Collaborate Disseminate
We’re still learning the full extent of the SolarWinds supply chain attacks. On January 11, for instance, researchers published a technical breakdown of a malicious tool detected as SUNSPOT that was employed as part of the infection chain involvin… Continue reading SolarWinds Attacks Highlight Importance of Operation-Centric Approach
Working in the cloud has many advantages. But to handle your information safely, you should know how to defend against the common problem of misconfigurations leaving cloud data open to thieves. What are the Benefits of Cloud Computing? Many groups are expanding their use of the cloud. In November 2019, Gartner announced its prediction that […]
The post Misconfigurations: A Hidden but Preventable Threat to Cloud Data appeared first on Security Intelligence.
Continue reading Misconfigurations: A Hidden but Preventable Threat to Cloud Data
In the middle of December, IT management software provider SolarWinds revealed in a security advisory that it had fallen victim to a sophisticated supply chain attack. The offensive involved the placement of a backdoor known as SUNBURST into versi… Continue reading Contextualizing Microsoft’s Source Code Exposure in the SolarWinds Attacks
In the middle of December, IT management software provider SolarWinds revealed in a security advisory that it had fallen victim to a sophisticated supply chain attack. The offensive involved the placement of a backdoor known as SUNBURST into versi… Continue reading Contextualizing Microsoft’s Source Code Exposure in the SolarWinds Attacks
This holiday season, many people will turn to charities to give back. The last thing they want to do is give money to scammers instead of a cause they truly support. According to the FBI’s website, charity fraud rises during the holidays, when people choose to make end-of-year tax deductible gifts. “Seasonal charity scams can […]
The post How to Not Fall for a Charity Scam This Holiday Season appeared first on Security Intelligence.
Continue reading How to Not Fall for a Charity Scam This Holiday Season
Security researchers observed a politically motivated APT called “Molerats” using three new malware variants to conduct espionage in the Middle East.
The post Molerats APT: New Malware and Techniques in Middle East Espionage Campaign appeared firs… Continue reading Molerats APT: New Malware and Techniques in Middle East Espionage Campaign
Digital attackers launched a new ransomware campaign dubbed “PLEASE_READ_ME” in an effort to target MySQL servers. Guardicore first spotted the attack back in January 2020. After that, it witnessed a total of 92 attacks emanate from 11 IP addresses, wi… Continue reading PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers
Security researchers detected a new spear-phishing attack that’s using an exact domain spoofing tactic in order to impersonate Microsoft. On December 7, IRONSCALES revealed that it had spotted the campaign targeting Office 365 users. Those users primar… Continue reading New Microsoft Spear-Phishing Attack Uses Exact Domain Spoofing Tactic
The Phorpiex botnet earned the notorious designation of “most wanted malware” for the month of November 2020. In its Global Threat Index for November 2020, Check Point Research revealed that it had observed a surge in new Phorpiex botnet infections tha… Continue reading Phorpiex Botnet Named “Most Wanted Malware” in November 2020
Mercy Health revealed that it had fired an employee who was responsible for an insider breach involving its systems. On December 4, Mercy Health posted a notice informing its patients of a medical records incident that had occurred earlier in the year…. Continue reading Mercy Health Fired Employee Responsible for Insider Breach