Government, Manufacturing and Military - Information Management Today

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.

Military

Military Manufacturing Ransomware Mining

US Disrupts Russian Military Intelligence Botnet

Data Breach Today

FEBRUARY 15, 2024

federal government says it disrupted a criminal botnet that Russian military intelligence had converted into a platform for global cyberespionage. The malware targets Linux-based IoT devices - in this case, routers made by New York manufacturer Ubiquiti. GRU Hackers Commandeered 'Moobot' for Cyberespionage The U.S.

Military

Military IoT Manufacturing Government

Russian military plans to replace Windows with Astra Linux

Security Affairs

MAY 31, 2019

Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing the Windows system with the Linux distribution Astra Linux. intelligence agencies.

Military

Military Government Manufacturing Data Privacy

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Security Affairs

AUGUST 21, 2023

military procurement system. military procurement system and was spotted targeting Taiwan-based organizations The choice of the new targets in the latest campaign suggests a strategic interest of the People’s Republic of China according to the 2023 ODNI threat assessment. military server used for contract proposals and submissions.

Military

Military Manufacturing Government Access

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer). ” reads the post published by Cyble.

Military

Military Manufacturing Phishing Government

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Australia banned Huawei from 5G network due to security concerns

Security Affairs

AUGUST 25, 2018

The Australian government considers risky the involvement of Huawei for the rolling out of next-generation 5G communication networks. The US was the first country that warned of the security risks associated with the usage of the products manufactured by the Chinese telecommunications giant.

Security

Security Military Manufacturing Retail

The US Gov is testing high-altitude balloons for surveillance

Security Affairs

AUGUST 4, 2019

The US government is testing high-altitude balloons manufactured by Sierra Nevada to conduct surveillance over American soil. The US government is planning to use high-altitude balloons to conduct surveillance over Americans. ” states The Guardian. ” states the authorization.

Military

Military Manufacturing Communications Government

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

“The Federal Office for Information Security (BSI) warns according to §7BSIlaw before using virus protection software from the Russian manufacturer Kaspersky. BSI remarks that the trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of any defense software.

Manufacturing

Manufacturing Information Security Military Cybersecurity

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

“For example, UNC2529 used a unique username, masquerading as an account executive for a small California-based electronics manufacturing company, which Mandiant identified through a simple Internet search.” .” states the analysis published by FireEye.

Manufacturing

Manufacturing Phishing Military Retail

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

Mitsubishi Electric had also already notified members of the Japanese government and the Ministry of Defense. ” The advanced prototype missile was designed to be deployed in Japan’s remote islands as a deterrence to military activities conducted by China in the area. . ” states the AP press agency.

Security

Security Military Manufacturing Personal data

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks. French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks.

IT

IT Military Manufacturing Risk

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

According to the South Korean authorities, the government of Pyongyang’s goal is to steal intellectual property and trade secrets from the South. The attack aimed at infecting PCs belonging to personnel from local governments, public institutions, and construction companies who accessed the site.

Information capture

Information capture Authentication Military Government

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs

NOVEMBER 27, 2023

” Rosaviatsia is the government agency responsible for the oversight and regulation of civil aviation in Russia. The announcement marks the first time that a government admitted to having used hacking as part of its military strategy during a conflict. ” concludes the report.

Military

Military Manufacturing Government Authentication

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

OCTOBER 31, 2018

.” The Jiangsu Province Ministry of State Security (JSSD) is a foreign intelligence unit that is coordinated by China’s Ministry of State Security (MSS), the agency that is tasked for non-military foreign intelligence and domestic counterintelligence operations. based firm. ” states the DoJ indictment.

Manufacturing

Manufacturing Military Phishing Security

Russian APT29 conducts phishing attacks through Microsoft Teams

Security Affairs

AUGUST 3, 2023

Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks. The hackers targeted diplomatic entities and systems transmitting sensitive information about the region’s politics, aiding Ukrainian citizens fleeing the country, and providing help to the government of Ukraine.

Phishing

Phishing Authentication Government Military

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

” The MiCODUS MV720 GPS Tracker is a popular vehicle GPS tracker manufactured in China, which is used by consumers for theft protection and location management, and by organizations for vehicle fleet management. The analysis of the sector usage on a global scale revealed significant differences by continent in the typical user profile.

Passwords

Passwords Manufacturing Military Authentication

MICROCHIPS Act aims at improving tech supply chain

Security Affairs

AUGUST 1, 2019

2316 ) – Two US Senators have introduced a bill to protect US government supply chain against foreign sabotage and cyber espionage. Two US senators have introduced legislation a bill, dubbed Manufacturing, Investment and Controls Review for Computer Hardware, Intellectual Property and Supply ACT (MICROCHIPS Act – S.

Military

Military Manufacturing Government Security

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). .” Most of exploit attempts targeted organizations in Turkey (19%), followed by United States (18%) and Italy (10%).

Authentication

Authentication Military Ransomware Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Access

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military spacecraft. Treasury Department in July 2014 due to its support to the Russian government in attempting of destabilizing eastern Ukraine and its ongoing occupation of Crimea.

Military

Military Communications Manufacturing Phishing

Defense contractor Belcan leaks admin password with a list of flaws

Security Affairs

AUGUST 22, 2023

US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions.

Passwords

Passwords Military Manufacturing Analytics

It is time to re-evaluate Cyber-defence solutions

Security Affairs

JANUARY 10, 2021

Just where is the Global Cyber-defense Market going, and why is it failing so spectacularly to protect the data assets of the largest and most heavily protected government institutions and corporate companies in the world. For more information on this, see: Manchester United Football Club Cyber Attack.

IT

IT Cybersecurity Ransomware Manufacturing

Government By Numbers: Some Interesting Insights

John Battelle's Searchblog

OCTOBER 28, 2011

Examples include identity (from driver’s licenses and SSNs to Visa, MasterCard, Amex, and Facebook), delivery of important information and items (from the Post Office to Telcos, Internet, and FedEx and UPS), and protection (outsourcing both prisons and military jobs to private companies). Very interesting.

Government

Government Education Military Financial Services

Vladimir Putin ‘s computers still run Windows XP, Media reports

Security Affairs

DECEMBER 30, 2019

Open Media pointed out that that Windows XP is the last operating system developed by Microsoft that was approved by the Kremlin for use on official Russian government computers. Microsoft Windows 10 is only allowed only for government systems that don’t manage secret information. ” reads the post published by The Guardian.

Government

Government Communications Military Manufacturing

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . The researchers estimate that one of these campaigns that took place in July impacted roughly 5% of organizations worldwide.

Passwords

Passwords Military Manufacturing Encryption

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. DataLocker actually got traction, early on, selling to the military. LW: Makes sense. and are TAA compliant.

Encryption

Encryption Military Passwords Authentication

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Security

Security Data breaches Computer and Electronics Ransomware

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Security Affairs

MARCH 15, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Most of exploit attempts targeted organizations in Turkey (19%), followed by United States (18%) and Italy (10%).

Ransomware

Ransomware Military Manufacturing Security

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. The malware samples analyzed impersonated the applications of telecommunications companies or smartphone manufacturers.

Military

Military Manufacturing Government Security

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Most of the exploit attempts targeted organizations in Turkey (19%), followed by United States (18%) and Italy (10%).

Military

Military Manufacturing Access Security

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security Affairs

SEPTEMBER 27, 2018

Security researchers from ESET have discovered a new piece of a sophisticated malware used by the Russia-linked Sednit group (aka Fancy Bear , APT28 , Pawn Storm , Sofacy Group , and STRONTIUM ) in targeted attacks aimed at government entities in the Balkans as well as in Central and Eastern Europe. ” continues the report.

Military

Military Manufacturing Government Security

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Communications Authentication Access

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Security Affairs

MAY 14, 2019

Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea. The hackers targeted organizations in the chemicals, manufacturing, electronics, aerospace, healthcare, and automotive sectors. Kaspersky first documented the operations of the group in 2016.

IT

IT Military Manufacturing Government

Critical Vulnerabilities in GPS Trackers

Schneier on Security

JULY 21, 2022

The China-based manufacturer says 1.5 BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies. million of its tracking devices are deployed across 420,000 customers.

Manufacturing

Manufacturing Military Communications Authentication

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Our military systems are vulnerable. We need to face that reality by halting the purchase of insecure weapons and support systems and by incorporating the realities of offensive cyberattacks into our military planning. Over the past decade, militaries have established cyber commands and developed cyberwar doctrine.

Military

Military Cybersecurity Communications Manufacturing

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

Touhill “Adversaries should remember that our military doctrine identifies cyber as one of our combined arms capabilities,” says Greg Touhill, president of AppGate Federal Group , a Florida-based supplier of software perimeter security systems.

Energy and Utilities

Energy and Utilities Access Passwords Cybersecurity

From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military

The Security Ledger

NOVEMBER 7, 2019

government: selling Chinese manufactured cameras and other gear to the U.S. Military, the Department of Energy and other government agencies that it claimed were "Made in the U.S.A". A complaint unsealed by the Department of Justice on Thursday alleges a New York firm engineered a years-long scheme to deceive the U.S.

Military

Military Government Manufacturing Data breaches

AUTHOR Q&A: China’s spy balloons reflect a cyber warfare strategy America must counter

The Last Watchdog

FEBRUARY 21, 2023

Part one of the book catalogues how cyber criminals and US adversaries have taken full advantage of systemic flaws in how we’ve come to defend business and government networks. Today it is the world’s largest manufacturer of telecom equipment, including critical 5-G equipment.

Cybersecurity

Cybersecurity Marketing Government Military

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

US Disrupts Russian Military Intelligence Botnet

Webinars

Trending Sources

Russian military plans to replace Windows with Astra Linux

Webinars

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

US indicted 4 Russian government employees for attacks on critical infrastructure

China-linked APT Curious Gorge targeted Russian govt agencies

Researchers found alleged sensitive documents of NATO and Turkey

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Australia banned Huawei from 5G network due to security concerns

The US Gov is testing high-altitude balloons for surveillance

The German BSI agency recommends replacing Kaspersky antivirus software

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Japan suspects HGV missile data leak in Mitsubishi security breach

France will not ban Huawei from its upcoming 5G networks

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Russian APT29 conducts phishing attacks through Microsoft Teams

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

MICROCHIPS Act aims at improving tech supply chain

Researchers warn of a surge in cyber attacks against Microsoft Exchange

FBI chief says China is preparing to attack US critical infrastructure

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Defense contractor Belcan leaks admin password with a list of flaws

It is time to re-evaluate Cyber-defence solutions

Government By Numbers: Some Interesting Insights

Vladimir Putin ‘s computers still run Windows XP, Media reports

Qbot uses a new email collector module in the latest campaign

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Critical Vulnerabilities in GPS Trackers

Vulnerabilities in Weapons Systems

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military

AUTHOR Q&A: China’s spy balloons reflect a cyber warfare strategy America must counter

Stay Connected