Suspected Chinese state hackers target Russian submarine designer

Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. They used a spear-phishing email specifically crafted to lure the Read More …

Pulse Secure VPN zero-day used to hack defense firms, govt orgs

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base (DIB) networks. To mitigate the Read More …

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

In a new report released Thursday, the U.S. Government Accountability Office (GAO) said the Department of Defense fails to communicate clear cybersecurity guidelines to contractors tasked with building systems for its weapons programs. As part of its so called congressional Read More …

Lazarus targets defense industry with ThreatNeedle

We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a Read More …

RansomExx Ransomware Gang Dumps Stolen Embraer Data: Report

Hackers have dumped sensitive company data that was stolen during a ransomware attack last month on aircraft manufacturer Embraer. The compromised data appeared on a new dark web site created to publish leaked information, according to a published report. The Read More …

Operation North Star: Behind The Scenes

It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within the digital realm. The only transparency afforded is a limited view of victims, a malware sample, and perhaps the IP addresses of Read More …

Phishing for secrets: Russian cyber experts believe defense industry is being attacked by North Korea

A hacker group from North Korea has been attacking Russian military and industrial organizations by sending fraudulent emails, according to cybersecurity experts, who believe that Pyongyang is beginning to cast its net wider. This may come as a surprise to Read More …

NSA: Top 25 vulnerabilities actively abused by Chinese hackers

The U.S. National Security Agency (NSA) warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests. In an advisory issued today, the NSA said that it is aware of targeted attacks by Chinese state-sponsored Read More …