Collaborate Disseminate
The seed round was led by 11.2 Capital, with participation from Outlier Venture Capital and multiple Silicon Valley angel investors. The funds will be used to accelerate go-to-market and sales, and grow the R&D team. StrikeReady has built a cloud … Continue reading StrikeReady raises $3.6M to accelerate go-to-market and sales, grow the R&D team
For over a year, Stanislaw Zaryn, a Polish government official, has not been shy about exposing what he says are suspected Russian attempts to interfere in Polish politics. Zaryn has posted screenshots on Twitter of fake accounts and slapped a blaring “Disinformation” label on them. He has called out a forged letter that criticized the U.S. troop presence in Poland. But a study published by security firm FireEye on Wednesday makes clear that the propaganda flagged by Zaryn is but one front in a multi-pronged information operations effort aimed at sowing political discord in multiple NATO countries. FireEye has linked more than 30 such incidents in Lithuania, Latvia, Germany and elsewhere in the last five years to a previously disclosed, ongoing influence campaign it calls Ghostwriter. That includes more than 20 newly discovered Ghostwriter incidents since an initial FireEye report last summer, including one as recent as last month. The […]
The post ‘Ghostwriter’ disinformation campaign rages on as Biden prepares for NATO trip appeared first on CyberScoop.
Continue reading ‘Ghostwriter’ disinformation campaign rages on as Biden prepares for NATO trip
It’s only Wednesday, and it’s already been a banner week for previously unknown exploits in popular security software. Unidentified hackers have exploited three “zero-day,” or newly discovered, vulnerabilities in email software made by SonicWall to access an unnamed victim organization’s network, according to Mandiant, the incident response unit of security firm FireEye. “The adversary leveraged these vulnerabilities, with intimate knowledge of the SonicWall application, to install a backdoor, access files and emails, and move laterally into the victim organization’s network,” Mandiant said in a blog on Tuesday evening. Security fixes are available for the flaws, and SonicWall urged customers to apply them. The news came after Mandiant revealed on Tuesday that suspected Chinese hackers had used bugs in another popular enterprise software made by Pulse Secure to break into government and defense-sector networks. Those breaches followed separate intrusion campaigns allegedly carried out by Russian and Chinese hackers exploiting software made […]
The post Hackers exploit SonicWall email software in a banner week for zero-day flaws appeared first on CyberScoop.
Continue reading Hackers exploit SonicWall email software in a banner week for zero-day flaws
Attackers that seem to have “intimate knowledge” of the SonicWall Email Security product have been discovered leveraging three (at the time) zero-day vulnerabilities in the popular enterprise solution. Exploited in conjunction, the flaws al… Continue reading Hackers found leveraging three SonicWall zero-day vulnerabilities
Two hacking groups, including one with ties to China, have in recent months exploited popular enterprise software to break into defense, financial and public sector organizations in the U.S. and Europe, security firm FireEye warned Tuesday. Attackers are exploiting old vulnerabilities — and one new one — in virtual private networking software made by Pulse Secure. Corporations and governments alike use the technology to manage data on their networks, though it has proven a popular foothold for spies over the years. One of the hacking groups in question uses techniques similar to a Chinese state-backed espionage group, according to FireEye incident response unit Mandiant. “We have also uncovered limited evidence to suggest that [the hacking group] operates on behalf of the Chinese government,” Mandiant said in a blog post. The company did not say, specifically, what evidence it uncovered tying the incident to China. More broadly, Mandiant Senior Vice President and […]
The post State-linked hackers hit American, European organizations with Pulse Secure exploits appeared first on CyberScoop.
IT organizations must shift their enterprise security strategy to detect credential-based attacks before they become a problem. Continue reading Enterprise security attackers are one password away from your worst day
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
A FireEye report outlines critical details on trending attacker techniques and malware, the proliferation of multifaceted extortion and ransomware, preparing for expected UNC2452 / SUNBURST copycat threat actors, growing insider threats, plus pandemic … Continue reading Detection capabilities improve, but ransomware surges on
Around the world, organizations are facing a tremendous increase in cyber risk. A recent research reveals that 31% of companies now experience a cyberattack at least once a day, a trend that’s expected to skyrocket as cybercriminals employ AI and autom… Continue reading How do I select an attack detection solution for my business?