Defence and Aerospace


  • A New Branch of the Armed Forces is Critical to Addressing Cyber Threats to America

    June 7, 2024

    The concept of a United States Cyber Force has been proposed in one form or another for more than a decade. Perhaps the most well-known advocate is ADM James G. Stavridis, retired NATO Supreme Allied Commander and the former Commander of both European and Southern Commands, who has highlighted many of the salient obstacles to the ...

  • Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies

    June 5, 2024

    Since March 2024, the BI.ZONE Threat Intelligence team has been tracking the cluster of activity dubbed Sapphire Werewolf. The threat actor targets Russia’s industries, such as education, manufacturing, IT, defense, and aerospace engineering. Over 300 attacks were carried out using Amethyst, an offshoot of the popular open‑source SapphireStealer. The attackers disguise the malware as an enforcement ...

  • Ukrainian intelligence’ hackers attack Russian government agencies and large companies

    June 5, 2024

    Hackers from the Main Intelligence Directorate (DIU) of Ukraine’s Ministry of Defense have attacked the electronic services of several Russian ministries and banking institutions, according to RBC-Ukraine source in the special services. According to Roskomnadzor (Federal Service for Supervision of Communications, Information Technology and Mass Media) , the disruption is allegedly linked to an accident in ...

  • Guidance on the 911 S5 Residential Proxy Service

    May 29, 2024

    The Federal Bureau of Investigation (FBI), Defense Criminal Investigative Services (DCIS), and Department of Commerce (DOC) are publishing this announcement to notify the public of the dismantlement of the 911 S5 residential proxy service and to help individuals and businesses better understand and guard against 911 S5 proxy service and botnet. 911 S5 began operating in ...

  • Pakistani hackers target ‘Make in India’ defence programs

    May 28, 2024

    As per a report, three public sector defence equipment manufacturers as well as India’s security forces have been on the target of an espionage campaign run by a notorious Pakistani hacking group with suspected links to its military. Transparent Tribe, known as Advanced Persistent Threat (APT) 36 among cybersecurity professionals, has been targeting employees in defence ...

  • India-Estonia Cyber Security Pact to Combat Growing Threat from Chinese Hackers

    May 25, 2024

    An Indian contingent was, for the first time, observers in an NATO-run cyber security exercise in Estonia this month. The exercise, the equivalent of an cyber Olympiad, was the largest exercise of its kind in Europe, Tiit Riisalo, Estonian economic affairs and information technology minister, said. Exercise Locked Shields involved 32 NATO countries and a handful ...

  • Boeing says it refused to pay massive ransomware demand

    May 9, 2024

    Boeing has revealed it refused to pay a $200 million ransom demand from ransomware hackers who stole a tranche of sensitive data in 2023. The incident impacted elements of its parts and distribution business, but that flight safety was not compromised. LockBit’s affiliates walked away with 43 gigabytes of data, for which they later demanded an ...

  • Fortinet and NATO’s Annual “Exercise Locked Shields” Cyber Wargames

    May 7, 2024

    Fortinet has once again had the honor of contributing to NATO’s annual Exercise Locked Shields, a premier cyber warfare event known as the world’s largest and most intricate international live-fire cyber-defense exercise. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), this cyber-warfare exercise has been a recurring event since 2010. It is designed ...

  • China suspected of hacking UK armed forces payroll

    May 7, 2024

    The government suspects China was behind the hack of an armed forces payroll system, the BBC understands. Defence Secretary Grant Shapps will not identify a specific culprit when he addresses MPs today, but is expected to warn of the dangers posed by cyber espionage from hostile states. The system used by the Ministry of Defence (MoD) ...

  • ToddyCat is making holes in your infrastructure

    April 22, 2024

    Kapersky researchers continue covering the activities of the APT group ToddyCat. In their previous article, they described tools for collecting and exfiltrating files (LoFiSe and PcExter). This time, the researchers have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract ...

  • Russia slaps sanctions on UK IT sector

    April 10, 2024

    Moscow has blacklisted 22 British government officials, members of the IT sector and legal service market as a measure of retaliation, the Russian Foreign Ministry said in a statement. Those blacklisted particularly include employees of British companies, namely Micro Focus, providing Ukrainian forces with “software and cyber protection services necessary in the process of data collection ...

  • Why the threat of a ‘nightmare’ Chinese supercomputer just got a step closer

    April 4, 2024

    A cyber security official at the US State Department had noticed something unusual. An internal IT security system, nicknamed “Big Yellow Taxi”, had flagged unusual activity on its corporate Microsoft account. The tech team quickly raised its concerns to Microsoft, hopeful that the alert was just a false positive. What rapidly emerged, however, was that a ...

  • Pentagon Creates Office of the Assistant Secretary of Defense for Cyber Policy

    April 1, 2024

    On March 21, President Joe Biden nominated Michael Sulmeyer, principal cyber adviser to the secretary of the Army, to serve as assistant secretary of defense for cyber policy, or ASD(CP). Ashley Manning, a career member of the Senior Executive Service, is currently performing the duties of ASD(CP). According to the department, the ASD(CP) will oversee and certify ...

  • Funding delivered to upgrade Fort Eisenhower’s Cyber Center of Excellence

    April 1, 2024

    U.S. Senator Jon Ossoff is delivering $163 million in funding to upgrade Fort Eisenhower’s Cyber Center of Excellence. The funding comes after the Ft. Eisenhower Cyber Center Enhancement Act through the FY24 National Defense Authorization Act was passed, which authorized the construction of new classrooms at the Cyber Center of Excellence. Ossoff’s team says the funding ...

  • Chinese international purchasing agency for military equipment has agency qualification revoked for serious risk of information leakage

    March 13, 2024

    A Chinese international purchasing agency has had its purchasing agency qualification revoked for serious risk of information leakage due to the company’s internal mismanagement and poor practices around managing sensitive data, the Equipment Development Department (EDD) of China’s Central Military Commission (CMC) announced in a statement on Tuesday. According to the investigation, China Far East International ...

  • Chinese security authority warns of espionage traps in online dating and job hunting

    March 13, 2024

    Are they your like-minded “online friends”? Intimate “lovers”? Caring “friends”? Helpful “good Samaritans”? Or perhaps, these are all just sweet “traps” set by espionage forces, Chinese Ministry of State Security warned the public in its latest article published on Wednesday. The ministry listed several cases adapted from real life incidents with characters using pseudonyms in the ...

  • Mysterious Werewolf hits defense industry with new RingSpy backdoor

    March 12, 2024

    The criminal group gains initial access through phishing emails with a compressed executable that unleashes RingSpy, an original remote access backdoor The BI.ZONE Threat Intelligence team has detected a new campaign by Mysterious Werewolf, a cluster that has been active since at least 2023. This time, the adversaries are targeting defense enterprises. To achieve their goals, ...

  • U.S. Army Intelligence Analyst Arrested and Charged with Conspiracy to Obtain and Disclose National Defense Information

    March 7, 2024

    Korbein Schultz, a U.S. Army soldier and intelligence analyst, was arrested today at Fort Campbell following an indictment by a federal grand jury charging him with conspiracy to obtain and disclose national defense information, exporting technical data related to defense articles without a license, conspiracy to export defense articles without a license, and bribery of ...

  • Capita shares sink as outsourcing giant swings to £107m loss, takes £25m hit from cyber attack

    March 6, 2024

    Capita has incurred £25.3m in costs tied to a cyber attack last March as the outsourcing giant swung to an annual loss and ramped up its cost-cutting programme. Shares fell 16 per cent on Wednesday morning. The group, which runs key local government, military and NHS services, posted a pretax loss of £106.6m for 2023, compared ...

  • Germany: Use of non-secure line behind Taurus talk leak to Russia

    March 5, 2024

    The Ministry of Defence blamed an unnamed individual’s improper use of a “non-secure data line” for the recent leak of a German army conversation about the Taurus weapon system to Russia. The mistake was made by the participant who took part in the conversation from Singapore and had dialled in via a “non-secure data line” such ...