Browsing category
Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. “A small subset of our source code repositories for internal tooling for our [Managed Detection and Response] service […]
The ransomware attack against Colonial Pipeline’s networks has prompted the U.S. Federal Motor Carrier Safety Administration (FMCSA) to issue a regional emergency declaration in 17 states and the District of Columbia (D.C.). The declaration provides a temporary exemption to Parts 390 through 399 of the Federal Motor Carrier Safety Regulations (FMCSRs), allowing alternate transportation of […]
Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyber attacks. “On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack,” the company said in […]
Cyber operatives affiliated with the Russian Foreign Intelligence Service (SVR) have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. “SVR cyber operators appear to have reacted […] by changing their TTPs in an […]
An unknown threat actor with the capabilities to evolve and tailor its toolset to target environments infiltrated high-profile organizations in Asia and Africa with an evasive Windows rootkit since at least 2018. Called ‘Moriya,’ the malware is a “passive backdoor which allows attackers to inspect all incoming traffic to the infected machine, filter out packets […]
A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines for the naval arm of the Russian Armed Forces. The phishing attack, which singled out a general director working at the Rubin Design Bureau, leveraged the infamous “Royal Road” […]
An adversary known for its watering hole attacks against government entities has been linked to a slew of newly detected intrusions targeting various organizations in Central Asia and the Middle East. The malicious activity, collectively named “EmissarySoldier,” has been attributed to a threat actor called LuckyMouse, and is said to have happened in 2020 with […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI) on Monday published a new joint advisory as part of their latest attempts to expose the tactics, techniques, and procedures (TTPs) adopted by the Russian Foreign Intelligence Service (SVR) in its attacks targeting the U.S […]
The sprawling SolarWinds cyberattack which came to light last December was known for its sophistication in the breadth of tactics used to infiltrate and persist in the target infrastructure, so much so that Microsoft went on to call the threat actor behind the campaign “skillful and methodic operators who follow operations security (OpSec) best practices […]
Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware. The social media giant attributed the attacks to a network connected to the Preventive Security Service (PSS), the security apparatus of the State of Palestine, and another […]
If Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability (CVE-2021-22893) that is currently being exploited in the wild and for which there is no patch available yet. At least two threat actors have been behind a series of intrusions […]
The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with “high confidence” to government operatives working for Russia’s Foreign Intelligence Service (SVR). “Russia’s pattern of malign behaviour around the world – whether in cyberspace, in election interference or in the aggressive operations of their intelligence services […]
The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade internal systems long enough to gain access to the source code of the victim. Because of the far-reaching SolarWinds deployments, the perpetrators were also able to infiltrate many other organizations, looking for […]
An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous techniques used by the threat actor as well as based on its pattern of victimology. APT34 […]
Unpatched Fortinet VPN devices are being targeted in a series of attacks against industrial enterprises in Europe to deploy a new strain of ransomware called “Cring” inside corporate networks. At least one of the hacking incidents led to the temporary shutdown of a production site, said cybersecurity firm Kaspersky in a report published on Wednesday, […]
Anyone who has ever owned a piece of exercise equipment knows there’s a huge difference between having it and, well, actually using it. The same principle applies to business intelligence (BI) and data analytics at an enterprise level. Deploying some form of analytics software is a strong start, but it’s wishful thinking to believe employees […]
IT giant Cognizant Technology Solutions Corp. On Saturday, he confirmed that he was the victim of the Maze Ransomware Cyber Attack, which led to disruptions to its customer service. “Cognizant can confirm that a security incident related to our internal systems and leading to interruptions in the service of some of our customers is the […]
Social engineering attacks are not becoming common against corporate organizations and SMBs but are also getting increasingly advanced. With hackers adopting smarter methods for trapping employees and individuals into giving up their valuable data, enterprises must use considerable efforts to stay two steps forward of the cybercriminals. These attacks usually involve some psychological manipulation to […]
When it comes to strengthening the current cybersecurity practices employed in organizations today, one of the most significant steps that security teams can take is to amalgamate modern technologies into an enterprise’s cybersecurity infrastructure. Typically, organizations tend to rely on technologies such as artificial intelligence and machine learning – both of which have taken the […]
A malicious code exploited a newly fixed zero-day flaw in the Google Play store that affects multiple Android devices, including Pixel phones from Google. Tracked as CVE-2019-2215, Google Project Zero security researcher Maddie Stone announced the bug as a zero-day in October. The error could contribute to an exploitable accident, a use-free in the binder […]
A new variant of Vega ransomware family, dubbed Zeppelin, has recently been spotted in the wild targeting technology and healthcare companies across Europe, the United States, and Canada. However, if you reside in Russia or some other ex-USSR countries like Ukraine, Belorussia, and Kazakhstan, breathe a sigh of relief, as the ransomware terminates its operations […]