Security News
Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call "Hornbill" and "SunBird," have sophisticated capabilities to exfiltrate SMS messages, encrypted messaging app content and geolocation, as well as other types of sensitive information.
The report provides insights from across the 5G eco-system on the current status of 5G, illustrating the accelerated timetables from service providers in upgrading to 5G standalone with the new 5G Core, and revealing how 5G is driving new initiatives and sector engagements. 5G activity surged in 2020 with accelerated timetables from service providers to deliver 5G SA core deployments, following non-standalone's inability to really wow customers and deliver a solid new revenue proposition.
The new self-appointed military government of Myanmar has temporarily banned Facebook. Newswire Reuters' Myanmar reporter Hnin Zaw posted a notice from Myanmar's Ministry of Transport and Communications that imposed a ban until February 7th. Using optical character recognition and online translation tools, The Register surmises that the order says the ban is needed to stop the spread of fake news.
The NSA has just declassified and released a redacted version of Military Cryptanalytics, Part III, by Lambros D. Callimahos, October 1977. Parts I and II, by Lambros D. Callimahos and William F. Friedman, were released decades ago - I believe repeatedly, in increasingly unredacted form - and published by the late Wayne Griswold Barker's Agean Park Press.
Facebook said Tuesday that it had removed two networks based in Russia and one linked to the French military, accusing them of carrying out interference campaigns in Africa. Two networks running multiple Facebook accounts were assigned to people associated with the Russian Internet Research Agency, and the third had "Links to individuals associated with French military," the social media platform said.
Vice has a long article about how the US military buys commercial location data worldwide. The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned.
BAE Systems has unveiled a next-generation cyber-threat detection and mitigation solution for U.S. military platforms. The system's cyber resilience capabilities can be integrated into ground, air, and space vehicles to protect our warfighters and platforms from cyber attacks designed to access and degrade mission capabilities.
For the past year, Russia-linked threat actor Strontium has targeted hundreds of organizations in the United States and the United Kingdom to harvest account credentials, Microsoft reveals. On Thursday, Microsoft published information on a newly identified Strontium campaign that focused on harvesting Office365 credentials for tens of thousands of accounts at organizations in the US and UK, many of them directly involved in political elections.
The U.S. military's top cyber official is defending the government's shift toward a more aggressive strategy in cyberspace, saying the mission has evolved over the last decade from "a reactive and defensive posture" to keep pace with sophisticated threats. Gen. Paul Nakasone, the commander of U.S. Cyber Command and the director of the National Security Agency, says in a piece being published Tuesday by the magazine Foreign Affairs that the military's cyber fighters are increasingly prepared to engage in combat with online adversaries rather than wait to repair networks after they've been penetrated.
The APT group Transparent Tribe is mounting an ongoing cyberespionage campaign, researchers said, which is aimed at military and diplomatic targets around the world. Transparent Tribe has updated Crimson RAT for this campaign, the firm said, adding a server-side component used to manage infected client machines as well as a new USBWorm component developed for stealing files from removable drives, spreading across systems by infecting removable media, and downloading and executing a thin-client version of Crimson from a remote server.