Comment Crew | Breaking Cybersecurity News | The Hacker News

Chinese hackers infiltrated the databases of three Israeli defense contractors and stole plans for Israel's Iron Dome missile defense system, according to an investigation by a Maryland-based cyber security firm ' Cyber Engineering Services Inc. (CyberESI) '. Not just this, the hackers were also able to nab plans regarding other missile interceptors, including Unmanned Aerial Vehicles, ballistic rockets and the Arrow III missile interceptor which was designed by Boeing and other U.S.-based companies. The intrusions were thought to be executed by Beijing's infamous " Comment Crew " hacking group – a group of cyber warriors linked to the Chinese People's Liberation Army (PLA) – into the corporate networks of top Israeli defense technology companies, including Elisra Group, Israel Aerospace Industries, and Rafael Advanced Defense Systems, between 10 October 2011 and 13 August 2012. The three Israeli defense technology companies were responsible for the developmen...

A notorious Chinese hacker collective known as APT1 or Comment Crew, possibly linked to the Chinese Army, have been caught red handed breaking into a fake United States water control system i.e. known as a Honeypot . Kyle Wilhoit, a researcher with security company Trend Micro has just revealed the details at BlackHat Conference on Wednesday.  Hackers hacked a water control system for a US municipality back in December last year, but it was merely a decoy set up by Kyle Wilhoit using a Word document hiding malicious software to gain full access.  The honeypots directly mimicked the ICS/Scada devices used in many critical infrastructure power and water plants. Cloud software was used to create realistic Web-based login and configuration screens for local water plants seemingly based in Ireland, Russia, Singapore, China, Japan, Australia, Brazil, and the U.S. Researchers have been tracked back to the APT1 Group, which security company Mandiant has claime...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Security experts are confident that the Chinese hackers group known as Comment Crew is still operating under cover. " The Comment Crew is back again " this is the rumor within Intelligence community, researchers suspect the involvement of the group of hackers in the recent cyber dispute between U.S. and China. Let's make a step back, last February Mandiant Intelligence firm released an interesting report that revealed an enterprise-scale computer espionage campaign dubbed APT1. Mandiant linked the APT1 attacks, that compromised 141 organizations in seven years, to Chinese military unit called " 61398 ". The is very interesting is that the security firm identified a common pattern for the attacks conducted by Chinese hackers group, it was also able to define a series of key indicators for identifying ongoing APT attacks. Mandiant security firm had monitored the group during last years and report details its operations, it wasn't the only one FireEye is anoth...