Exercises and Security - Information Management Today

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise

Security Affairs

APRIL 15, 2019

The international live-fire cyber defence exercise Locked Shields 2019 (LS19) took place on April 8-12 in Tallinn, Estonia, and the figures behind this important competition are important. “This year the exercise evolved around 4000 virtualised systems that had to take more than 2500 attacks. .” Pierluigi Paganini.

Military

Military Communications Security IT

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

AUGUST 20, 2023

-South Korea military exercise. The military drill, the Ulchi Freedom Guardian summer exercises , will start on Monday, August 21, 2023 , and will last 11 days. The military exercises aim at improving the ability of the two armies to respond to North Korea’s evolving nuclear and missile threats. .

Military

Military Phishing Government Security

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Security Affairs

FEBRUARY 24, 2023

Defence Cyber Marvel 2 (DCM2) is the largest Western Europe-led cyber exercise that took place in Tallinn with 34 teams from 11 countries. This year, 750 cyber specialists have participated in the military cyberwarfare exercise. ” reads the press release published by the UK Ministry of Defence. .

Military

Military Education Government IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid against cyber attacks

Security Affairs

AUGUST 6, 2018

DoE announced the Liberty Eclipse exercise to test the electrical grid ‘s ability to recover from a blackout caused by cyberattacks. The weeklong stress test is scheduled to take place this November on Plum Island, a restricted site off the coast of New York that houses a Department of Homeland Security animal disease center.”

Energy and Utilities

Energy and Utilities Security Cybersecurity IT

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

CISA Conducts First-Ever AI Security Incident Response Drill

Data Breach Today

JUNE 17, 2024

US Cyber Defense Agency Developing AI Security Incident Collaboration Playbook The Cybersecurity and Infrastructure Security Agency is hosting a series of tabletop exercises through its flagship public-private collaborative while developing a new playbook for both sectors to better respond to emerging cybersecurity risks associated with artificial (..)

Artificial Intelligence

Artificial Intelligence Security Cybersecurity Risk

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Security Affairs

JULY 22, 2021

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products.

e-Discovery

e-Discovery Security Passwords Access

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Security Affairs

DECEMBER 23, 2024

A communication campaign will inform users and non-users on how to oppose the use of their personal data for AI training, ensuring they can exercise their GDPR rights. OpenAI claims the fine is disproportionate and announced it will appeal.

Artificial Intelligence

Artificial Intelligence Personal data Data collection Privacy

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

Teleworking by Healthcare Employees: Security Challenges

Data Breach Today

MARCH 19, 2020

With increasing demands on healthcare organizations to quickly accommodate a surge of teleworking employees as a result of the COVID-19 pandemic, IT and information security departments need to exercise security vigilance, says former healthcare CIO Drex DeFord.

Security

Security Information Security IT

What Counts as “Good Faith Security Research?”

Krebs on Security

JUNE 3, 2022

The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. ” What constitutes “good faith security research?” ” The new DOJ policy comes in response to a Supreme Court ruling last year in Van Buren v.

Security

Security Computer and Electronics Access Libraries

Bodybuilding.com forces password reset after a security breach

Security Affairs

APRIL 23, 2019

The website offers any kind of fitness articles, exercises, workouts, and supplements. “Bodybuilding.com recently became aware of a data security incident that may have affected certain customer information in our possession. ” reads the announcement published on the website. Pierluigi Paganini.

Passwords

Passwords Security Retail Personal data

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation. Pierluigi Paganini.

Passwords

Passwords Access Phishing Authentication

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. Exercise caution when using removable media (e.g., v1 , U.S. .

Healthcare

Healthcare Passwords Government Systems administration

Space Force Is Planning a Military Exercise in Orbit

WIRED Threat Level

APRIL 13, 2024

Two satellites will engage in a “realistic threat response scenario” when Victus Haze gets underway.

Military

Military Security

Security Affairs newsletter Round 210 – News of the week

Security Affairs

APRIL 21, 2019

The best news of the week with Security Affairs. Security Affairs newsletter Round 209 – News of the week. Gnosticplayers round 5 – 65 Million+ fresh accounts from 6 security breaches available for sale. Gnosticplayers round 5 – 65 Million+ fresh accounts from 8 security breaches available for sale. Kindle Edition.

Security

Security Computer and Electronics Sales Data breaches

Microsoft SimuLand, an open-source lab environment to simulate attack scenarios

Security Affairs

MAY 20, 2021

“These lab environments will provide use cases from a variety of data sources including telemetry from Microsoft 365 Defender security products, Azure Defender and other integrated data sources through Azure Sentinel data connectors.” ” reads the announcement published by Microsoft. Pierluigi Paganini.

Security

Security IT

UK Defence Secretary jet hit by an electronic warfare attack in Poland

Security Affairs

MARCH 15, 2024

” Steadfast Defender 2024 is NATO’s largest military exercise since the Cold War aimed at testing the alliance’s readiness and ability to defend itself across multiple domains. The exercise is held from January 22nd to May 31st, 2024.

Communications

Communications Military Risk IT

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Security Affairs

MAY 6, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Libraries Data breaches Ransomware

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 27, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Korean Kimsuky APT targets S.

Security

Security Military Ransomware Passwords

US govt warns critical infrastructure of ransomware attacks during holidays

Security Affairs

NOVEMBER 22, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warn critical infrastructure partners of ransomware attacks during the holiday season. If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Phishing Passwords Authentication

Intel Officials Warned Police That US Cities Aren’t Ready for Hostile Drones

WIRED Threat Level

DECEMBER 17, 2024

In a previously unreported August memo, the Department of Homeland Security urged state and local police to conduct exercises to test their ability to respond to weaponized drones.

Security

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Data breaches

Data breaches Sales Encryption Passwords

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

Chief Information Security Officers were already on the hot seat well before the COVID-19 global pandemic hit, and they are even more so today. They must rally the troops to proactively engage, day-to-day, in the intricate and absolutely vital mission of preserving the security of IT assets, without stifling innovation.

Security

Security Cybersecurity Military Risk

UK Home Office is ignoring the risk of ‘catastrophic ransomware attacks,’ report warns

Security Affairs

DECEMBER 13, 2023

A Joint Committee on the National Security Strategy (JCNSS) warns of the high risk of a catastrophic ransomware attack on the UK government. According to a parliamentary report published by the Joint Committee on the National Security Strategy (JCNSS) the UK government can face a ‘catastrophic ransomware attack at any moment.’

Ransomware

Ransomware Risk Government Security

CardX released a data leak notification impacting their customers in Thailand

Security Affairs

SEPTEMBER 17, 2023

CardX recommends that customers keep track of transactions involving their accounts and exercise caution to avoid any potential fraud. CardX has upgraded its systems and implemented additional security measures to prevent further information leaks. CardX is a company in the SCB X Group in Thailand.

Cybersecurity

Cybersecurity Security Access IT

German BSI agency warns of ransomware attacks over Christmas holidays

Security Affairs

DECEMBER 5, 2021

.” The German cybersecurity authority also urges organizations to implement preventive measures and increase the level of security to prevent Emotent and other malware infections. If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored. Pierluigi Paganini.

Ransomware

Ransomware Cybersecurity Phishing Passwords

MITRE and CISA release Caldera for OT attack emulation

Security Affairs

SEPTEMBER 6, 2023

MITRE Caldera is an open-source adversary emulation platform that helps cybersecurity practitioners to automate security assessments. Purple teaming: This is a collaborative approach to security that brings together red and blue teams to work together to improve an organization’s security posture.

Cybersecurity

Cybersecurity Security Risk Government

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

Credit: ESA – European Space Agency The offensive cybersecurity team at Thales demonstrated how to take control of the ESA satellite, the is considered the world’s first ethical satellite hacking exercise. The exercise aims at assessing the resilience of satellites to cyber attacks. According to classified U.S.

Cybersecurity

Cybersecurity Military Access Education

TrickBot gang developer arrested at the Seoul international airport

Security Affairs

SEPTEMBER 6, 2021

In October, Microsoft’s Defender team, FS-ISAC , ESET , Lumen’s Black Lotus Labs , NTT , and Broadcom’s cyber-security division Symantec joined the forces and announced a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet. Pierluigi Paganini. SecurityAffairs – hacking, TrickBot ).

Ransomware

Ransomware Government IT Security

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Krebs on Security

JULY 19, 2021

” Wosar said it’s essential that organizations drill their breach response plans in periodic tabletop exercises, and that it is in these exercises that companies can start to refine their plans. That’s why tabletop exercises are incredibly important.

Ransomware

Ransomware Encryption Insurance IT

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

The joint Cybersecurity Advisory (CSA) published by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) provides known IOCs, TTPs, and detection methods associated with the AvosLocker ransomware variant employed in recent attacks.

Ransomware

Ransomware Systems administration Cybersecurity Encryption

New malware Cthulhu Stealer targets Apple macOS users

Security Affairs

AUGUST 23, 2024

Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. ” reads the report published by Cado Security.

Passwords

Passwords Blockchain Libraries Archiving

Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)

Security Affairs

MAY 17, 2023

The organization is located in Tallinn, Estonia, and conducts research, training, and exercises in the field of cyber defence, and provides a platform for sharing expertise and best practices. Our goal is to foster increased cooperation and reap the benefits of this large-scale coalition through research, training, and exercises.”

Cybersecurity

Cybersecurity Security IT Information Security

RuNet – Russia successfully concluded tests on its Internet infrastructure

Security Affairs

DECEMBER 24, 2019

The exercises aimed at testing and ensuring the integrity and the security of Russia’s Internet infrastructure, so-called RuNet. One of them is checking the integrity and security of the Internet as a result of external negative influences.” ” reported the Tass press agency. Pierluigi Paganini.

IT

IT Communications Government Personal data

FBI’s alert warns about using Windows 7 and TeamViewer

Security Affairs

FEBRUARY 14, 2021

“Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” states the FBI’s PIN alert. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Passwords

Passwords Systems administration Risk Access

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

US Cyber Command and Australian IWD to develop shared cyber training range

Security Affairs

DECEMBER 6, 2020

“Cyber mission forces first identified the need for a shared, iterative virtual cyber range during exercise Cyber Flag 2015 and has since galvanized an expedited effort to define the requirement and find technical solutions. The agreement is valued at $215.19 ” reads the press release published by the US Cyber Command.

Military

Military IT Security Information Security

The Australian government wants to respond to attacks on critical infrastructure

Security Affairs

AUGUST 16, 2020

The Australian government wants to increase the security of critical infrastructure, for this reason, it plans to manage the response of private enterprises to cyber attacks targeting them. The government aims at developing security baselines that operators in the critical industries have to implement. ” reads the paper.

Government

Government Paper Risk Security

News alert: Security Risk Advisors launchs VECTR Enterprise Edition for ‘purple team’ benchmarking

The Last Watchdog

AUGUST 2, 2024

1, 2024, CyberNewsWire — Security Risk Advisors (SRA) announces the launch of VECTR Enterprise Edition , a premium version of its widely-used VECTR platform for purple teams and adversary management program reporting and benchmarking. About VECTR : VECTR™ is developed and maintained by Security Risk Advisors.

Risk

Risk Security Systems administration Communications

US CISA releases guidance on how to prevent ransomware data breaches

Security Affairs

AUGUST 21, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. The post US CISA releases guidance on how to prevent ransomware data breaches appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches

Data breaches Ransomware Encryption Cybersecurity

NSA releases the source code of the GHIDRA reverse engineering framework

Security Affairs

APRIL 4, 2019

In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering framework GHIDRA. WikiLeaks obtained thousands of files allegedly originating from a CIA high-security network that details CIA hacking techniques, tools, and capabilities. Ghidra is Apache 2.0-licensed

Cybersecurity

Cybersecurity Security IT

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. Exercise caution when opening email attachments, even if the attachment is expected and the sender appears to be known. Exercise caution when using removable media (e.g.,

Passwords

Passwords Authentication Cybersecurity Access

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Security Affairs

JUNE 3, 2021

Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. precise control of the return address can be achieved – this is left as an exercise for the reader.” ” continues the report.

Communications

Communications Agriculture IoT Encryption

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise

N. Korean Kimsuky APT targets S. Korea-US military exercises

Webinars

Trending Sources

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Webinars

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid against cyber attacks

How to Package and Price Embedded Analytics

CISA Conducts First-Ever AI Security Incident Response Drill

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Teleworking by Healthcare Employees: Security Challenges

What Counts as “Good Faith Security Research?”

Bodybuilding.com forces password reset after a security breach

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

US govt agencies share details of the China-linked espionage malware Taidoor

Space Force Is Planning a Military Exercise in Orbit

Security Affairs newsletter Round 210 – News of the week

Microsoft SimuLand, an open-source lab environment to simulate attack scenarios

UK Defence Secretary jet hit by an electronic warfare attack in Poland

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

US govt warns critical infrastructure of ransomware attacks during holidays

Intel Officials Warned Police That US Cities Aren’t Ready for Hostile Drones

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

UK Home Office is ignoring the risk of ‘catastrophic ransomware attacks,’ report warns

CardX released a data leak notification impacting their customers in Thailand

German BSI agency warns of ransomware attacks over Christmas holidays

MITRE and CISA release Caldera for OT attack emulation

White hat hackers showed how to take over a European Space Agency satellite

TrickBot gang developer arrested at the Seoul international airport

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

FBI and CISA published a new advisory on AvosLocker ransomware

New malware Cthulhu Stealer targets Apple macOS users

Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)

RuNet – Russia successfully concluded tests on its Internet infrastructure

FBI’s alert warns about using Windows 7 and TeamViewer

The Netherlands declares war on ransomware operations

US Cyber Command and Australian IWD to develop shared cyber training range

The Australian government wants to respond to attacks on critical infrastructure

News alert: Security Risk Advisors launchs VECTR Enterprise Edition for ‘purple team’ benchmarking

US CISA releases guidance on how to prevent ransomware data breaches

NSA releases the source code of the GHIDRA reverse engineering framework

CISA’s advisory warns of notable increase in LokiBot malware

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Stay Connected