Collaborate Disseminate
Russian spies have been operating inside countless enterprises and government agencies, thanks to a hack of SolarWinds.
The post SUNBURST: Russia Fingered in ‘Perfect 10’ Supply Chain Attack appeared first on Security Boulevard.
Continue reading SUNBURST: Russia Fingered in ‘Perfect 10’ Supply Chain Attack
Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s customer base, experts say the incident may be just the first of many such disclosures. Continue reading U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise
Hackers breached the Commerce Department, and reportedly have infiltrated the Treasury Department and other U.S. agencies, in incidents that government security officials said on Sunday that they were fighting to contain. “We can confirm there has been a breach in one of our bureaus,” a Commerce Department spokesperson said. The spokesperson added that Commerce has asked the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency “and the FBI to investigate, and we cannot comment further at this time.” Reuters reported that foreign nation-backed hackers have been monitoring email traffic at the Treasury Department and Commerce Department’s National Telecommunications and Information Administration, and the attackers apparently used similar tools to breach other agencies. “The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said John Ullyot, a spokesman for the White House’s National […]
The post Commerce Department breached as Treasury, others reportedly victimized by suspected Russian hackers appeared first on CyberScoop.
A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, July 2020.The standout hack of July 2020, and possibly of the year, was the takeover of 45 celebrity Twit… Continue reading Cyber Security Roundup for August 2020
Organizations from the US, UK and Canada involved in COVID-19 research have been targeted by a hacking group known as APT29. APT, or Advanced Persistent Threat, groups are usually nation-state or state-sponsored groups, working to compromise critical i… Continue reading COVID-19 Research and Vaccine Research Targeted by APT29 Group
The Russia-linked APT29 has set its sights on pharma research in Western nations in a likely attempt to get ahead on a cure for coronavirus. Continue reading Hackers Look to Steal COVID-19 Vaccine Research
The Russian government hacking group known as Cozy Bear or APT29 has been targeting coronavirus vaccine research, U.K., U.S., and Canadian government officials said Thursday morning. The hackers have been trying to breach programs in all three countries, the officials said in a security assessment issued by the U.K.’s National Cyber Security Centre (NCSC). Agencies from the U.S. and Canada contributed to the effort. The hacking is aimed predominantly at “government, diplomatic, think-tank, healthcare and energy targets,” the NCSC said in the assessment. A senior official with the U.S. National Security Agency urged organizations to pay attention to the technical details in the document. “APT29 has a long history of targeting governmental, diplomatic, think-tank, healthcare and energy organizations for intelligence gain so we encourage everyone to take this threat seriously and apply the mitigations issued in the advisory,” NSA Cybersecurity Director Anne Neuberger said in a separate statement. State-backed hackers worldwide are interested in targeting research […]
The post Russian government hackers targeting coronavirus vaccine research, UK, US and Canada warn appeared first on CyberScoop.
One of the Kremlin-linked hacking groups that breached the Democratic National Committee in 2016 has remained active in the years that followed, even if it’s been less visible. Cozy Bear, also known as APT29 and the Dukes, began using different malicious software and new hacking techniques after 2016, according to findings published Thursday by the Slovakian security firm ESET. There wasn’t much public evidence of the group’s activity, but researchers say it did not go quiet after interfering in the U.S. presidential election. The hackers targeted U.S. think tanks in 2017, defense contractors in 2018 and three European countries’ ministries of foreign affairs. (The U.S. security firm FireEye suggested in November that Cozy Bear was showing signs of activity.) “Our new research shows that even if an espionage group disappears from public reports for many years, it may not have stopped spying,” ESET said in its report. “The Dukes were able […]
The post Cozy Bear kept moving after 2016 election, ESET says appeared first on CyberScoop.
Continue reading Cozy Bear kept moving after 2016 election, ESET says
During a controversial phone call between President Donald Trump and Ukrainian President Volodymyr Zelenskiy in July, Trump asked Zelensky for a “favor” to help locate a “server” linked with security company CrowdStrike, according to an unclassified transcript of the call released Wednesday. “I would like you to do us a favor though because our country has been through a lot and Ukraine knows a lot about it. I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike … I guess you have one of your wealthy people … The server, they say Ukraine has it,” Trump said, according the document released by the White House. “I think you’re surrounding yourself with some of the same people. I would like to have the [U.S.] Attorney General [William Barr] call you or your people and I would like you to get to the bottom […]
The post Why did President Trump mention CrowdStrike to the Ukrainian president? appeared first on CyberScoop.
Continue reading Why did President Trump mention CrowdStrike to the Ukrainian president?
Microsoft has notified 10,000 customers in the past year that they have been the brunt of nation-state cyberattacks — some of which were successful — from Iran, North Korea, and Russia, Microsoft announced Wednesday. “This data demonstrates the significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics or achieve other objectives,” Tom Burt, corporate vice president of customer security & trust at Microsoft, wrote in a blog post on the matter. Microsoft has linked the attacks with a group linked with Iran broadly known as APT 33, with a group from North Korea known as APT 38, as well as two groups linked with Russia, APT 28 and APT 29, which Microsoft dubs Strontium and Yttrium respectively. APT 28 was behind the intrusions at the Democratic National Committee. Some of the attacks observed appear to be related to U.S. politics and […]
The post 10,000 Microsoft customers targeted by nation-state attacks in the last year appeared first on CyberScoop.
Continue reading 10,000 Microsoft customers targeted by nation-state attacks in the last year