Government, Military and Risk - Information Management Today

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

FEBRUARY 19, 2024

The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. The compromise of email servers poses a substantial risk, especially during a conflict such as Russia-Ukraine.

Military

Military Government Access Risk

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

JUNE 6, 2020

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. The post Maze ransomware operators stole data from US military contractor Westech appeared first on Security Affairs. The LGM-30 Minuteman is a U.S. Pierluigi Paganini.

Military

Military Ransomware Encryption Risk

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

OCTOBER 22, 2019

. “The data Our team viewed highly sensitive data exposing the personal details of government and military personnel, and their travel arrangements to locations around the world, both past and future.” The list of affected users includes the US government, military, and Department of Homeland Security (DHS). .

Military

Military Government Cloud Archiving

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

US Government is asking allies to ban Huawei equipment

Security Affairs

NOVEMBER 24, 2018

US Government is inviting its allies to exclude Huawei equipment from critical infrastructure and 5G architectures, reports the Wall Street Journal. The Wall Street Journal reported that the US Government is urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Pierluigi Paganini.

Government

Government Military Risk Security

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

The Last Watchdog

JULY 5, 2022

At any point the external environment can throw a curve ball – new government regulations, changes in political and social dynamics, or trends in sustainability to name a few. Context of risk. The Ukraine-Russia war is a grim example of geopolitical risk intersecting with cyber security risk. Cyber in a silo?

Risk

Risk Military Marketing Data Privacy

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

Security Affairs

DECEMBER 11, 2018

Group-IB, an international company that specializes in preventing cyberattacks , has detected more than 40 000 compromised user credentials of online government services in 30 countries around the world. Group-IB Threat Intelligence has detected government websites’ user accounts compromised by cyber criminals in 30 countries.

Government

Government Passwords Military Archiving

Russian APT Hackers Actively Targeting European NATO Allies

Data Breach Today

APRIL 13, 2023

European Embassies and Diplomats at Most Risk, Warns Polish CERT A Russian hacking campaign is targeting European embassies and diplomats as part of an ongoing cyberespionage campaign aimed at stealing Western government intelligence on the war in Ukraine, according to a joint alert by the Polish CERT and Military Counterintelligence Service.

Military

Military Risk Government

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The Government experts pointed out that in some cases the group did not deployed any backdoor in the compromised systems.

Military

Military Government Phishing Authentication

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

A British court has rejected the request of the US government to extradite Wikileaks founder Julian Assange to the country. Judge Vanessa Baraitser denied the extradition due to suicide risk for the impression he could suffer in the U.S. government will likely appeal the decision. Of course, the U.S.

Military

Military Government Risk Passwords

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

Hacker who helped the ISIS will remain in US prison

Security Affairs

OCTOBER 9, 2020

government and military personnel will remain in a federal prison. Ardit Ferizi , aka Th3Dir3ctorY, is the hacker that supported the ISIS organization by handing over data for 1,351 US government and military personnel. military and other government personnel.

Military

Military Government Retail Personal data

GAO: Pentagon's Cyber Hygiene Programs Come Up Short

Data Breach Today

APRIL 17, 2020

Defense Department needs to improve its cybersecurity training programs for civilian and military employees to reduce the risks that common security incidents pose, a new audit from the Government Accountability Office finds. Audit Finds DoD Would Benefit From Better Security Training The U.S.

Military

Military Cybersecurity Risk Government

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The Government experts pointed out that in some cases the group did not deployed any backdoor in the compromised systems.

Military

Military Government Access Phishing

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

The French National Agency for the Security of Information Systems ANSSI (Agence Nationale de la sécurité des systèmes d’information) warns that the Russia-linked APT28 group has been targeting multiple French organizations, including government entities, businesses, universities, and research institutes and think tanks.

Military

Military Phishing Government Security

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . TAG sent a above average batch of government-backed security warnings yesterday. So why do we do these government warnings then? ” Huntley added. “At

Phishing

Phishing Military Government Security

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Security Affairs

FEBRUARY 16, 2020

billion for cyber operations in next year’s budget for the Department of Defense, a data that confirms the strategic importance of the fifth domain of the warfare for the US Government. It aims at reducing the risk of cyber attacks on networks, systems, and information. The US administration requested $9.8

Artificial Intelligence

Artificial Intelligence Military Cybersecurity Risk

Nation-state malware could become a commodity on dark web soon, Interpol warns

Security Affairs

MAY 24, 2022

In the ongoing conflict between Russia and Ukraine, the malware developed by both nation-state actors and non state actors represents a serious risk for critical infrastructure and organizations worldwide. Threat actors could perform reverse engineering of military-made malicious code and use their own versions in attacks in the wild.

Military

Military Government Communications Security

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks. In January the EU’s executive Commission presented a set of rules and technical measures aimed at reducing cybersecurity risks from the adoption of 5G networks.

IT

IT Military Manufacturing Risk

Australia banned Huawei from 5G network due to security concerns

Security Affairs

AUGUST 25, 2018

The Australian government considers risky the involvement of Huawei for the rolling out of next-generation 5G communication networks. The US was the first country that warned of the security risks associated with the usage of the products manufactured by the Chinese telecommunications giant.

Security

Security Military Manufacturing Retail

The U.S. FCC considers Huawei and ZTE as national security threats

Security Affairs

JULY 1, 2020

Last week China accused the US government of “oppressing Chinese companies” after U.S. The Federal Communications Commission blocked the Chinese companies from receiving subsidies from a government fund. “We organizations from using government Universal Service Fund for acquiring equipment or services provided by the Chinese firms.

Communications

Communications Security Government Military

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . Threat actors carried out a highly-sophisticated supply chain attack.

Military

Military Cybersecurity Communications Government

EU bodies agree on new EU export rules for dual-use technology

Security Affairs

NOVEMBER 11, 2020

EU lawmakers and the European Council aim to update controls for the sale of dual-use solutions such as surveillance spyware, facial recognition systems and drones to prevent authoritarian government abusing them for censorship and to persecute political opponents and dissidents violating human rights.

Sales

Sales Military Government Risk

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

MAY 17, 2022

government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. government smart cards. government smart cards.

Government

Government Military Access Security

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs

DECEMBER 20, 2020

When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.” The agency is responsible for enhancing national security through the military application of nuclear science.

Military

Military Risk Security Communications

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

DECEMBER 7, 2019

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. ” concludes Anomaly.

Military

Military Government Phishing Archiving

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 24, 2024

Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience? Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Security

Security Passwords Military Marketing

Islamic imprisoned hacker Ardit Ferizi ordered to be deported

Security Affairs

DECEMBER 4, 2020

Ardit Ferizi , aka Th3Dir3ctorY, is the hacker that supported the ISIS organization by handing over data for 1,351 US government and military personnel. The 20-year-old man was accused of supporting the ISIS terrorist organization, he was the subject of extradition from the Malaysian government, where he lived.

Military

Military Risk Government Security

AI Risks

Schneier on Security

OCTOBER 9, 2023

Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks—and the steps we need to take to mitigate them. Some are concerned about far-future risks that sound like science fiction. AI could destroy humanity or pose a risk on par with nukes.

Risk

Risk Military Artificial Intelligence Paper

European Union formally blames Russia for the GhostWriter operation

Security Affairs

SEPTEMBER 25, 2021

The officials pointed out that these interferences are unacceptable because threaten the integrity and security of the targeted states, and pose risk to the EU democracies. “Some EU Member States have observed malicious cyber activities, collectively designated as Ghostwriter, and associated these with the Russian state.”

Military

Military CMS Phishing Security

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats.

IT

IT Military Phishing Passwords

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Educate your employees on threats and risks such as phishing and malware. businesses called #ShieldsUp.

Cybersecurity

Cybersecurity Passwords Military Education

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. Related: Russia takes steps to radicalize U.S. national security secrets.

Security

Security Risk Military Government

US Army banned the popular TikTok app over China security concerns

Security Affairs

JANUARY 3, 2020

Army this week has banned the popular TikTok app from government mobile amid fear of China-linked cyberespionage. billion installs worldwide, it has come under close scrutiny in the US and other countries for its alleged link with the Government of Beijing. “We do not allow it on government phones.”

Security

Security Government Military Privacy

Experts believe US Cyber Command it the only entity that can carry out ‘hack backs’

Security Affairs

JULY 23, 2018

government should opt to carry out hack backs as retaliation against the massive attacks against organizations in the US private sector. I think if it’s going to happen, it’s best in the hands of the government,” said Sean Weppner, chief strategy officer at NISOS Group and a former DOD cyber officer. “The U.S. private sector.

IT

IT Military Government Risk

Why Edward Snowden is urging users to stop using ExpressVPN?

Security Affairs

SEPTEMBER 19, 2021

military and various government contractors, then with a U.S. But we did know what we had built here at ExpressVPN: a company where every system and process is hardened and designed to minimize risks of all kinds , both external and internal. The surveillance it represents is completely antithetical to our mission.”

Cybersecurity

Cybersecurity Military Privacy Compliance

Q&A: The troubling implications of normalizing encryption backdoors — for government use

The Last Watchdog

SEPTEMBER 17, 2018

Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use.

Encryption

Encryption Government Privacy Military

Defense contractor Belcan leaks admin password with a list of flaws

Security Affairs

AUGUST 22, 2023

US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions.

Passwords

Passwords Military Manufacturing Analytics

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security

Security Data breaches Ransomware Artificial Intelligence

MICROCHIPS Act aims at improving tech supply chain

Security Affairs

AUGUST 1, 2019

2316 ) – Two US Senators have introduced a bill to protect US government supply chain against foreign sabotage and cyber espionage. 2316) that aims at protecting US government supply chain against foreign sabotage and cyber espionage. The bill is part of a national strategy to assess and prevent risks to critical US technologies.

Military

Military Manufacturing Government Security

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” IoT risk must be taken seriously. ” reads the analysis published by Microsoft.

IoT

IoT Military Access Education

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

MiCODUS is used today by 420,000 customers in multiple industries, including government, military, law enforcement agencies, and Fortune 1000 companies. Most North American organizations using flawed MiCODUS devices are in the manufacturing sector, while those in South America are government entities. Pierluigi Paganini.

Passwords

Passwords Manufacturing Military Authentication

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). The availability online of PoC exploit tool online pose a serious risk to organizations. In past campaigns, HAFNIUM attackers also interacted with victim Office 365 tenants. .

Authentication

Authentication Military Ransomware Manufacturing

Internet Backbone Giant Lumen Shuns.RU

Krebs on Security

MARCH 8, 2022

” “We decided to disconnect the network due to increased security risk inside Russia,” the statement continues. At the same time, the Russian government has blocked Facebook and partly blocked Twitter , while other platforms like TikTok have suspended services in the country.

Government

Government Military Risk Business Services

U.S. Charges Russia GRU Intelligence Officers for notorious attacks, including NotPetya

Security Affairs

OCTOBER 20, 2020

Department of Justice announced charges against six members of Russia’s GRU military intelligence agency for their alleged role in several major cyberattacks conducted over the past years. We have the tools to investigate these malicious malware attacks, identify the perpetrators, and then impose risks and consequences on them.

Military

Military Government Risk Access

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Maze ransomware operators stole data from US military contractor Westech

Webinars

Trending Sources

Autoclerk travel reservations platform data leak also impacts US Government and military

Webinars

US Government is asking allies to ban Huawei equipment

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

Russian APT Hackers Actively Targeting European NATO Allies

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

British Court rejects the US’s request to extradite Julian Assange

The Netherlands declares war on ransomware operations

Hacker who helped the ISIS will remain in US prison

GAO: Pentagon's Cyber Hygiene Programs Come Up Short

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Google warns of APT28 attack attempts against 14,000 Gmail users

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Nation-state malware could become a commodity on dark web soon, Interpol warns

France will not ban Huawei from its upcoming 5G networks

Australia banned Huawei from 5G network due to security concerns

The U.S. FCC considers Huawei and ZTE as national security threats

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

EU bodies agree on new EU export rules for dual-use technology

When Your Smart ID Card Reader Comes With Malware

SolarWinds hackers also breached the US NNSA nuclear agency

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Islamic imprisoned hacker Ardit Ferizi ordered to be deported

AI Risks

European Union formally blames Russia for the GhostWriter operation

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

US Army banned the popular TikTok app over China security concerns

Experts believe US Cyber Command it the only entity that can carry out ‘hack backs’

Why Edward Snowden is urging users to stop using ExpressVPN?

Q&A: The troubling implications of normalizing encryption backdoors — for government use

Defense contractor Belcan leaks admin password with a list of flaws

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

MICROCHIPS Act aims at improving tech supply chain

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Internet Backbone Giant Lumen Shuns.RU

U.S. Charges Russia GRU Intelligence Officers for notorious attacks, including NotPetya

Stay Connected