Defence and Aerospace

October 3, 2021

Fredrick Brown, a former U.S. Army contractor, was sentenced today to 151 months in prison after admitting to his role in a conspiracy that targeted thousands of U.S. service members and veterans and caused millions of dollars in losses. Brown was one of five fraudsters charged with carrying out an identify-theft and fraud scheme that targeted ...

October 3, 2021

The UK Government’s new National Cyber Force (NCF) will be located in Samlesbury in the North West, Defence Secretary Ben Wallace has confirmed. Samlesbury is also home to a BAE Systems site. The NCF draws together personnel from intelligence, cyber and security agency GCHQ, the Ministry of Defence (MOD), the Secret Intelligence Service (MI6) and the Defence ...

October 1, 2021

A new APT group has emerged that’s specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to compromise networks. Researchers at security firm Positive Technologies have been tracking the group, dubbed ChamelGang for its chameleon-like capabilities, since March. ...

September 30, 2021

Virtual Private Networks (VPNs) allow users to remotely connect to a corporate network via a secure tunnel. Through this tunnel, users can take advantage of the internal services and protections normally offered to on-site users, such as email/collaboration tools, sensitive document repositories, and perimeter firewalls and gateways. Because remote access VPN servers are entry points into protected networks, they ...

September 30, 2021

The Ministry of Defence has published a data strategy that calls on the British armed forces to make better use of its “enduring strategic asset” – by spying on social media and dobbing in dissenters to local councils. In a move bound to fuel tinfoil hat-wearing conspiracy theorists, the MoD’s Data Strategy for Defence document ...

September 21, 2021

The Ministry of Defence has launched an investigation into a data breach involving the details of 250 Afghan interpreters. An MoD spokeswoman told Sky News 250 email addresses are part of the breach, but it is not yet known if they contain the names or photos of the translators involved. The breach was carried out by the ...

September 17, 2021

Researchers have unmasked a lengthy campaign against the aviation sector, beginning with the analysis of a Trojan by Microsoft. On May 11, Microsoft Security Intelligence published a Twitter thread outlining a campaign targeting the “aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT.” Read more… Source: ZDNet  

September 15, 2021

Australia, the UK, and the US are setting up a trilateral partnership aimed at addressing defence and security concerns in the Indo-Pacific region. The security partnership, called AUKUS, will look to promote deeper information and technology sharing between the three governments, with Australian Prime Minister Scott Morrison saying the new security partnership would enhance existing networks ...

September 9, 2021

Email accounts connected to the Virginia Defense Force and the Virginia Department of Military Affairs were impacted by a cyberattack in July, according to a spokesperson from the Virginia National Guard. A. A. Puryear, chief of public affairs for the Virginia National Guard, told ZDNet that the organization was notified in July about a possible cyber ...

September 2, 2021

“Space is an invaluable domain, but it is also increasingly crowded and particularly susceptible to a range of cyber vulnerabilities and threats.” That’s not an overblown sci-fi movie strapline, but rather the chilling words of Gina Galasso, managing director of The Aerospace Corporation UK, a member of the international collaborative organisation, Space ISAC (the Space Information ...

August 17, 2021

While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer. The NSO Group’s spyware spurred a collaborative investigation that found that it was being used to target high-ranking individuals in 11 different countries. In this blog ...

August 17, 2021

The Taliban have seized U.S. military biometrics devices that could aid in the identification of Afghans who assisted coalition forces, current and former military officials have told The Intercept. The devices, known as HIIDE, for Handheld Interagency Identity Detection Equipment, were seized last week during the Taliban’s offensive, according to a Joint Special Operations Command official ...

August 4, 2021

The US military is testing the use of cutting-edge data gathering tools combined with artificial intelligence to predict enemies’ next moves with up to days of advance. Speaking at a press conference, the commander of the US Northern Command (NORTHCOM) Glen VanHerck revealed that trials have been on-going to improve the military’s use of data when ...

July 29, 2021

FORT MEADE, Md. – NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data. Cyber actors can compromise devices over Bluetooth, public Wi-Fi, and Near-Field ...

July 16, 2021

The official website of the Russian Defense Ministry is down due to a DDoS attack, a source in the law enforcement informed TASS on Friday. “Specialists from the defense ministry are repelling a DDoS attack on the official website of the Defense Ministry,” the source said. Read more… Source: TASS  

July 12, 2021

SolarWinds is urging customers to patch a Serv-U remote code execution vulnerability exploited in the wild by “a single threat actor” in attacks targeting a limited number of customers. “Microsoft has provided evidence of limited, targeted customer impact, though SolarWinds does not currently have an estimate of how many customers may be directly affected by the ...

July 9, 2021

The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves impersonating defense contractors seeking job candidates. Researchers have been tracking Lazarus activity for months with engineering targets in the United States and Europe, according to a report published online by ...

July 5, 2021

2021 is a significant year for aviation. It marks the 20th anniversary of the 9/11 attacks, the worst acts of unlawful interference in the history of aviation. It is also the Year of Security Culture for the ICAO community, which aims to enhance security awareness and foster a security culture throughout the industry. The importance ...

July 2, 2021

CISA is taking action to understand and address the recent supply-chain ransomware attack against Kaseya VSA and the multiple managed service providers (MSPs) that employ VSA software. CISA encourages organizations to review the Kaseya advisory and immediately follow their guidance to shutdown VSA servers. Source: Cybersecurity and Infrastructure Security Agency KASEYA VSA Important Notice July 2nd, 2021 KASEYA VSA ...

July 1, 2021

FORT MEADE, Md. – The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military intelligence against U.S. and global organizations, starting from mid-2019 and likely ongoing. This advisory is ...