• US Govt: Hackers stole data from US defense org using new malware

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » US Govt: Hackers stole data from US defense org using new malware

    • This topic has 2 replies, 2 voices, and was last updated 2 months ago.
    Author
    Topic
    #2485475

    “The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector.

    “The compromise lasted for about ten months and it is likely that multiple advanced persistent threat (APT) groups likely compromised the organization, some of them gaining initial access through the victim’s Microsoft Exchange Server in January last year.

    “Entities in the Defense Industrial Base Sector provide products and services that enable support and deployment of military operations.

    “They are engaged in the research, development, design, production, delivery, and maintenance of military weapons systems, including all necessary components and parts.”

    https://www.bleepingcomputer.com/news/security/us-govt-hackers-stole-data-from-us-defense-org-using-new-malware/

    ===

    This is VERY bad. Lasted for about TEN MONTHS? I wonder which “Entities” got hit? “Sorry, that’s Classified”…um, wait…

    Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
    --
    "Courage isn’t the absence of fear; it's being scared to death and going on anyway. The man who says he's fearless is a fool, and I won't have him in my command.” —Unknown

    1 user thanked author for this post.
    Viewing 0 reply threads
    Author
    Replies
    • #2485510

      It took the US government 20 months to find out that they were hacked ?
      What exactly do they run as security suites ?

      https://www.askwoody.com/forums/topic/microsoft-exchange-server-zero-day-mitigation-can-be-bypassed/

      • #2485851

        It took the US government 20 months to find out that they were hacked ? What exactly do they run as security suites ?

        It’s called “Low Bidder”.

        Seriously, as a Buyer or a PA  (Purchasing Agent) for a govt contract, you don’t HAVE to take the lowest bidder, but must “Justify” why not.

        It gets sticky.

        You REALLY don’t want to know how this sausage is made.

        Trust me.

        Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
        --
        "Courage isn’t the absence of fear; it's being scared to death and going on anyway. The man who says he's fearless is a fool, and I won't have him in my command.” —Unknown

        1 user thanked author for this post.
    Viewing 0 reply threads
    Reply To: US Govt: Hackers stole data from US defense org using new malware

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: