New infosec products of the week: May 7, 2021

Assessing third-party security controls with Panorays Smart Questionnaires Unlike manual security questionnaires, Smart Questionnaires include only the questions that are relevant for each supplier based on the business relationship context. Customers … Continue reading New infosec products of the week: May 7, 2021

Mandiant Managed Defense now supports Microsoft Defender for Endpoint

FireEye announced that Mandiant Managed Defense, Mandiant’s managed detection and response service, now supports Microsoft Defender for Endpoint. This integration reflects the Mandiant strategy to augment security teams with actionable intelligence fro… Continue reading Mandiant Managed Defense now supports Microsoft Defender for Endpoint

Hacking group exploited SonicWall zero-day for ransomware attacks, FireEye says

A hacking group exploited a SonicWall zero-day software flaw before a fix was available in order to deploy a previously unreported ransomware strain, FireEye researchers said Thursday. The disclosure of the ransomware comes one week after FireEye revealed three previously unknown vulnerabilities in SonicWall’s email security software. But the latest hacking tool emerges from an earlier zero-day  found in SonicWall’s mobile networking gear. Mandiant, FireEye’s incident response unit, dubbed the malware FiveHands, which bears similarities to another hacking tool, dubbed HelloKitty, that attackers deployed against a video game company. The security firm linked it to a group they call UNC2447. “UNC2447 monetizes intrusions by extorting their victims first with FIVEHANDS ransomware followed by aggressively applying pressure through threats of media attention and offering victim data for sale on hacker forums,” reads a blog post from the company. “UNC2447 has been observed targeting organizations in Europe and North America and has […]

The post Hacking group exploited SonicWall zero-day for ransomware attacks, FireEye says appeared first on CyberScoop.

Continue reading Hacking group exploited SonicWall zero-day for ransomware attacks, FireEye says

Task Force Seeks to Disrupt Ransomware Payments

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes. Continue reading Task Force Seeks to Disrupt Ransomware Payments

StrikeReady raises $3.6M to accelerate go-to-market and sales, grow the R&D team

The seed round was led by 11.2 Capital, with participation from Outlier Venture Capital and multiple Silicon Valley angel investors. The funds will be used to accelerate go-to-market and sales, and grow the R&D team. StrikeReady has built a cloud … Continue reading StrikeReady raises $3.6M to accelerate go-to-market and sales, grow the R&D team

StrikeReady raises $3.6M to accelerate go-to-market and sales, grow the R&D team

The seed round was led by 11.2 Capital, with participation from Outlier Venture Capital and multiple Silicon Valley angel investors. The funds will be used to accelerate go-to-market and sales, and grow the R&D team. StrikeReady has built a cloud … Continue reading StrikeReady raises $3.6M to accelerate go-to-market and sales, grow the R&D team

‘Ghostwriter’ disinformation campaign rages on as Biden prepares for NATO trip

For over a year, Stanislaw Zaryn, a Polish government official, has not been shy about exposing what he says are suspected Russian attempts to interfere in Polish politics. Zaryn has posted screenshots on Twitter of fake accounts and slapped a blaring “Disinformation” label on them. He has called out a forged letter that criticized the U.S. troop presence in Poland. But a study published by security firm FireEye on Wednesday makes clear that the propaganda flagged by Zaryn is but one front in a multi-pronged information operations effort aimed at sowing political discord in multiple NATO countries. FireEye has linked more than 30 such incidents in Lithuania, Latvia, Germany and elsewhere in the last five years to a previously disclosed, ongoing influence campaign it calls Ghostwriter. That includes more than 20 newly discovered Ghostwriter incidents since an initial FireEye report last summer, including one as recent as last month. The […]

The post ‘Ghostwriter’ disinformation campaign rages on as Biden prepares for NATO trip appeared first on CyberScoop.

Continue reading ‘Ghostwriter’ disinformation campaign rages on as Biden prepares for NATO trip

Hackers exploit SonicWall email software in a banner week for zero-day flaws

It’s only Wednesday, and it’s already been a banner week for previously unknown exploits in popular security software. Unidentified hackers have exploited three “zero-day,” or newly discovered, vulnerabilities in email software made by SonicWall to access an unnamed victim organization’s network, according to Mandiant, the incident response unit of security firm FireEye. “The adversary leveraged these vulnerabilities, with intimate knowledge of the SonicWall application, to install a backdoor, access files and emails, and move laterally into the victim organization’s network,” Mandiant said in a blog on Tuesday evening. Security fixes are available for the flaws, and SonicWall urged customers to apply them. The news came after Mandiant revealed on Tuesday that suspected Chinese hackers had used bugs in another popular enterprise software made by Pulse Secure to break into government and defense-sector networks. Those breaches followed separate intrusion campaigns allegedly carried out by Russian and Chinese hackers exploiting software made […]

The post Hackers exploit SonicWall email software in a banner week for zero-day flaws appeared first on CyberScoop.

Continue reading Hackers exploit SonicWall email software in a banner week for zero-day flaws

Hackers found leveraging three SonicWall zero-day vulnerabilities

Attackers that seem to have “intimate knowledge” of the SonicWall Email Security product have been discovered leveraging three (at the time) zero-day vulnerabilities in the popular enterprise solution. Exploited in conjunction, the flaws al… Continue reading Hackers found leveraging three SonicWall zero-day vulnerabilities

State-linked hackers hit American, European organizations with Pulse Secure exploits

Two hacking groups, including one with ties to China, have in recent months exploited popular enterprise software to break into defense, financial and public sector organizations in the U.S. and Europe, security firm FireEye warned Tuesday.   Attackers are exploiting old vulnerabilities — and one new one — in virtual private networking software made by Pulse Secure. Corporations and  governments alike use the technology to manage data on their networks, though it has proven a popular foothold for spies over the years. One of the hacking groups in question uses techniques similar to a Chinese state-backed espionage group, according to FireEye incident response unit Mandiant. “We have also uncovered limited evidence to suggest that [the hacking group] operates on behalf of the Chinese government,” Mandiant said in a blog post. The company did not say, specifically, what evidence it uncovered tying the incident to China. More broadly, Mandiant Senior Vice President and […]

The post State-linked hackers hit American, European organizations with Pulse Secure exploits appeared first on CyberScoop.

Continue reading State-linked hackers hit American, European organizations with Pulse Secure exploits