U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

“Restricted” NATO manual accidentally leaked to boat operators

Incredible, secret plans for NATO exercise Joint Warrior 161 were accidentally sent to Scottish fishermen and ferry operators emails. During the First World War, allied forces were able to read a lot of German radio traffic because of codebooks falling into allied hands.  Eerily reminiscent of those days, NATO forces recently ran into a similar scenario, […]

NATO iphone

Incredible, secret plans for NATO exercise Joint Warrior 161 were accidentally sent to Scottish fishermen and ferry operators emails.

During the First World War, allied forces were able to read a lot of German radio traffic because of codebooks falling into allied hands.  Eerily reminiscent of those days, NATO forces recently ran into a similar scenario, however, through their own missteps.

Instead of being retrieved during a state of war and capture, plans for NATO exercise Joint Warrior 161 were accidentally sent to Scottish fishermen and ferry operators emails.

In an age where tensions are rising, justifiably or not, between NATO and Russia, the loss of the information teaches us lessons.

Security personnel needs to be especially concerned when transmitting sensitive information.  In the case of Joint Warrior 161, codewords, ciphers, coordinates, and radio frequencies were released.  Security experts need to assume there is someone attempting to gain access to sensitive information.  Whether that information is security secrets of a country/alliances military or the intellectual property associated with a new product coming to market, there is always someone attempting to get that information.

Despite a Ministry of Defence (MoD) spokesperson claiming there was “no impact to the public, military personnel, or units participating in the exercise”, at what point does one ask if other potential breaches have gone unreported or even undiscovered?  Reports show there is an under-reporting of breaches of sensitive information.  While we see the major scenarios like the Office of Personnel Management (OPM), Target, or Home Depot, most breaches go unreported because of concerns over company reputation.

NATO microsoft

All personnel of an organization needs to understand they have a part to play in the security of sensitive information – whether military secrets or company intellectual property.  Security personnel has a major role in ensuring the culture at an organization understands the procedures and levels of sensitive information that needs to be protected.  While humans are our weakest link in the security chain, learning from incidents and regularly reviewing procedures and identifying sensitive information for protection.

Dave Snell, a retired naval officer, is a Security Professional with twenty years of experience working cyber intelligence, project management, and counter-terrorism operations.

Written by: Dave Snell

Author Bio: Dave Snell, a retired naval officer, is a Security Professional with twenty years of experience working cyber intelligence, project management, and counter-terrorism operations. 

Edited by Pierluigi Paganini

(Security Affairs –  NATO Manual, data leakage)