensive

Operation Shaheen – Pakistan Air Force members targeted by nation-state attackers

Facebook blocked Russia and Belarus threat actors’ activity against Ukraine

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Don’t use AI-based apps, Philippine defense ordered its personnel

Feb 27- Mar 05 Ukraine – Russia the silent cyber conflict

FBI chief says China is preparing to attack US critical infrastructure

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours

Secret Service Investigates Breach at U.S. Govt IT Contractor

SideWinder phishing campaign targets maritime facilities in multiple countries

GoDaddy discloses a new data breach

Malware-based attacks disrupted operations of Rheinmetall AG and Defence Construction Canada

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29

White hat hackers showed how to take over a European Space Agency satellite

The Importance of a Proactive Cyber Defense Solution To Protect Your Critical Data

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

New Leak Shows Business Side of China’s APT Menace

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Calendar Meeting Links Used to Spread Mac Malware

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

How to Ensure Your Digital Security During the Rugby World Cup

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

Network Security Architecture: Best Practices & Tools

RSAC Fireside Chat: Dispersive adapts WWII radio-signal masking tool to obfuscating network traffic

Fancy Bear continues to target sporting and anti-doping organizations

Stay Connected