Hackers Achieve Widespread Penetration Of Defense Contractors

Uploaded on 2021-11-21 in TECHNOLOGY--Hackers, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

Suspected foreign hackers have breached 9 organisations in the defense, energy, health care, technology and education sectors, and at least one of those organisations is in the US, according to the security experts at Palo Alto NetworksThe FBI, CISA, and US Coast Guard Cyber Command  (CGCYBER)  have reports of malicious cyber actors using hacking to gain access to several different organisations in the US and overseas.

With the help of the National Security Agency, Palo Alto Networks' researchers have exposed an ongoing effort by these unidentified hackers to steal key data from US defense contractors and other sensitive targets.

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a warning that advanced persistent threat (APT) actors were actively exploiting newly identified vulnerabilities in a self-service password management and single sign-on solution known as ManageEngine ADSelfService Plus.  

Hackers were observed deploying a specific webshell and other techniques to maintain persistence in victim environments and also successful attacks against the same organisation was happening.

Officials from the NSA and the US Cybersecurity and Infrastructure Security Agency (CISA) are tracking the threat. A division of the NSA responsible for mitigating foreign cyber threats to the US defense industrial base contributed analysis to the Palo Alto Networks report. Cyber security firm Mandiant / FireEye said earlier this year that Chinese hackers are exploiting different software vulnerabilities to break into defense, financial and public sector organisations in the US and Europe.

US defense contractors are a high value and frequent target for foreign hackers, although the NSA and CISA have so far declined to comment on the hackers's origin and identity.

CISA and the FBI has recently warned that hackers were exploiting the software flaw and urged organisations to update their systems. A few days later, the hackers tracked by Palo Alto Networks scanned 370 computer servers running the software in the US alone, and then began to exploit the software.

CERT-CISA:       CNN:      Palo Alto Networks:     Microsoft

You Might Also Read:

Cyber Attacks May Lead To A “shooting war”:

 

« 123456 Is Not A Password
Nobelium - Long Term Threat Activity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Viavi Solutions

Viavi Solutions

Viavi Solutions is a global leader in both network and service enablement and optical security performance products and solutions.

Tevora

Tevora

Tevora is a specialized management consultancy focused on cyber security, risk, and compliance services.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

BlueFiles

BlueFiles

BlueFiles enables users to send encrypted files securely while maintaining full control over recipients, access periods, downloads, and printing.

Sixgill

Sixgill

Sixgill, an IoT sensor platform company, builds the universal data service and smart process automation software allowing any organization to effectively govern its IoE assets.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

Inceptus

Inceptus

Inceptus is a next generation Managed Security Service Provider (MSSP). We are dedicated to keeping our customers safe, secure and protected while doing business on the Internet.

Axur

Axur

Discover and eliminate digital fraud and risks on the web. Utilize Axur’s entire AI potential, along with thousands of bots dispersed throughout the surface web as well as the deep and dark web.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

NGN International

NGN International

NGN International is a full-fledged systems integrator and managed security services provider established in 2015 in Bahrain.

Artifice Security

Artifice Security

Artifice Security will demonstrate real-world attacks on your network, web applications, infrastructure, and personnel to expose your hidden security risks.

Lansweeper

Lansweeper

Lansweeper is an IT Asset Management platform provider helping businesses better understand, manage and protect their IT devices and network.

Gilsbar

Gilsbar

For more than half a century, Gilsbar has offered insurance service solutions and support for businesses and their employees.

Boltonshield

Boltonshield

Boltonshield provide a unique and proactive approach to cyber defence with managed security services, integrated technologies, and a team of security experts, ethical hackers and analysts.