Defence and Aerospace


  • Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure

    September 5, 2024

    The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm ...

  • Pentagon contractor Leidos hit by data breach Internal documents leaked on cybercrime forum

    July 25, 2024

    Hackers have reportedly leaked internal documents stolen from Leidos Holdings Inc., a company with a significant contract portfolio including the US Defense Department, Homeland Security, and NASA. A person with knowledge of the matter told Bloomberg News that the company believes the documents leaked by hackers were stolen during a previously disclosed breach at Diligent Corporation. ...

  • Allies agree new NATO Integrated Cyber Defence Centre

    July 10, 2024

    The NATO Integrated Cyber Defence Centre (NICC) will enhance the protection of NATO and Allied networks and the use of cyberspace as an operational domain. The Centre will inform NATO military commanders on possible threats and vulnerabilities in cyberspace, including privately-owned civilian critical infrastructures necessary to support military activities. The Centre will bring together civilian and ...

  • NATO releases revised AI strategy

    July 10, 2024

    On Wednesday (10 July 2024), NATO released its revised artificial intelligence (AI) strategy, which aims to accelerate the use of AI technologies within NATO in a safe and responsible way. AI or Artificial intelligence concept. It builds on one published in 2021 and takes account of recent advances in AI technologies, such as generative AI, and ...

  • The US Wants to Integrate the Commercial Space Industry With Its Military to Prevent Cyber Attacks

    June 29, 2024

    The US military recently launched a groundbreaking initiative to strengthen ties with the commercial space industry. The aim is to integrate commercial equipment into military space operations, including satellites and other hardware. This would enhance cybersecurity for military satellites. As space becomes more important to the world’s critical infrastructure, the risk increases that hostile nation-states will ...

  • Stopping Chinese cyberattacks is officially now the biggest priority for US security forces

    June 25, 2024

    The US Department of Homeland Security (DHS) has shuffled its priorities to place battling the “cyber and other threats posed by the People’s Republic of China” at the top of the list, at least until the end of 2025. China has been conducting numerous cyber attacks against US infrastructure, particularly focussing on internet-facing endpoints within water ...

  • China’s state security authorities warn of foreign spies hunting military info on messaging app

    June 23, 2024

    China’s Ministry of State Security on Saturday posted a short film calling on the public to enhance national security awareness, as the film describes a case of espionage in which a military enthusiast was deceived by a foreign spy disguised as a pretty girl on instant messaging app into giving up sensitive military information. Adapted from ...

  • Japan’s space agency was hit by multiple cyberattacks, but officials say no sensitive data was taken

    June 21, 2024

    Japan’s space agency has suffered a series of cyberattacks since last year, but sensitive information related to rockets and satellites was not affected and it is continuing to investigate and take preventive measures, officials said Friday. Chief Cabinet Secretary Yoshimasa Hayashi acknowledged that the Japan Aerospace Exploration Agency, or JAXA, has had “a number of” cyberattacks ...

  • A New Branch of the Armed Forces is Critical to Addressing Cyber Threats to America

    June 7, 2024

    The concept of a United States Cyber Force has been proposed in one form or another for more than a decade. Perhaps the most well-known advocate is ADM James G. Stavridis, retired NATO Supreme Allied Commander and the former Commander of both European and Southern Commands, who has highlighted many of the salient obstacles to the ...

  • Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies

    June 5, 2024

    Since March 2024, the BI.ZONE Threat Intelligence team has been tracking the cluster of activity dubbed Sapphire Werewolf. The threat actor targets Russia’s industries, such as education, manufacturing, IT, defense, and aerospace engineering. Over 300 attacks were carried out using Amethyst, an offshoot of the popular open‑source SapphireStealer. The attackers disguise the malware as an enforcement ...

  • Ukrainian intelligence’ hackers attack Russian government agencies and large companies

    June 5, 2024

    Hackers from the Main Intelligence Directorate (DIU) of Ukraine’s Ministry of Defense have attacked the electronic services of several Russian ministries and banking institutions, according to RBC-Ukraine source in the special services. According to Roskomnadzor (Federal Service for Supervision of Communications, Information Technology and Mass Media) , the disruption is allegedly linked to an accident in ...

  • Guidance on the 911 S5 Residential Proxy Service

    May 29, 2024

    The Federal Bureau of Investigation (FBI), Defense Criminal Investigative Services (DCIS), and Department of Commerce (DOC) are publishing this announcement to notify the public of the dismantlement of the 911 S5 residential proxy service and to help individuals and businesses better understand and guard against 911 S5 proxy service and botnet. 911 S5 began operating in ...

  • Pakistani hackers target ‘Make in India’ defence programs

    May 28, 2024

    As per a report, three public sector defence equipment manufacturers as well as India’s security forces have been on the target of an espionage campaign run by a notorious Pakistani hacking group with suspected links to its military. Transparent Tribe, known as Advanced Persistent Threat (APT) 36 among cybersecurity professionals, has been targeting employees in defence ...

  • India-Estonia Cyber Security Pact to Combat Growing Threat from Chinese Hackers

    May 25, 2024

    An Indian contingent was, for the first time, observers in an NATO-run cyber security exercise in Estonia this month. The exercise, the equivalent of an cyber Olympiad, was the largest exercise of its kind in Europe, Tiit Riisalo, Estonian economic affairs and information technology minister, said. Exercise Locked Shields involved 32 NATO countries and a handful ...

  • Boeing says it refused to pay massive ransomware demand

    May 9, 2024

    Boeing has revealed it refused to pay a $200 million ransom demand from ransomware hackers who stole a tranche of sensitive data in 2023. The incident impacted elements of its parts and distribution business, but that flight safety was not compromised. LockBit’s affiliates walked away with 43 gigabytes of data, for which they later demanded an ...

  • Fortinet and NATO’s Annual “Exercise Locked Shields” Cyber Wargames

    May 7, 2024

    Fortinet has once again had the honor of contributing to NATO’s annual Exercise Locked Shields, a premier cyber warfare event known as the world’s largest and most intricate international live-fire cyber-defense exercise. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), this cyber-warfare exercise has been a recurring event since 2010. It is designed ...

  • China suspected of hacking UK armed forces payroll

    May 7, 2024

    The government suspects China was behind the hack of an armed forces payroll system, the BBC understands. Defence Secretary Grant Shapps will not identify a specific culprit when he addresses MPs today, but is expected to warn of the dangers posed by cyber espionage from hostile states. The system used by the Ministry of Defence (MoD) ...

  • ToddyCat is making holes in your infrastructure

    April 22, 2024

    Kapersky researchers continue covering the activities of the APT group ToddyCat. In their previous article, they described tools for collecting and exfiltrating files (LoFiSe and PcExter). This time, the researchers have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract ...

  • Russia slaps sanctions on UK IT sector

    April 10, 2024

    Moscow has blacklisted 22 British government officials, members of the IT sector and legal service market as a measure of retaliation, the Russian Foreign Ministry said in a statement. Those blacklisted particularly include employees of British companies, namely Micro Focus, providing Ukrainian forces with “software and cyber protection services necessary in the process of data collection ...

  • Why the threat of a ‘nightmare’ Chinese supercomputer just got a step closer

    April 4, 2024

    A cyber security official at the US State Department had noticed something unusual. An internal IT security system, nicknamed “Big Yellow Taxi”, had flagged unusual activity on its corporate Microsoft account. The tech team quickly raised its concerns to Microsoft, hopeful that the alert was just a false positive. What rapidly emerged, however, was that a ...