Groups and Military - Information Management Today

Russia-linked espionage group UNC5812 targets Ukraine’s military with malware

Security Affairs

OCTOBER 29, 2024

Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “ Civil Defense.”

Military

Military IT Security Information Security

Snatch group claims to have hacked military provider HENSOLDT France

Security Affairs

OCTOBER 31, 2022

The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to have hacked the French company HENSOLDT France. HENSOLDT is a company specializing in military and defense electronics. Pierluigi Paganini.

Military

Military Computer and Electronics Ransomware Communications

Military Exercises Trigger Russian DDoS Attacks on Japan

Data Breach Today

OCTOBER 18, 2024

Russian Actors Disrupt Websites of Political Party, Business and Government Groups Plans by Japan and U.S.

Military

Military Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Security Affairs

FEBRUARY 25, 2022

The Ukrainian agency attributes the campaign to the Belarus-linked cyberespionage group tracked as UNC1151. In mid-January, the government of Kyiv attributed the defacement of tens of Ukrainian government websites to Belarusian APT group UNC1151. Attackers spear-phishing messages have been sent from email accounts using the domains i[.]ua-passport[.]space

Military

Military Phishing CMS Government

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Security Affairs

AUGUST 14, 2020

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. Experts pointed out that despite the lack of sophistication, the group carried out successful attacks. reads the analysis published by Kaspersky. Pierluigi Paganini.

Military

Military Phishing Access IT

Russia Tied to Ukrainian Military Recruit Malware Targeting

Data Breach Today

OCTOBER 28, 2024

Anti-Mobilization Messaging Lead to Malware-Pushing 'Civil Defense' Site Potential Ukrainian military recruits are being targeted by a "hybrid espionage and information operation" - likely Russian - involving Telegram anti-mobilization messaging and a "Civil Defense" website designed to distribute Windows and Android malware, warns Google's Threat (..)

Military

Movie From 1983 Had AI and InfoGov Right

Weissman's World

JANUARY 6, 2025

In it, a high school teenager seeking the newest, hottest prerelease videogame hacks into a NORAD computer by mistake, and the simulation he triggers nearly causes WWIII because the soldierly decision-making was intentionally left to the machine, not the military.

Military

Military IT Information governance Government

Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran

Security Affairs

JULY 3, 2020

The media reported a fire at the Natanz nuclear enrichment site and an explosion at the Parchin military complex near Tehran, the latter is suspected to be a government center for the production of missiles. The group took credit for the attack without providing details of the incident. and Israel.” and Israel.”

Military

Military Government Security IT

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

JUNE 6, 2020

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. ” Recently Maze ransomware operators started publishing documents stolen from the ST Engineering group on their leak website. The LGM-30 Minuteman is a U.S.

Military

Military Ransomware Encryption Risk

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

FEBRUARY 19, 2024

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia.

Military

Military Government Access Risk

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. ” reads the report published by the NCSC. ” concludes the report.

Military

Military Authentication Access Government

Anonymous targets the Russian Military and State Television and Radio propaganda

Security Affairs

APRIL 5, 2022

Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Anonymous leaked personal details of the Russian military stationed in Bucha where the Russian military carried out a massacre of civilians that are accused of having raped and shot local women and children.

Military

Military Cybersecurity Security Government

Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates

Security Affairs

FEBRUARY 28, 2020

Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates. In December 2016 , the Turkish blocked social media in the country to prevent the sharing of a video of the executions of Turkish soldiers by the IS group. ”added Netblocks. .

Military

Military Data collection Government Access

NATO is investigating a new cyber attack claimed by the SiegedSec group

Security Affairs

OCTOBER 5, 2023

NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. There has been no impact on NATO missions, operations and military deployments.” The group published a series of screenshots showing access to hacked systems as proof of the hack.

Military

Military Security IT Access

Hacker Group Linked to Russian Military Claims Credit for Cyberattack on Kyivstar

WIRED Threat Level

DECEMBER 13, 2023

A hacker group calling itself Solntsepek—previously linked to Russia’s notorious Sandworm hackers—says it carried out a disruptive breach of Kyivstar, a major Ukrainian mobile and internet provider.

Military

Military IT Security

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Esperts found new DoNot Team APT group’s Android malware

Security Affairs

JANUARY 20, 2025

CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. The DoNot APT group has been observed misusing the OneSignal platform, which typically provides tools for sending push notifications, in-app messages, emails, and SMS widely used in mobile and web applications.

Military

Military Access Phishing Cybersecurity

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Security Affairs

SEPTEMBER 5, 2024

A cyber attack hit the German air traffic control agency (DFS) disrupting its operations, experts attribute it to Russia-linked group APT28. The group was involved also in the string of attacks that targeted 2016 Presidential election. “Our office connection was hacked, and we are now taking protective measures.”

Military

Military Cybersecurity Government Security

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Security Affairs

JANUARY 29, 2024

Ukraine’s security service (SBU) detained an alleged member of the pro-Russia hacker group “the Cyber Army of Russia.” ” Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia.

Military

Military Communications Government Security

Gamaredon group uses a new Outlook tool to spread malware

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement.

Military

Military Phishing Government IT

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

AUGUST 20, 2023

North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South South Korea military exercise. The military drill, the Ulchi Freedom Guardian summer exercises , will start on Monday, August 21, 2023 , and will last 11 days. ” reported Reuters agency.

Military

Military Phishing Government Security

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. 5 members of the group have been notified of suspicion of treason.” “The ARMAGEDON hacker group is an FSB special project, which specifically targeted Ukraine.

Military

Military Metadata Government Passwords

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Security Affairs

JUNE 14, 2023

Microsoft linked a series of wiping attacks to a Russia-linked APT group, tracked as Cadet Blizzard, that is under the control of the GRU. Microsoft attributes the operations carried out by the Russia-linked APT group tracked as Cadet Blizzard to the Russian General Staff Main Intelligence Directorate (GRU).

Military

Military Government IT Security

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

WIRED Threat Level

APRIL 17, 2024

Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.

Military

Military Security

Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Security Affairs

OCTOBER 4, 2024

DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S. The Justice Department revealed the unsealing of a warrant to seize 41 domains used by Russia-linked Callisto Group (formerly SEABORGIUM , also known as COLDRIVER ) for computer fraud in the United States. . Microsoft and the U.S.

Phishing

Phishing Military Government IT

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past 12 months, MSTIC experts observed increasingly sophisticated attacks orchestrated by Iranian APT groups. The analysis focuses on six Iranian hacking groups that are increasingly utilizing ransomware to either fundraise or disrupt the computer networks of the targets.

Ransomware

Ransomware Passwords Military Authentication

A (Strange) Interview the Russian-Military-Linked Hackers Targeting US Water Utilities

WIRED Threat Level

MAY 8, 2024

Despite Cyber Army of Russia’s claims of swaying US “minds and hearts,” experts say the cyber sabotage group appears to be hyping its hacking for a domestic audience.

Military

Military IT Security

North Korea's BlueNoroff Group Targets macOS Systems

Data Breach Today

MAY 23, 2023

BlueNoroff Changed Attack Tactics in 2023 After Its TTPs Were Leaked The BlueNoroff hacker group, which is associated with the North Korean military's Reconnaissance General Bureau, is using RustBucket malware to target macOS systems of users primarily in the United States and Asia - a tactic observed for the first time since the group began its operations. (..)

Military

Military IT

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.

Military

Military Manufacturing Ransomware Mining

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Access Phishing

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Security Affairs

AUGUST 21, 2023

military procurement system. In June the group started a reconnaissance and targeting activity aimed at a U.S. military server used for contract proposals and submissions. military procurement system appeared first on Security Affairs. Another VPS node was used to target a U.S.

Military

Military Manufacturing Government Access

Mandiant identifies 3 hacktivist groups working in support of Russia

Security Affairs

SEPTEMBER 27, 2022

Researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the GRU. Mandiant researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the Russian Main Intelligence Directorate (GRU).

Military

Military Phishing Government Security

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

Researchers at Insikt Group observed Russian GRU’s unit APT28 targeting networks across Europe with information-stealer Headlace and credential-harvesting web pages. Insikt Group speculates the operation is aimed at influencing regional and military dynamics. ” reads the report published by the Insikt Group.

Military

Military Phishing Government Authentication

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The Blackjack group is believed to be affiliated with Ukrainian intelligence services that carried out other attacks against Russian targets, including an internet provider and a military infrastructure.

IoT

IoT Access Communications Military

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Security Affairs

MAY 28, 2020

NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). “Russian military cyber actors, publicly known as Sandworm Team, have been exploiting a vulnerability in Exim mail transfer agent (MTA) software since at least last August.”

Systems administration

Systems administration Military Access Security

Hackers Target Taiwan UAV, Military Industries

Data Breach Today

SEPTEMBER 9, 2024

Threat Actor Is Likely a Beijing Cyberespionage Operator A Chinese-speaking hacking group is targeting drone manufacturers in Taiwan and other military-related industries on the island country located roughly 100 miles from mainland China. Trend Micro on Friday said it tracks the threat actor as "Tidrone."

Military

Military Manufacturing IT

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Security Affairs

JUNE 19, 2021

Experts attribute a series of cyber-espionage campaigns dating back to 2014, and focused on gathering military intelligence, to China-linked Unit 69010. Experts from Recorded Future’s Insikt Group linked a series of attacks, part of RedFoxtrot China-linked campaigns, to the PLA China-linked Unit 69010. ” continues the report.

Military

Military Mining Government Communications

Anonymous continues to support Ukraine against the Russia

Security Affairs

MARCH 17, 2022

The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. The group has stolen data from the organization and started leaking Gigabytes of data.

Military

Military Communications Government Access

Renewed Info Stealer Campaign Targets Ukrainian Military

Data Breach Today

JUNE 6, 2024

CERT-UA Says Threat Actor 'Vermin' Used Syncthing Application Ukrainian cyber defenders say Russian intelligence hackers operating from the occupied Donbas city of Luhansk targeted military email inboxes with an info stealer.

Military

Military Phishing

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

OCTOBER 1, 2024

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. Diehl Defence GmbH & Co.

Military

Military Manufacturing Phishing Information Security

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

MAY 16, 2021

Alleged Pakistan-Linked cyber espionage group, tracked as Transparent Tribe, targets Indian entities with a new Windows malware. Researchers from Cisco Talos warn that the Pakistan-linked APT group Transparent Tribe expanded its Windows malware arsenal. ” read the analysis published Cisco Talos.

Military

Military IT Phishing Archiving

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Phishing

Phishing Military Ransomware Education

Russia-linked Nobelium APT group uses custom backdoor to target Windows domains

Security Affairs

SEPTEMBER 28, 2021

Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Encryption

Encryption Military Government Access

Russian hackers defaced local British news sites

Security Affairs

MAY 13, 2024

A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be “first-class Russian hackers” defaced numerous local and regional British newspaper websites owned by Newsquest Media Group.

CMS

CMS Military Archiving Security

Russia-linked espionage group UNC5812 targets Ukraine’s military with malware

Snatch group claims to have hacked military provider HENSOLDT France

Webinars

Trending Sources

Military Exercises Trigger Russian DDoS Attacks on Japan

Webinars

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Russia Tied to Ukrainian Military Recruit Malware Targeting

Movie From 1983 Had AI and InfoGov Right

Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran

Maze ransomware operators stole data from US military contractor Westech

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Anonymous targets the Russian Military and State Television and Radio propaganda

Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates

NATO is investigating a new cyber attack claimed by the SiegedSec group

Hacker Group Linked to Russian Military Claims Credit for Cyberattack on Kyivstar

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Esperts found new DoNot Team APT group’s Android malware

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Gamaredon group uses a new Outlook tool to spread malware

N. Korean Kimsuky APT targets S. Korea-US military exercises

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Iran-linked APT groups continue to evolve

A (Strange) Interview the Russian-Military-Linked Hackers Targeting US Water Utilities

North Korea's BlueNoroff Group Targets macOS Systems

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Mandiant identifies 3 hacktivist groups working in support of Russia

APT28 targets key networks in Europe with HeadLace malware

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Hackers Target Taiwan UAV, Military Industries

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Anonymous continues to support Ukraine against the Russia

Renewed Info Stealer Campaign Targets Ukrainian Military

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Pakistan-linked Transparent Tribe APT expands its arsenal

Google TAG warns of Russia-linked APT groups targeting Ukraine

Russia-linked Nobelium APT group uses custom backdoor to target Windows domains

Russian hackers defaced local British news sites

Stay Connected