Collaborate Disseminate
The U.S. Government has set up a cross-agency ransomware task force, a hub for ransomware resources, and is offering $10 million for information on state-sponsored cyber attackers. “Ransomware is a long-standing problem and a growing national sec… Continue reading U.S. Government sets up ransomware task force, offers $10 million reward for info
Have you noticed that lately we’ve been hearing more about in-the-wild attacks exploiting 0-day vulnerabilities? “Halfway into 2021, there have been 33 0-day exploits used in attacks that have been publicly disclosed this year — 11 more tha… Continue reading Explosion of 0-day exploits: The bad news and the good news
Belgium’s Federal Public Service Interior (i.e., the country’s Interior Ministry) has suffered a “complex, sophisticated and targeted cyberattack.” What happened? When Microsoft released out-of-band security updates for Exchange… Continue reading Belgium’s Interior Ministry uncovers 2-year-long compromise of its network
Attackers have been exploiting several old and one zero-day vulnerability (CVE-2021-22893) affecting Pulse Connect Secure (PCS) VPN devices to breach a variety of defense, government, and financial organizations around the world, Madiant has warned on … Continue reading Attackers are exploiting zero-day in Pulse Secure VPNs to breach orgs (CVE-2021-22893)
A majority of businesses surveyed for a study by the Economist Intelligence Unit (EIU) and the Cybersecurity Tech Accord, see state-led and sponsored cyberattacks as a major threat. They are concerned about catastrophic reputational and financial conse… Continue reading Most businesses see state-sponsored cyberattacks as a major threat
Another group of state-sponsored hackers has exploited the ubiquity of SolarWinds software to target US government agencies, Reuters reported on Tuesday. State-sponsored hackers have a taste for SolarWinds? Unlike the alleged Russian attackers who inse… Continue reading SolarWinds Orion exploited by another group of state-sponsored hackers
Over the past few months, hackers have been trying to surreptitiously backdoor the computer systems of a number of security researchers working on vulnerability research and development at different companies and organizations, the Google Threat Analys… Continue reading Security researchers targeted by North Korean hackers
The Administrative Office (AO) of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds attackers. In related news, SolarWinds has hired former CISA director Chris Krebs… Continue reading Sealed U.S. court records possibly accessed by SolarWinds attackers
Microsoft has confirmed that it, too, is among the companies who have downloaded the compromised SolarWinds Orion updates, but that they have isolated and removed them. “We have not found evidence of access to production services or customer data… Continue reading Microsoft was also a victim of the SolarWinds supply chain hack
A “highly sophisticated” hacking group has breached the U.S. Treasury Department, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA), other government agencies and private sector compan… Continue reading Hackers breached U.S. government agencies via compromised SolarWinds Orion software