This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “ Civil Defense.”
The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to have hacked the French company HENSOLDT France. HENSOLDT is a company specializing in military and defense electronics. Pierluigi Paganini.
Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. The group has been active since at least 2013, ESET experts linked the group to the Gamaredon Russian APT group Gamaredon despite considers the two crews independent.
The Ukrainian agency attributes the campaign to the Belarus-linked cyberespionage group tracked as UNC1151. In mid-January, the government of Kyiv attributed the defacement of tens of Ukrainian government websites to Belarusian APT group UNC1151. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.
China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. Experts pointed out that despite the lack of sophistication, the group carried out successful attacks. reads the analysis published by Kaspersky. Pierluigi Paganini.
The media reported a fire at the Natanz nuclear enrichment site and an explosion at the Parchin military complex near Tehran, the latter is suspected to be a government center for the production of missiles. The group took credit for the attack without providing details of the incident. following other recent explosions in the country.”
Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. Security experts fear that hackers could attempt to sell stolen data about the nuclear deterrent on to a foreign state. The LGM-30 Minuteman is a U.S. Pierluigi Paganini.
Chinese threat actors, tracked as Tropic Trooper and KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines. Chinese APT group Tropic Trooper, aka KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines, Trend Micro researchers reported. ” continues the report.
Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Anonymous leaked personal details of the Russian military stationed in Bucha where the Russian military carried out a massacre of civilians that are accused of having raped and shot local women and children.
China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. Organizations targeted by the group were located in multiple countries around the South China Sea, including the Philippines, Malaysia, Indonesia, Singapore, and Thailand.
NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. Additional cyber security measures have been put in place. There has been no impact on NATO missions, operations and military deployments.” organizations, especially U.S. municipalities.
Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates. In December 2016 , the Turkish blocked social media in the country to prevent the sharing of a video of the executions of Turkish soldiers by the IS group. ”added Netblocks.
China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.
CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. The DoNot APT group has been observed misusing the OneSignal platform, which typically provides tools for sending push notifications, in-app messages, emails, and SMS widely used in mobile and web applications.
Ukraine’s security service (SBU) detained an alleged member of the pro-Russia hacker group “the Cyber Army of Russia.” ” Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia.
The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement.
Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. 5 members of the group have been notified of suspicion of treason.” “The ARMAGEDON hacker group is an FSB special project, which specifically targeted Ukraine.
Russia-linked APT groups leveraged the Lithuanian nation’s technology infrastructure to launch cyber-attacks against targets worldwide. ” In 2020, Russian intelligence operations against Lithuania decreased due to the COVID-19 pandemic, but Russia-linked APT groups increased cyber espionage campaigns against targets worldwide.
North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South South Korea military exercise. The military drill, the Ulchi Freedom Guardian summer exercises , will start on Monday, August 21, 2023 , and will last 11 days. ” reported Reuters agency.
Over the past 12 months, MSTIC experts observed increasingly sophisticated attacks orchestrated by Iranian APT groups. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.
Microsoft linked a series of wiping attacks to a Russia-linked APT group, tracked as Cadet Blizzard, that is under the control of the GRU. Microsoft attributes the operations carried out by the Russia-linked APT group tracked as Cadet Blizzard to the Russian General Staff Main Intelligence Directorate (GRU).
The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The Blackjack group is believed to be affiliated with Ukrainian intelligence services that carried out other attacks against Russian targets, including an internet provider and a military infrastructure.
Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.
Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The group was involved also in the string of attacks that targeted 2016 Presidential election.
Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. ” The campaign has been active between September and December 2019, ESET researchers speculate the involvement of the North Korea-linked Lazarus APT group.
The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware group claims to have breached the company infrastructure and to have stolen 2TB of data, including secret military data related to weapons production.
NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). “Russian military cyber actors, publicly known as Sandworm Team, have been exploiting a vulnerability in Exim mail transfer agent (MTA) software since at least last August.”
A hacker group calling itself Solntsepek—previously linked to Russia’s notorious Sandworm hackers—says it carried out a disruptive breach of Kyivstar, a major Ukrainian mobile and internet provider.
military procurement system. In June the group started a reconnaissance and targeting activity aimed at a U.S. military server used for contract proposals and submissions. military procurement system appeared first on Security Affairs. Another VPS node was used to target a U.S.
Researchers at Insikt Group observed Russian GRU’s unit APT28 targeting networks across Europe with information-stealer Headlace and credential-harvesting web pages. Insikt Group speculates the operation is aimed at influencing regional and military dynamics. ” reads the report published by the Insikt Group.
Researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the GRU. Mandiant researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the Russian Main Intelligence Directorate (GRU).
Experts attribute a series of cyber-espionage campaigns dating back to 2014, and focused on gathering military intelligence, to China-linked Unit 69010. Experts from Recorded Future’s Insikt Group linked a series of attacks, part of RedFoxtrot China-linked campaigns, to the PLA China-linked Unit 69010. ” continues the report.
Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. Group-IB , a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has analyzed key recent changes to the global cyberthreat landscape.
APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers for extremely targeted attacks. APT33 , the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers involved in extremely targeted malware attacks. South Korean, and Europe. .
NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws. Last week, the UK’s National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild.
A working group of experts from the main subjects of the national cybersecurity system is taking all necessary measures to localize and resist the cyberattack.” Yesterday, the Security Service of Ukraine (SSU) today revealed the country is the target of an ongoing “wave of hybrid warfare” conducted by Russia-linked malicious actors.
Despite Cyber Army of Russia’s claims of swaying US “minds and hearts,” experts say the cyber sabotage group appears to be hyping its hacking for a domestic audience.
A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. Pierluigi Paganini.
In January, the company disclosed a security breach that might have exposed personal and confidential corporate data, at the time, it claimed that attackers did not obtain sensitive information about defense contracts. The post Japan suspects HGV missile data leak in Mitsubishi security breach appeared first on Security Affairs.
A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be “first-class Russian hackers” defaced numerous local and regional British newspaper websites owned by Newsquest Media Group.
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028.
The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. The group has stolen data from the organization and started leaking Gigabytes of data.
North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. Diehl Defence GmbH & Co.
Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Use a hardware security module (HSM) as described in securing AD FS servers to prevent the exfiltration of secrets by FoggyWeb. Follow me on Twitter: @securityaffairs and Facebook.
We organize all of the trending information in your field so you don't have to. Join 55,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content