Defence and Aerospace


  • Brazilian aerospace firm Embraer hit by cyberattack

    December 2, 2020

    Brazilian aerospace and defence group Embraer has been targeted by a cyberattack that has impacted the company’s operations. According to a statement released by the global firm on Monday (30) the attack resulted in the “disclosure of data allegedly attributed to the company”. The incident was reported five days after it took place to the Brazilian Securities ...

  • The UK’s new offensive cyber unit takes on organised crime and hostile states

    November 19, 2020

    A new offensive force made up of spies, cyber experts and the members of the military is already conducting cyber operations to disrupt hostile state activities, terrorists and criminals, the UK government has revealed. The new group – known as the National Cyber Force – aims to tackle threats to the UK’s national security such as ...

  • Huge U.K. Defense Spending Boost Funds Cyber Force, Space Command And AI

    November 19, 2020

    U.K. Prime Minister Boris Johnson announced on Wednesday evening that the Ministry of Defence would receive an extra £16.5 bn / $21.8bn over the next four years. This is the largest investment in defense for 30 years and is on top of already agreed increases in spending. Johnson said that the massive increase was justified despite ...

  • Australia’s critical infrastructure definition to span communications, data storage, space

    November 9, 2020

    The federal government on Monday published an exposure draft on the Security Legislation Amendment (Critical Infrastructure) Bill 2020. It seeks to amend the Security of Critical Infrastructure Act 2018 to implement “an enhanced framework to uplift the security and resilience of Australia’s critical infrastructure”. The Australian government’s Critical Infrastructure Resilience Strategy currently defines critical infrastructure as: ...

  • Operation North Star: Behind The Scenes

    November 5, 2020

    It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within the digital realm. The only transparency afforded is a limited view of victims, a malware sample, and perhaps the IP addresses of historical command and control (C2) infrastructure. The Operation North Star campaign we detailed earlier this year ...

  • Phishing for secrets: Russian cyber experts believe defense industry is being attacked by North Korea

    October 19, 2020

    A hacker group from North Korea has been attacking Russian military and industrial organizations by sending fraudulent emails, according to cybersecurity experts, who believe that Pyongyang is beginning to cast its net wider. This may come as a surprise to some, as Russia is one of very few countries with no hostility towards Pyongyang, which has ...

  • NSA: Top 25 vulnerabilities actively abused by Chinese hackers

    October 19, 2020

    The U.S. National Security Agency (NSA) warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests. In an advisory issued today, the NSA said that it is aware of targeted attacks by Chinese state-sponsored hackers against National Security Systems (NSS), the U.S. Defense Industrial Base (DIB), and the Department of ...

  • Russian hackers use fake NATO training docs to breach govt networks

    September 22, 2020

    A Russian hacker group known by names, APT28, Fancy Bear, Sofacy, Sednit, and STRONTIUM, is behind a targeted attack campaign aimed at government bodies. The group delivered a hard-to-detect strand of Zebrocy Delphi malware under the pretense of providing NATO training materials. Researchers further inspected the files containing the payload and discovered these impersonated JPG files showing ...

  • US charges Iranian hackers for breaching US satellite companies

    September 17, 2020

    Three Iranian nationals have been indicted on charges of hacking US aerospace and satellite companies, the US Department of Justice announced today. Federal prosecutors accused Said Pourkarim Arabi, Mohammad Reza Espargham, and Mohammad Bayati of orchestrating a years-long hacking campaign on behalf of the Iranian government. The hacking spree started in July 2015 and targeted a broad ...

  • U.S. Dept of Veterans Affairs data breach affects 46,000 veterans

    September 15, 2020

    The U.S. Department of Veterans Affairs (VA) has suffered a data breach that has led to the exposure of personal information for over 46,000 veterans. The VA department was created to ensure United States veterans receive the health services, benefits, and care they deserve. In a data breach notification released yesterday, the VA states that hackers breached ...

  • Transparent Tribe: Evolution analysis, part 1

    August 20, 2020

    Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. Proofpoint published a very good article about them in 2016, and since that day, we have kept an eye on the group. We have periodically reported their activities through our APT ...

  • Nigeria: Military Personnel Arrested For Cybercrime In Lagos

    August 17, 2020

    Lance Corporal Ajayi Kayode, a serving military personnel in Lagos State, has been arrested for alleged Internet fraud. Kayode was arrested in the Lekki axis of the state by operatives of the Economic and Financial Crimes Commission. The soldier, who was arrested alongside 26 others, said he was still learning “yahoo yahoo” (Internet fraud) from his friends ...

  • CactusPete APT group’s updated Bisonal backdoor

    August 13, 2020

    CactusPete (also known as Karma Panda or Tonto Team) is an APT group that has been publicly known since at least 2013. Some of the group’s activities have been previously described in public by multiple sources. We have been investigating and privately reporting on this group’s activity for years as well. Historically, their activity has ...

  • CISA, DOD, FBI expose new versions of Chinese malware strain named Taidoor

    August 3, 2020

    Three agencies of the US government have published today a joint alert alerting US private entities about new versions of Taidoor, a malware family previously associated with Chinese state-sponsored hackers. The alert has been authored by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA), the Department of Defense’s Cyber Command (CyberCom), and ...

  • US defense and aerospace sectors targeted in new wave of North Korean attacks

    July 30, 2020

    Tracked under the codename of “Operation North Star,” McAfee said these attacks have been linked to infrastructure and TTPs (Techniques, Tactics, and Procedures) previously associated with Hidden Cobra — an umbrella term the US government uses to describe all North Korean state-sponsored hacking groups. As for the attacks themselves, McAfee said they were run-of-the-mill spear-phishing emails ...

  • Cyber experts urge Australia to develop local capability to defend against hackers

    July 12, 2020

    Cyber experts have urged the federal government to become less reliant on overseas businesses, technologies and expertise for its defences against hackers as it puts the finishing touches on the nation’s new cyber security strategy. Foreign providers are responsible for most of the cyber security products and services in Australia, with no local companies among the ...

  • CISA: Nation-State Attackers Likely to Take Aim at Palo Alto Networks Bug

    June 30, 2020

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication. The Department of Defense (DoD) arm that oversees cyberspace operations has advised all devices affected ...

  • Battling COVID; a cyber Airman’s story

    June 26, 2020

    Tech. Sgt. Brandon Ibanez, a cyber intelligence analyst with the 854th Combat Operations Squadron here, doesn’t wear a helmet to work, nor does he wear a sword or shield. As a Gladiator in the 960th Cyberspace Wing, it’s not a requirement to don the traditional uniform of ancient Roman fighters, and it would be impractical because ...

  • 23 IS conducts virtual PAI training

    June 25, 2020

    Reserve Citizen Airmen from the 23rd Intelligence Squadron organized and executed a first-ever, unit-wide Publicly Available Information (PAI) training session June 6, 2020. The goal of the training was to educate 23 IS Airmen with PAI best practices and highlight the capabilities that PAI brings to intelligence operations. The training was part of the squadron’s ...

  • 13th Signal Regiment: British Army creates new cyber unit to protect forces

    June 5, 2020

    The British Army has created a new military cyber unit to protect forces in the modern era. The 13th Signal Regiment was formally launched on Monday. It will be based at Blandford Forum in Dorset but operate where needed around the world. It was described by a defence source as a “restructuring of existing capabilities”, bringing together ...