Collaborate Disseminate
The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.
The post SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures appeared first on SecurityWeek.
Continue reading SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures
We discovered a campaign delivering the Tomiris backdoor that shows a number of similarities with the Sunshuttle malware distributed by DarkHalo APT and target overlaps with Kazuar. Continue reading DarkHalo after SolarWinds: the Tomiris connection
By Waqas
Microsoft warns of the FoggyWeb backdoor used by Nobelium, the same hacking group behind SolarWinds supply-chain attacks.
This is a post from HackRead.com Read the original post: Microsoft warns of Nobelium hackers using FoggyWeb backdoor
Continue reading Microsoft warns of Nobelium hackers using FoggyWeb backdoor
The list of victims keeps growing for the suspected Russian hackers who breached a U.S. federal contractor in order to gather intelligence from throughout the federal government. Autodesk, an American software and security company, said in a recent filing to the U.S. Securities and Exchange Commission that hackers had targeted the firm with the Sunburst malicious software. Cozy Bear, a state-sponsored Russian hacking group, relied on Sunburst to carry out an attack against SolarWinds, an IT firm that spies used as a foothold into targets throughout the government and private sector. In a 10-Q filing to the SEC, Autodesk said it discovered that one of its servers had been compromised, and that it had taken steps to remediate the fallout. The California-based firm makes design software and 3D technology tools for American customers in the architecture, engineering and education sectors. It is only the latest publicly listed company to confirm […]
The post SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign appeared first on CyberScoop.
SolarWinds attacks, MS Exchange vulnerabilities, fake adblocker distributing miner, malware for Apple Silicon platform and other threats in Q1 2021. Continue reading IT threat evolution Q1 2021
By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced many such responses over the last year (see Append… Continue reading Detecting CVE-2021-31166 – HTTP vulnerability
By Jean Schaffer, Federal CTO, Corelight For those of us who have spent our careers working in cybersecurity, President Biden’s recent “Executive Order on Improving the Nation’s Cybersecurity,” (EO) held no surprises. However, it is a step toward accel… Continue reading What the Cyber EO means for federal agencies
This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. Continue reading APT trends report Q1 2021
By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams to ensure that logging is c… Continue reading Extending NDR visibility in AWS IaaS
Microsoft would like you to know that it’s finished investigating the SolarWinds breach, and everything’s just fine. Yeah, right.
The post SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs appeared first on Security Boulevard.
Continue reading SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs