#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for military | Breaking Cybersecurity News | The Hacker News

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Apr 19, 2023 Cyber War / Cyber Attack
Elite hackers associated with  Russia's military intelligence service  have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google's Threat Analysis Group (TAG), which is  monitoring  the activities of the actor under the name  FROZENLAKE , said the  attacks   continue  the "group's 2022 focus on targeting webmail users in Eastern Europe." The state-sponsored cyber actor, also tracked as APT28, Fancy Bear, Forest Blizzard, Iron Twilight, Sednit, and Sofacy, is both highly prolific and proficient. It has been active since at least 2009, targeting media, governments, and military entities for espionage. The latest intrusion set, starting in early February 2023, involved the use of reflected cross-site scripting ( XSS ) attacks on various Ukrainian government websites to redirect users to phishing domains and capture their credentials. The disclosure
90,000 Military Email Accounts Leaked in Latest #AntiSec Attack

90,000 Military Email Accounts Leaked in Latest #AntiSec Attack

Jul 11, 2011
90,000 Military Email Accounts Leaked in Latest #AntiSec Attack In latest tweet by AnonymousIRC , Hackers leaks  90,000 Military Email Accounts from Booz Allen Hamilton is a massive American consulting firm for #AntiSec. Anonymous call it " Military Meltdown Monday: Mangling Booz Allen Hamilton " . The Leak include 90,000 logins of military personnel—including personnel from US CENTCOM, SOCOM, the Marine Corps, various Air Force facilities, Homeland Security, State Department staff, and what looks like private sector contractors. They Release it via Torrent of 130.5 MB archive file. Press Release by Anonymous is : Hello Thar! Today we want to turn our attention to Booz Allen Hamilton, whose core business  is contractual work completed on behalf of the US federal government, foremost  on defense and homeland security matters, and limited engagements of foreign  governments specific to U.S. military assistance programs. So in this line of work you'
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Russian State-Backed 'Infamous Chisel' Android Malware Targets Ukrainian Military

Russian State-Backed 'Infamous Chisel' Android Malware Targets Ukrainian Military

Sep 01, 2023 Cyber Espionage / Malware
Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed  Infamous Chisel  and attributed to a Russian state-sponsored actor called Sandworm, has  capabilities  to "enable unauthorized access to compromised devices, scan files, monitor traffic, and periodically steal sensitive information." Some aspects of the malware were  uncovered  by the Security Service of Ukraine (SBU) earlier in August, highlighting unsuccessful attempts on part of the adversary to penetrate Ukrainian military networks and gather valuable intelligence. It's said that Russian forces captured tablets used by Ukraine on the battlefield, using them as a foothold to remotely disseminate the malware to other devices by using the Android Debug Bridge ( ADB ) command-line tool. Sandworm, also known by the names FROZENBARENTS, Ir
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine

Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine

Apr 29, 2022
At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. "Collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military functions and undermine the public's trust in those same institutions," the company's Digital Security Unit (DSU)  said  in a special report. The major malware families that have been leveraged for destructive activity as part of Russia's relentless digital assaults include:  WhisperGate ,  HermeticWiper  ( FoxBlade  aka KillDisk),  HermeticRansom  (SonicVote),  IssacWiper  (Lasainraw),  CaddyWiper ,  DesertBlade ,  DoubleZero  (FiberLake), and  Industroyer2 . WhisperGate, HermeticWiper, IssacWiper, and CaddyWiper are all data wipers designed to overwrite data and render machines unboot
US Central Command Social Media Accounts Hacked by ISIS Supporters

US Central Command Social Media Accounts Hacked by ISIS Supporters

Jan 13, 2015
The official Twitter and YouTube accounts for the US military's Central Command ( CENTCOM ) that oversees operations in Central Asia and the Middle East were hacked on Monday by a hacker group claiming association with Islamic State militant group, also known as ISIS. The hacker group, appears to call itself " CyberCaliphate ", managed to gain access to the CENTCOM social accounts, and posted some screenshots of documents, allegedly internal CENTCOM documents, with links to what they described as leaked military files. Meanwhile, YouTube page related to the US military's Central Command was set to display propaganda videos in support of the terrorist group ISIS. On Twitter, the group posted a Pastebin message that declared " Pentagon networks hacked. AMERICAN SOLDIERS WE ARE COMING, WATCH YOUR BACK. ISIS. #CyberCaliphate . " Originally, a statement posted on pastebin shared by the compromised CENTCOM account reads: " US and its satelli
Cyber Criminals Selling Millions of U.S military email addresses

Cyber Criminals Selling Millions of U.S military email addresses

Mar 18, 2012
Cyber Criminals Selling Millions of U.S military email addresses Web based underground market service currently selling Millions of harvested U.S government and U.S military harvested emails addresses to potential spammers, and find out just how easy it is to purchase that kind of data within the cyber crime ecosystem. Cyber criminals are getting more sophisticated in their scams and phishing schemes, which are designed to steal personal data and financial information. Spammers and virus creators are motivated by money and backed by organized crime on a global scale. They are also launching massive attacks on anti-spam organizations in an attempt to bring them down. In respect to targeted malware attacks, the service is currently offering 2.462.935 U.S government email addresses, and another 2.178.000 U.S military email addresses. A Screenshot of the inventory of harvested emails currently offered for sale: Spammers buy lists from brokers that continuously harvest email addresses
Researchers Uncover Covert Attack Campaign Targeting Military Contractors

Researchers Uncover Covert Attack Campaign Targeting Military Contractors

Sep 29, 2022
A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed  STEEP#MAVERICK  by Securonix, also targeted a strategic supplier to the F-35 Lightning II fighter aircraft. "The attack was carried out starting in late summer 2022 targeting at least two high-profile military contractor companies," Den Iuzvyk, Tim Peck, and Oleg Kolesnikov  said  in an analysis. Infection chains begin with a phishing mail with a ZIP archive attachment containing a shortcut file that claims to be a PDF document about "Company & Benefits," which is then used to retrieve a stager -- an initial binary that's used to download the desired malware -- from a remote server. This PowerShell stager sets the stage for a "robust chain of stagers" that progresses through seven m
Classified U.S. Defense Network Outage Hits Air Force’s Secret Drone Operations

Classified U.S. Defense Network Outage Hits Air Force's Secret Drone Operations

Oct 13, 2016
U.S. drones are again in news for killing innocent people. The Air Force is investigating the connection between the failure of its classified network, dubbed SIPRNet, at Creech Air Force Base and a series of high-profile airstrikes that went terribly wrong in September this year. Creech Air Force Base is a secret facility outside Las Vegas, where military and Air Force pilots sitting in dark and air-conditioned rooms, 7100 miles from Syria and Afghanistan, remotely control their " targeted killing " drone campaign in a video-game-style warfare. From this ground zero, Air Force pilots fire missiles just by triggering a joystick on a targeted areas half a world away, as well as operate drones for surveillance and intelligence gathering. Drone operation facility at Creech Air Force Base -- a key base for worldwide drone and targeted killing operations -- has been assigned as ' Special Access Programs ', to access SIPRnet. What is SIPRnet? SIPRNet, or Secret Int
ISIS Hacker who Passed U.S. Military Data to Terrorists Arrested in Malaysia

ISIS Hacker who Passed U.S. Military Data to Terrorists Arrested in Malaysia

Oct 17, 2015
Malaysian authorities have arrested a Kosovo citizen in Kuala Lumpur on Computer hacking charges and allegedly providing personal data about United States military members to the Islamic State Terrorists group ( also known as ISIS or ISIL ). According to the US Department of Justice (DOJ) and the FBI, Kosovo citizen Ardit Ferizi allegedly hacked into the US web hosting company's servers and stole personal data of more than 1,300 US government and military employees. Ferizi didn't use the stolen data for identity theft; instead he allegedly handed the hacked information over to Junaid Hussain ( also known as Abu Hussain Al Britani ), an ISIS member and hacker who was killed in a US drone strike in August. The stolen data includes names, email addresses, passwords, phone numbers and locations of US military service members and government workers. Hacker May Face up to 35 Years in Prison Moreover, Ferizi also accessed customers' information from a
300 Military and Government Accounts leaked by P0keu

300 Military and Government Accounts leaked by P0keu

Jul 25, 2011
300 Military and Government Accounts leaked by P0keu In a tweet , P0keu posted a link to PasteBin which appears to be e-mail accounts and passwords of 300 military and government accounts used the same password as their actual e-mails, then the contents of their e-mail account will also be exposed. The PasteBin dump says it contains 290 accounts. A large number of them end in .mil and .gov. Just a point of clarification, this doesn't appear to be actual e-mail accounts and passwords, but rather, a website that uses people's e-mail accounts as a log-in name. So the account to the website is exposed. If the password used with the e-mail is the same as the password for that actual e-mail address, then that e-mail might also be exposed along with who knows what else that is tied to that account. Amongst those accounts that are exposed, there appears to be accounts from the Department of Justice, the FBI, the Deparment of Homeland Security, the NSA, the Pentagon and several others.
China Accuses NSA's TAO Unit of Hacking its Military Research University

China Accuses NSA's TAO Unit of Hacking its Military Research University

Sep 12, 2022
China has accused the U.S. National Security Agency (NSA) of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi'an in June 2022. The National Computer Virus Emergency Response Centre (NCVERC) disclosed its findings last week, and accused the Office of Tailored Access Operations ( TAO ), a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA), of orchestrating thousands of attacks against the entities located within the country. "The U.S. NSA's TAO has carried out tens of thousands of malicious cyber attacks on China's domestic network targets, controlled tens of thousands of network devices (network servers, Internet terminals, network switches, telephone exchanges, routers, firewalls, etc.), and stole more than 140GB of high-value data," the NCVERC  said . According to the U.S. Department of Justice ( DoJ ), Northwestern Polytechnical Unive
Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs

Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs

Jun 17, 2020
Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money. The campaign, dubbed " Operation In(ter)ception " because of a reference to "Inception" in the malware sample, took place between September to December 2019, according to a new report cybersecurity firm ESET shared with The Hacker News. "The primary goal of the operation was espionage," the researchers told The Hacker News. "However, in one of the cases we investigated, the attackers tried to monetize access to a victim's email account through a business email compromise (BEC) attack as the final stage of the operation." The financial motivation behind the attacks, coupled with similarities in targeting and development environment, have led ESET to suspect Laz
How Cyberattacks Are Transforming Warfare

How Cyberattacks Are Transforming Warfare

Sep 13, 2023 Cyberwarfare / Threat Assessment
There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about war and international conflict as a whole.  From the 2009 South Korea DDoS attacks to the 2010 attacks on Burma and the 2016 US election interference attacks on the Democratic National Committee, the list of historical cyberwarfare incidents continues to expand. The main players? Nation-state-supported cybercriminal groups and organizations linked to Russia, North Korea, China, and several countries in the Middle East. This report dives into three top cyberwarfare trends in an effort to understand their impact. Russia: The Cyber Invasion of Ukraine  On August 31, 2023, Five Eyes Agency — an intelligence alliance network composed of agencie
Cybersecurity Resources