Judge Dismisses Major SEC Charges Against SolarWinds and CISO 

Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.
The post Judge Dismisses Major SEC Charges Against SolarWinds and CISO  appeared first on Securi… Continue reading Judge Dismisses Major SEC Charges Against SolarWinds and CISO 

Judge dismisses much of SEC suit against SolarWinds over cybersecurity disclosures

The groundbreaking lawsuit’s claims about inadequate disclosures related to the historic Sunburst attack were thrown out Thursday.

The post Judge dismisses much of SEC suit against SolarWinds over cybersecurity disclosures appeared first on CyberScoop.

Continue reading Judge dismisses much of SEC suit against SolarWinds over cybersecurity disclosures

SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures

The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.
The post SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures appeared first on SecurityWeek.
Continue reading SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures

DarkHalo after SolarWinds: the Tomiris connection

We discovered a campaign delivering the Tomiris backdoor that shows a number of similarities with the Sunshuttle malware distributed by DarkHalo APT and target overlaps with Kazuar. Continue reading DarkHalo after SolarWinds: the Tomiris connection

Microsoft warns of Nobelium hackers using FoggyWeb backdoor

By Waqas
Microsoft warns of the FoggyWeb backdoor used by Nobelium, the same hacking group behind SolarWinds supply-chain attacks.
This is a post from HackRead.com Read the original post: Microsoft warns of Nobelium hackers using FoggyWeb backdoor
Continue reading Microsoft warns of Nobelium hackers using FoggyWeb backdoor

SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign

The list of victims keeps growing for the suspected Russian hackers who breached a U.S. federal contractor in order to gather intelligence from throughout the federal government. Autodesk, an American software and security company, said in a recent filing to the U.S. Securities and Exchange Commission that hackers had targeted the firm with the Sunburst malicious software. Cozy Bear, a state-sponsored Russian hacking group, relied on Sunburst to carry out an attack against SolarWinds, an IT firm that spies used as a foothold into targets throughout the government and private sector. In a 10-Q filing to the SEC, Autodesk said it discovered that one of its servers had been compromised, and that it had taken steps to remediate the fallout. The California-based firm makes design software and 3D technology tools for American customers in the architecture, engineering and education sectors. It is only the latest publicly listed company to confirm […]

The post SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign appeared first on CyberScoop.

Continue reading SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign

IT threat evolution Q1 2021

SolarWinds attacks, MS Exchange vulnerabilities, fake adblocker distributing miner, malware for Apple Silicon platform and other threats in Q1 2021. Continue reading IT threat evolution Q1 2021

Detecting CVE-2021-31166 – HTTP vulnerability

By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced many such responses over the last year (see Append… Continue reading Detecting CVE-2021-31166 – HTTP vulnerability

What the Cyber EO means for federal agencies

By Jean Schaffer, Federal CTO, Corelight For those of us who have spent our careers working in cybersecurity, President Biden’s recent “Executive Order on Improving the Nation’s Cybersecurity,” (EO) held no surprises. However, it is a step toward accel… Continue reading What the Cyber EO means for federal agencies

APT trends report Q1 2021

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. Continue reading APT trends report Q1 2021