Collaborate Disseminate
Sources said the DoE suffered “damage” in the attack, which also likely extends beyond the initially known SolarWinds Orion attack vector. Continue reading Nuclear Weapons Agency Hacked in Widening Cyberattack – Report
Two malicious software building blocks that could be baked into web applications prey on unsuspecting users. Continue reading RubyGems Packages Laced with Bitcoin-Stealing Malware
Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack. Continue reading The SolarWinds Perfect Storm: Default Password, Access Sales and More
A poorly configured file opens users up to site takeover. Continue reading Easy WP SMTP Security Bug Can Reveal Admin Credentials
Industrial, factory and medical gear remain largely unpatched when it comes to the URGENT/11 and CDPwn groups of vulnerabilities. Continue reading Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure
The insider threat will go to jail for two years after compromising Cisco’s cloud infrastructure. Continue reading Ex-Cisco Employee Convicted for Deleting 16K Webex Accounts
The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort. Continue reading DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report
The malware takes aim at PostgreSQL database servers with never-before-seen techniques. Continue reading PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers
Attackers are targeting students and faculty alike with malware, phishing, DDoS, Zoom bombs and more, the FBI and CISA said. Continue reading Feds: K-12 Cyberattacks Dramatically on the Rise
The threat group is increasing its espionage activity in light of the current political climate and recent events in the Middle East, with two new backdoors. Continue reading MoleRats APT Returns with Espionage Play Using Facebook, Dropbox