Tag Archive for: Contractor

US defense contractor stored intelligence data on Amazon server without a password

/in

About 28GB of sensitive US intelligence data was discovered on a publicly-accessible Amazon Web Services’ S3 storage bucket. The cache, containing over 60,000 files, was linked to defense and intelligence contractor Booz Allen Hamilton, which was working on a project for the US National Geospatial-Intelligence Agency (NGA). NGA provides satellite and drone surveillance imagery for the Department of Defense and the US intelligence community.

The unsecured data was discovered by Chris Vickery, who now works as a cyber risk analyst for the security firm UpGuard.

According to UpGuard, the “information that would ordinarily require a Top Secret-level security clearance from the DoD was accessible to anyone looking in the right place; no hacking was required to gain credentials needed for potentially accessing materials of a high classification level.”

To read this article in full or to leave a comment, please click here

Network World Security

NSA contractor nabbed for pilfering agency codes – SC Magazine

/in

New York Times

NSA contractor nabbed for pilfering agency codes
SC Magazine
… weapons” obtained by hacking another shadowy organization called Equation Group, which Kaspersky Lab has linked to a variety of malware types, including Stuxnet and Flame, which are associated with attacks supposedly launched by the United States.
NSA Contractor Arrested in Possible New Theft of SecretsNew York Times
Government Contractor Charged with Removal of Classified Materials and Theft of Government Property | USAO-MD …US Department of Justice
N.S.A. Contractor Arrested in Possible New Theft of Secrets A contractor is thought to have taken – T.coT.co

all 306 news articles »

flame malware – read more

Russian spy group adopts new tools to hack defense contractor networks

/in

A Russian cyberespionage group known as Pawn Storm has adopted new tools in an ongoing attack campaign against defense contractors with the goal of defeating network isolation policies.

Pawn Storm, also known as Sofacy, after its primary malware tool, has been active since at least 2007 and has targeted governmental, security and military organizations from NATO member countries, as well as media organizations, Ukrainian political activists and Kremlin critics.

Since August, the group has been engaged in an ongoing attack campaign focused on defense contractors, according to security researchers from Kaspersky Lab.

During this operation, the group has used a new version of a backdoor program called AZZY and a new set of data-stealing modules. One of those modules monitors for USB storage devices plugged into the computer and steals files from them based on rules defined by the attackers.

To read this article in full or to leave a comment, please click here

Network World Security

Russian spy group adopts new tools to hack defense contractor networks – CIO

/in

CIO

Russian spy group adopts new tools to hack defense contractor networks
CIO
Pawn Storm joins other sophisticated cyberespionage groups, like Equation and Flame, that are known to have used malware designed to defeat network air gaps. "Over the last year, the Sofacy group has increased its activity almost tenfold when compared …
Sofacy APT hits high profile targets with updated toolset – SecurelistSecurelist

all 9 news articles »

flame malware – read more