Defence and Aerospace


  • Biden gave Putin list of 16 critical infrastructure entities ‘off limits’ to cyberattacks

    June 17, 2021

    President Biden told reporters Wednesday he gave President Vladimir Putin a list of 16 critical infrastructure entities that are “off limits” to a Russian cyberattack. Those entities include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial facilities, IT, transportation, dams, manufacturing and financial services. “We’ll find out whether we have a cybersecurity arrangement ...

  • NATO summit communiqué compares repeat cyberattacks to armed attacks

    June 15, 2021

    A communiqué issued at the conclusion of the NATO summit has called for China to observe the laws of cyberspace, and set out new standards by which members of the alliance will consider cyberattacks. The new standard refers to Article 5 of the 1949 North Atlantic Treaty, as it declares that an attack on a single ...

  • REvil ransomware hits US nuclear weapons contractor

    June 14, 2021

    US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack. Sol Oriens describes itself as helping the “Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms carry out complex programs.” However, job postings first ...

  • US truck and military vehicle maker Navistar discloses data breach

    June 7, 2021

    Navistar International Corporation (Navistar), a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. The company disclosed the attack in an 8-K report filed with the Securities and Exchange Commission (SEC) on Monday. Read more… Source: Bleeping Computer  

  • New SkinnyBoy malware used by Russian hackers to breach sensitive orgs

    June 3, 2021

    Security researchers have discovered a new piece of malware called SkinnyBoy that was used in spear-phishing campaigns attributed to Russian-speaking hacking group APT28. The threat actor, also known as Fancy Bear, Sednit, Sofacy, Strontium, or PwnStorm, used SkinnyBoy in attacks targeting military and government institutions earlier this year. SkinnyBoy is intended for an intermediary stage of the ...

  • US nuclear weapon bunker security secrets spill from online flashcards since 2013

    May 28, 2021

    Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they’re being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available. The astonishing security blunder was revealed by investigative journalism website ...

  • Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices

    May 27, 2021

    Mandiant published detailed results of our investigations into compromised Pulse Secure devices by suspected Chinese espionage operators. This blog post is intended to provide an update on our findings, give additional recommendations to network defenders, and discuss potential implications for U.S.-China strategic relations. Mandiant continues to gather evidence and respond to intrusions involving compromises of Pulse ...

  • Here’s how we got persistent shell access on a Boeing 747 – Pen Test Partners

    May 21, 2021

    Researchers from infosec biz Pen Test Partners established a persistent shell on an in-flight entertainment (IFE) system from a Boeing 747 airliner after exploiting a vulnerability dating back to 1999. It’s an attack that’s more of a curiosity than anything else: it’s too difficult to pull off during an actual flight, and it’s rare these days ...

  • How Myanmar’s military moved in on the telecoms sector to spy on citizens

    May 19, 2021

    In the months before the Myanmar military’s Feb. 1 coup, the country’s telecom and internet service providers were ordered to install intercept spyware that would allow the army to eavesdrop on the communications of citizens, sources with direct knowledge of the plan told Reuters. The technology gives the military the power to listen in on calls, ...

  • Fresh Loader Targets Aviation Victims with Spy RATs

    May 13, 2021

    A cyberattack campaign that goes after aviation targets has been uncovered, which is spreading remote access trojan (RAT) malware bent on cyber-espionage. Researchers from Microsoft said this week on Twitter that spear-phishing emails are the main attack vector. Individuals in the aerospace and travel sectors are being targeted with a range of gambits, such as using ...

  • US Department of Defense expands its bug hunting programme to networks, IoT and more

    May 5, 2021

    The US Department of Defense (DOD) has significantly expanded its bug bounty program to all publicly accessible information systems, including not just websites but also networks, frequency-based communication, Internet of Things, and industrial control systems. The DoD bug bounty, which is overseen by the DoD’s Cyber Crime Center (DC3), is now much broader than the “Hack ...

  • Suspected Chinese state hackers target Russian submarine designer

    April 30, 2021

    Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. They used a spear-phishing email specifically crafted to lure the general director of the company into opening a malicious document. The threat actor targeted Rubin Central Design ...

  • Cyberspies target military organizations with new Nebulae backdoor

    April 28, 2021

    A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. For at least a decade, the hacking group known as Naikon has actively spied on organizations in countries around the South China Sea, including the Philippines, Malaysia, Indonesia, Singapore, and Thailand, for ...

  • Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity

    April 28, 2021

    In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named “Ghostwriter.” Ghostwriter is a cyber-enabled influence campaign which primarily targets audiences in Lithuania, Latvia and Poland and promotes narratives critical of the North Atlantic Treaty Organization’s (NATO) presence in Eastern Europe. Since releasing our public report, we have ...

  • The big Pentagon internet mystery now partially solved

    April 24, 2021

    A very strange thing happened on the internet the day President Joe Biden was sworn in. A shadowy company residing at a shared workspace above a Florida bank announced to the world’s computer networks that it was now managing a colossal, previously idle chunk of the internet owned by the U.S. Department of Defense. That real ...

  • Passwordstate password manager hacked in supply chain attack

    April 23, 2021

    Click Studios, the company behind the Passwordstate enterprise password manager, notified customers that attackers compromised the app’s update mechanism to deliver malware in a supply-chain attack after breaching its networks. Passwordstate is an on-premises password management solution used by over 370,000 security and IT professionals at 29,000 companies worldwide, as the company claims. Its customer list includes ...

  • Pulse Secure VPN zero-day used to hack defense firms, govt orgs

    April 20, 2021

    Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base (DIB) networks. To mitigate the vulnerability tracked as CVE-2021-22893 (with a maximum 10/10 severity score), Pulse Secure advises customers with gateways ...

  • The Security dilemma of smart factories [Part 3] Fundamental security risks in robot languages

    April 19, 2021

    Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact ...

  • NATO prepares for world’s largest cyber war game

    April 13, 2021

    Military cyber security specialists are preparing for the largest cyber war game in the world, which kicks off tomorrow as the fictional NATO member state of Berylia comes under attack. The real-time NATO exercise will include defenders practising the protection of critical civilian and military infrastructure, including water treatment facilities and energy plants. Amid the increasing risk ...

  • Indian defense chief admits China’s cyber-weapons would ‘disrupt large number of systems’ whenever Beijing presses the button

    April 9, 2021

    The highest-ranked officer in India’s armed forces has admitted that China has cyber-war capabilities that can overwhelm his nation’s defenses and suggested that only cross-forces collaboration will get India to parity with its giant neighbor. General Bipin Rawat, a four-star general and since 2020 the first to hold a new role of chief of defense staff, ...