![]() Victor Zhora, deputy chairman and chief digital transformation officer at Ukraine's State Service of Special Communication and Information Protection (SSSCIP)-effectively Kyiv's cybersecurity lead-said at Black Hat that Russian cyber ops would continue long after the end of kinetic combat. Cyber phases of Russia's hybrid war (as seen by Ukraine). Pyongyang seems to have welcomed Russia's friendly overtures, but a growing comradely spirit is no match for the advantages the DPRK sees in industrial espionage. The apparent industrial espionage wasn't deterred by Russia's attempts to cultivate closer relations with Pyongyang, which it views as a potential supplier of ammunition and other matériel for the war against Ukraine. Reuters reports that North Korean operators have successfully penetrated NPO Mashinostroyeniya, a rocket design bureau headquartered in a Moscow suburb. North Korean cyberespionage against a Russian aerospace firm. The incident complicated US-Japanese defense cooperation, especially intelligence-sharing, which has grown closer as China adopts an increasingly assertive policy in East Asia. and Japanese officials interviewed, who spoke on the condition of anonymity because of the matter’s sensitivity." Reuters says that Japan was unable or unwilling to confirm whether information had been compromised. officials, who were among a dozen current and former U.S. "The hackers had deep, persistent access and appeared to be after anything they could get their hands on - plans, capabilities, assessments of military shortcomings, according to three former senior U.S. The Washington Post reports, on the basis of recently obtained information from US and Japanese sources, that in the fall of 2020 the US NSA discovered a major Chinese penetration of classified Japanese defense networks. 2020 Chinese penetration of Japan's defense networks reported. That exploitation continues illustrates the complexity and interdependence of software supply chains, and of the difficulty of getting users to patch promptly and effectively. On May 30th it had learned enough to issue a warning, and on May 31st Progress made a patch available. Progress realized something was amiss and began investigating on May 28th. The Cl0p gang began exploiting Progress Software's MOVEit on May 27th. Reuters puts the tally of organizations breached in ways traceable to MOVEit vulnerability exploitation at six-hundred and counting, and cites experts who say that many more breaches, possibly thousands more, are likely in the future. MOVEit-connected supply chain issues aren't over. Cyberespionage: China, Russia, and North Korea. ![]() The fate and effects of a supply chain compromise. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |