Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars. Peter Williams pleaded guil...

ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising

The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering. This week’s findings show how that...

Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign

The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber...

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs. • Implement endpoint detection and response tools. From at least January 2020, through February 202...

Iranian APT Lures Defense Contractor in Catfishing-Malware Scam

Most people have probably heard of catfishing. That’s when someone adopts a fake online persona, usually to trick someone into falling in love. Now, threat actors have developed their own spin on the grift, developing appealing — objectively hot — profiles to charm victims into downloading malwar...

Hackers posed as aerobics instructors in malware attack on defense contractors

By Deeba Ahmed Iranian hackers used social media platforms especially Facebook to target employees of an aerospace defense contractor to steal their login credentials. This is a post from HackRead.com Read the original post: Hackers posed as aerobics instructors in malware attack on defense...

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees

An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an aerospace defense contractor with malware as part of a years-long social engineering and targeted malware campaign. Enterprise security firm Proofpoint...

New Chinese Malware Targeted Russia's Largest Nuclear Submarine Designer

A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines for the naval arm of the Russian Armed Forces. The phishing attack, which singled out a general director...

Dark web hacker leaks sensitive Indian defense contractor data

By Waqas Indian defense contactor Bharat Earth Movers Limited BEML has been hacked. This is a post from HackRead.com Read the original post: Dark web hacker leaks sensitive Indian defense contractor data...

New Android Spyware Created by Russian Defense Contractor Found in the Wild

Cybersecurity researchers have uncovered a new piece of mobile surveillance malware believed to be developed by a Russian defense contractor that has been sanctioned for interfering with the 2016 U.S. presidential election. Dubbed Monokle, the mobile remote-access trojan has been actively targeti...

Significant FormBook Distribution Campaigns Impacting the U.S. and South Korea

We observed several high-volume FormBook malware distribution campaigns primarily taking aim at Aerospace, Defense Contractor, and Manufacturing sectors within the U.S. and South Korea during the past few months. The attackers involved in these email campaigns leveraged a variety of distribution...

Significant FormBook Distribution Campaigns Impacting the U.S. and South Korea

We observed several high-volume FormBook malware distribution campaigns primarily taking aim at Aerospace, Defense Contractor, and Manufacturing sectors within the U.S. and South Korea during the past few months. The attackers involved in these email campaigns leveraged a variety of distribution...

Tracing Spam: Diet Pills from Beltway Bandits

Reading junk spam messages isn't exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email. Here's the simple story of how a recent spam email advertising celebrity "diet pills" was traced back to a Washington, D.C.-area defense...

Unraveling Turla APT Attack Against Swiss Defense Firm

Ever since hackers targeted Swiss defense contractor RUAG, government officials have been tight lipped about the breach. But on Monday Switzerland’s CERT Computer Emergency Readiness Team spilled the beans on the attack against the firm and the how perpetrators pulled it off. While Monday’s repor...

Fake EFF Site Used in Spear Phishing Campaign

Attackers, possibly associated with the Russian government, registered a phony Electronic Frontier Foundation domain earlier this month in an attempt to dupe users into thinking correspondence from the site was coming from the well-known privacy watchdog. The scheme, largely carried out via spear...

Chinese Hackers Steal Info from top secret U.S military data

QinetiQ, a UK-based defense contractor suffers humiliation as intelligence officials confirmed that China was able to steal the U.S. classified documents and pertinent technological information all this because of QinetiQ's faulty decision-making. QinetiQ North America QQ a world leading defense...

Chinese Hackers Steal Info from top secret U.S military data

QinetiQ, a UK-based defense contractor suffers humiliation as intelligence officials confirmed that China was able to steal the U.S. classified documents and pertinent technological information all this because of QinetiQ's faulty decision-making. QinetiQ North America QQ a world leading defense...

Report: Japan Fesses Up to First Cyber Attack on Defense Industry

Mitsubishi Heavy Industries MHI, Japan’s primary defense contractor, recently suffered a data breach that may be the first major cyber-attack on Japan’s defense industry to be publicly disclosed, according to a report from Reuters. The attack, first discovered in early August, is believed to have...

Military Contractor Mitsubishi hacked

Military Contractor Mitsubishi hacked Mitsubishi Heavy Industries Ltd said on Monday that its computers had been hacked into, with one newspaper saying the target was Japan's biggest defence contractor's factories for submarines, missiles and nuclear power plant components. "There is no possibili...

Pentagon Discloses Massive Data Theft, Lays Out New Security Strategy

A targeted attack on a defense contractor in March of this year resulted in the theft of 24,000 files by an unknown attacker, according to Defense Department officials. The attack, which officials say was the work of a foreign government, would represent one of the more serious known attacks on t...