Security News
Cybersecurity researchers today uncovered the modus operandi of an elusive threat group that hacks into the high-profile military and diplomatic entities in Eastern Europe for espionage. Cooperation with the Gamaredon Group First discovered in 2018, InvisiMole has been active at least since 2013 in connection with targeted cyber-espionage operations in Ukraine and Russia.
Organizations in the aerospace and military sectors were compromised in a highly targeted cyber-espionage campaign that shows a possible link to North Korean hackers, ESET reveals. The threat actor behind these attacks remains unknown, but ESET believes it could be linked to the infamous North Korean state-sponsored group Lazarus, based on targeting, the use of fake LinkedIn accounts, development tools, and anti-analysis methods.
Attackers are impersonating human resource employees from Collins Aerospace and General Dynamics in a spear-phishing campaign leveraging LinkedIn's messaging service. "To operate under the radar, the attackers frequently recompiled their malware, abused native Windows utilities and impersonated legitimate software and companies. To our knowledge, the custom malware used in Operation In(ter)ception hasn't been previously documented."
Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money. Social Engineering via LinkedIn Stating that the campaign was highly targeted, ESET said it relied on social engineering tricks to lure employees working for the chosen companies with fake job offers using LinkedIn's messaging feature, posing as HR managers of well-known companies in the aerospace and defense industry, including Collins Aerospace and General Dynamics.
A beer and pub-rating app built off the back of Foursquare's location-tracking API poses a risk to the security of military and intelligence personnel, according to legendary OSINT website Bellingcat. Untappd 'has over eight million mostly European and North American users, and its features allow researchers to uncover sensitive information about said users at military and intelligence locations around the world,' wrote Bellingcat's Foeke Postma in a fascinating guide to using the app for tracking down people of interest.
A beer and pub-rating app built off the back of Foursquare's location-tracking API poses a risk to the security of military and intelligence personnel, according to legendary OSINT website Bellingcat. Untappd 'has over eight million mostly European and North American users, and its features allow researchers to uncover sensitive information about said users at military and intelligence locations around the world,' wrote Bellingcat's Foeke Postma in a fascinating guide to using the app for tracking down people of interest.
A threat actor believed to be operating out of China has been targeting physically isolated military networks in Taiwan and the Philippines, Trend Micro reports. Now, Trend Micro reveals that, since December 2014, the threat actor has been leveraging a piece of malware referred to as USBferry to target entities such as military/navy agencies, government institutions, military hospitals, and even a national bank.
Cybersecurity researchers say UK-based document printing and binding company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military, by leaving an AWS S3 bucket unprotected. The exposed data included names, addresses, email addresses, passport scans, partial payment information, order details, copyrighted publications, teacher's guides, certifications and diplomas, medical documents, floor plans, personal photos, and documents that users likely paid for, such as university course materials and diet and exercise plans.
The US has charged the Chinese military with plundering Equifax in 2017. According to the indictment, the four allegedly pried open Equifax by exploiting a vulnerability in the Apache Struts Web Framework software used by the credit reporting agency's online dispute portal.
The US Justice Department on Monday accused the hackers of stealing the sensitive personal information of some 145 million Americans, in one of the world's largest-ever data breaches. Since then hotels giant Marriott lost data on some 500 million global customers to hackers believed to be Chinese.