Security News

Criminals infected the Salvation Army in the UK with ransomware and siphoned the organisation's data, The Register has learned. The Salvation Army refused to give any further information, such as the identity of the criminal attackers, or the volume and type of data accessed by the them.

An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet. The document, seen by The Register, contained details of all 1,182 British soldiers recently promoted from corporal to sergeant - including those in sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment.

Nuclear-armed North Korea is advancing on the front lines of cyberwarfare, analysts say, stealing billions of dollars and presenting a clearer and more present danger than its banned weapons programmes. Pyongyang is under multiple international sanctions over its atomic bomb and ballistic missile programmes, which have seen rapid progress under North Korean leader Kim Jong Un. But while the world's diplomatic focus has been on its nuclear ambitions, the North has been quietly and steadily building up its cyber capabilities, and analysts say its army of thousands of well-trained hackers are proving to be just as dangerous.

A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero miner and self-spreader malware payloads. While, at first, it was using a multi-component architecture with the miner and worm modules, the botnet has been upgraded to use a single binary capable of mining and auto-spreading the malware to other devices.

Data-breach risk should be tackled with a toolset for monitoring data in motion and data at rest, analysis of user behavior, and the detection of fraud and weak spots. Once I even "Caught" a leak with the help of the firewall logs: I noticed an atypically large data upload and found out that the user was uploading confidential information as virtual-machine images.

Microsoft won a nearly $22 billion contract to supply U.S. Army combat troops with its augmented reality headsets. Microsoft and the Army separately announced the deal Wednesday.

The 25+ year gap between IT and Operational Technology security means that OT networks have few, if any, modern security controls in place, as many of these Industrial Control Systems are legacy assets that were not designed with security in mind and were previously isolated, until digital transformation came along. With asset visibility to identify vulnerabilities and suspicious behavior, continuous threat monitoring to detect and track threats that cross the IT/OT boundary, and secure remote access solutions with strict controls over sessions, we can jumpstart the process of closing the IT/OT security gap.

The U.S. government on Wednesday announced the launch of another bug bounty program conducted in collaboration with hacker-powered cybersecurity platform HackerOne. Hack the Army 3.0, whose goal is to help the U.S. Army secure its digital assets and protect its systems against cyberattacks, takes place between January 6 and February 17, and it's open to both millitary and civilian white hat hackers.

The campaign's starting point is an email with an embedded malicious attachment - either in the form of a ZIP file containing an LNK file or a Microsoft Word document - that triggers an infection chain via a series of steps to download the final-stage payload. Aside from identifying three different infection chains, what's notable is the fact that one of them exploited template injection and Microsoft Equation Editor flaw, a 20-year old memory corruption issue in Microsoft Office, which, when exploited successfully, let attackers execute remote code on a vulnerable machine even without user interaction. What's more, the LNK files have a double extension and come with document icons, thereby tricking an unsuspecting victim into opening the file.

The Army command dedicated to defending against hackers and other online threats celebrated its move into a new $366 million headquarters in Georgia on Thursday. Created a decade ago, the Army Cyber Command had been spread across Army installations in three states before consolidating at Fortitude Hall, its new home at Fort Gordon in Augusta.