Tag: military
-
White House AI plan heavy on cyber, light on implementation
Tags: ai, automation, country, cyber, cybersecurity, defense, infrastructure, law, military, strategyIt’s a ‘north star’ strategy and not an executive order: Unlike strategy documents or executive orders issued by presidential administrations in the past, this action plan contains no implementation requirements, deadlines, or specifics on when many of its actions need to be completed or how. It is a “north star strategy for all of these…
-
Microsoft ‘digital escorts’ reveal crucial US counterintelligence blind spot
Tags: access, china, cio, cloud, compliance, country, cyber, cybersecurity, data, defense, firewall, framework, google, government, injection, intelligence, law, microsoft, military, oracle, risk, service, threat, update, vulnerabilityWhat the program was, and how it worked: The digital escort model, according to ProPublica, was designed to comply with federal contracting rules that prohibit foreign nationals from directly accessing sensitive government systems. Under this framework:China-based engineers would file support tickets for tasks such as firewall updates or bug fixes.US-based escorts, often former military personnel…
-
UK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacks
Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said.Authentic Antics was discovered after a cyberattack in 2023 which prompted an NCSC technical teardown of the malware that it published in May this year. The agency…
-
UK Sanctions 3 Russian Military Cyber Units
Leaders of the Russian Military Intelligence Units of the GRU Also Targeted. The U.K. government on Friday sanctioned three Russian Military Intelligence Service units 29155, 26165 and 74455 in the United Kingdom and Ukraine. The sanctions also targeted 18 Russian officials for their role in GRU cyber operations dating back to 2013. First seen on…
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
UK ties GRU to stealthy Microsoft 365 credential-stealing malware
The UK National Cyber Security Centre (NCSC) has formally attributed ‘Authentic Antics’ espionage malware attacks to APT28 (Fancy Bear), threat actor already linked to Russia’s military intelligence service (GRU). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-ties-russian-gru-to-authentic-antics-credential-stealing-malware/
-
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Tags: cyber, cyberespionage, cybersecurity, espionage, finance, government, group, hacker, military, russia, toolFancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit 26165, pursues motivations encompassing financial gain, reputational sabotage, espionage, and political agendas. Their operations frequently…
-
Ukraine Pwns Russian Drone Maker, Gaskar is ‘Paralyzed’
All Your UAVs Are Belong to UKR: Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/ukraine-hacks-russian-drone-maker-gaskar-richixbw/
-
UK sanctions Russian cyber spies accused of facilitating murders
Eighteen members of Russia’s GRU have been sanctioned by the British government for various operations, including military strikes that killed hundreds of civilians in Ukraine. First seen on therecord.media Jump to article: therecord.media/uk-sanctions-gru-personnel-accused-murder-civilians-ukraine
-
Breaking: UK sanctions Russian cyber spies accused of facilitating murders
Eighteen members of Russia’s GRU have been sanctioned by the British government for various operations, including military strikes that killed hundreds of civilians in Ukraine. First seen on therecord.media Jump to article: therecord.media/uk-sanctions-gru-personnel-accused-murder-civilians-ukraine
-
Russia Linked to New Malware Targeting Email Accounts for Espionage
Russian military intelligence-linked hackers are using a new malware called “Authentic Antics” to secretly access Microsoft cloud email accounts, the UK’s NCSC reports First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-malware-targeting-email/
-
Cambodia Arrests More Than 1,000 in Cyberscam Crackdown
Tags: militaryCambodian police and military arrested more than 1,000 people in a crackdown on cyberscam operations that have proliferated in recent years in Southeast Asia and now are spreading globally, ensnaring hundreds of thousands of people in human trafficking schemes who are forced to run romance and other online frauds. First seen on securityboulevard.com Jump to…
-
Chinese Salt Typhoon Infiltrated US National Guard Network for Months
A Department of Homeland Security memo confirms Chinese group Salt Typhoon, extensively compromised a US National Guard network for nearly a year, stealing sensitive military and law enforcement data. First seen on hackread.com Jump to article: hackread.com/chinese-salt-typhoon-infiltrated-us-national-guard-network/
-
Iranian Threat Actors Use AI-Generated Emails to Target Cybersecurity Researchers and Academics
Iranian state-backed Advanced Persistent Threat (APT) groups and their hacktivist allies have stepped up operations that could spark worldwide cyber retaliation in the wake of Israeli and American strikes on Iranian nuclear and military facilities in June 2025. While kinetic conflicts remain contained, the cyber domain has seen a surge in preparatory activities targeting U.S.…
-
Militärlieferant: Systeme eines russischen Drohnenherstellers verwüstet
Tags: militaryUkrainische Cyberakteure wollen erfolgreich die Produktion eines Drohnenherstellers, der das russische Militär beliefert, lahmgelegt haben. First seen on golem.de Jump to article: www.golem.de/news/militaerlieferant-hacker-verwuesten-systeme-eines-russischen-drohnenherstellers-2507-198147.html
-
Ukraine-aligned hackers claim cyberattack on major Russian drone supplier
Ukraine’s military intelligence agency confirmed that it participated with two volunteer hacking groups in an operation against Gaskar Group, a Russian drone company. First seen on therecord.media Jump to article: therecord.media/ukraine-hackers-claim-attack-russia-gaskar-group-drone-maker
-
Chinese ‘Salt Typhoon’ Hackers Infiltrated US National Guard Network for Almost a Year
The Department of Defense (DoD) revealed that an advanced persistent threat (APT) group, known as Salt Typhoon and publicly identified as Chinese state-sponsored actors, had successfully penetrated a U.S. state’s Army National Guard network in a major increase in cyberthreats. This compromise spanned from March 2024 to December 2024, enabling potential exfiltration of sensitive military…
-
Salt Typhoon hacked the US National Guard for 9 months, and accessed networks in every state
Tags: access, attack, best-practice, breach, credentials, cve, cyber, cybersecurity, data, defense, exploit, government, group, hacking, infrastructure, Internet, malicious, military, network, service, theft, threat, vulnerabilitySensitive military data stolen: The attackers gained access to highly sensitive military and infrastructure information during the nine-month intrusion. The memo stated that “in 2024, Salt Typhoon used its access to a US state’s Army National Guard network to exfiltrate administrator credentials, network traffic diagrams, a map of geographic locations throughout the state, and PII…
-
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case
A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted telecommunications companies through hacking, data theft, and extortion schemes. Cameron John Wagenius, who was stationed in Texas during his military service, admitted to conspiring with others to breach protected computer networks and demand ransom payments from victim…
-
Militärlieferant: Hacker verwüsten Systeme eines russischen Drohnenherstellers
Ukrainische Cyberakteure wollen erfolgreich die Produktion eines Drohnenherstellers, der das russische Militär beliefert, lahmgelegt haben. First seen on golem.de Jump to article: www.golem.de/news/militaerlieferant-hacker-verwuesten-systeme-eines-russischen-drohnenherstellers-2507-198147.html
-
Waltz brushes off SignalGate questions, points finger at CISA
In congressional testimony, President Trump’s former national security adviser said his use of Signal to coordinate military operations was “driven by” cybersecurity guidance from CISA. First seen on cyberscoop.com Jump to article: cyberscoop.com/waltz-signal-gate-cisa-guidance-senate-foreign-relations/
-
Military Veterans May Be What Cybersecurity Is Looking For
As the field struggles with a shortage, programs that aim to provide veterans with the technical skills needed to succeed in cybersecurity may be the solution for everyone. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/military-veterans-cybersecurity
-
Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war
The developers behind a custom firmware used to convert consumer drones for military use in Ukraine have reported a cyberattack disrupting the system that distributes the software. First seen on therecord.media Jump to article: therecord.media/cyberattack-russia-firmware-blow-hackers
-
GOP domestic policy bill includes hundreds of millions for military cyber
Democrats have critiqued the bill for not protecting funds for the Cybersecurity and Infrastructure Security Agency. First seen on cyberscoop.com Jump to article: cyberscoop.com/gop-domestic-policy-bill-includes-hundreds-of-millions-for-military-cyber/
-
Digital warfare is blurring civilian front lines
Singapore’s defence cyber chief warns that the traditional lines between military conflict and civilian life are blurring, with adversaries now targeting civilian systems and using AI to put the threat landscape on steroids First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627027/Digital-warfare-is-blurring-civilian-front-lines
-
NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors
Tags: apt, china, cybersecurity, defense, exploit, flaw, government, microsoft, military, network, technology, threat, zero-dayCybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China.According to QiAnXin’s RedDrip Team, the threat actor has been active since 2023 and has…
-
Hacktivist Group Launches Attacks on 20+ Critical Sectors Amid IranIsrael Conflict
A series of sophisticated cyberattacks targeting over 20 vital sectors in Israel and its allies has been launched by more than 80 hacktivist groups in a major escalation of cyberwarfare that parallels the ongoing Iran-Israel confrontation. Following Israel’s recent airstrikes on Iranian military and nuclear facilities, and Iran’s swift retaliation, the digital battlefield has exploded…
-
Ghost in the Machine: A Spy’s Digital Lifeline
Tags: access, ai, attack, authentication, best-practice, cloud, communications, control, country, crypto, cyber, data, encryption, endpoint, framework, government, Hardware, identity, infrastructure, intelligence, jobs, law, linux, mfa, military, network, resilience, risk, software, spy, strategy, technology, threat, tool, vpn, windows, zero-trust -
Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat
Tags: access, advisory, ai, api, attack, authentication, best-practice, cisa, computer, computing, crypto, cryptography, cyber, cybersecurity, data, defense, encryption, exploit, finance, framework, google, governance, government, group, hacker, healthcare, infrastructure, injection, intelligence, Internet, iran, login, mfa, military, mitigation, mitre, network, nist, passkey, password, programming, ransomware, risk, rust, service, software, strategy, tactics, technology, terrorism, threat, tool, training, vulnerability, warfareCheck out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Dive into five things that are top of mind for the…
-
Frequently Asked Questions About Iranian Cyber Operations
Tags: access, advisory, api, apt, attack, authentication, awareness, cisa, cloud, credentials, cve, cyber, cybersecurity, data, data-breach, defense, dos, exploit, finance, framework, government, group, Hardware, identity, infrastructure, injection, Internet, iran, ivanti, malware, mfa, microsoft, middle-east, military, mitre, monitoring, network, password, ransomware, rce, remote-code-execution, risk, service, software, supply-chain, tactics, technology, terrorism, threat, tool, update, vpn, vulnerability, windowsTenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding Iranian cyber operations in the wake of the recent conflict and…