supply-chain attack – Page 4

SSDF: The Key to Defending Against Supply Chain Cyberattacks

Posted on August 23, 2021 by David Bisson

For reasons we all know, software supply chain attacks took on new meaning near the end of 2020. This hasn’t changed over this year. One of the best modern ways to combat these cyberattacks is to integrate a secure software development framework (SSDF) into a vendor’s software development life cycle (SDLC). Why is this such […]

The post SSDF: The Key to Defending Against Supply Chain Cyberattacks appeared first on Security Intelligence.

Continue reading SSDF: The Key to Defending Against Supply Chain Cyberattacks→

IT threat evolution Q2 2021

Posted on August 12, 2021 by David Emm

Ferocious Kitten, TunnelSnake, PuzzleMaker and other threat actors, zero-day vulnerabilities, ransomware and banking Trojans – check out our review of Q2 2021. Continue reading IT threat evolution Q2 2021→

Supply Chain Security – Not As Easy As it Looks

Posted on August 6, 2021 by Mark Rasch

The massive exploit of SolarWinds is a prime example of what is called a “supply chain” vulnerability. The vast majority of those impacted by the Russian SolarWinds attack probably had never even heard of the company SolarWinds, and did not realize th… Continue reading Supply Chain Security – Not As Easy As it Looks→

Kaseya Starts Recovery After REvil Attack

Posted on July 6, 2021 by Michael Vizard

Kaseya is now reporting the software-as-a-service (SaaS) instance of its Virtual System Administrator (VSA) platform will be back online sometime between 4:00 p.m. and 7:00 p.m. EST today. It expects the on-premises editions of VSA to be patched withi… Continue reading Kaseya Starts Recovery After REvil Attack→

REvil Makes Monkeys out of Kaseya Customers

Posted on July 6, 2021 by Richi Jennings

Over the long weekend, a huge ransomware attack emerged. Kaseya seems to have been the common component.
The post REvil Makes Monkeys out of Kaseya Customers appeared first on Security Boulevard.
Continue reading REvil Makes Monkeys out of Kaseya Customers→

REvil ransomware attack against MSPs and its clients around the world

Posted on July 5, 2021 by Kaspersky

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers. Continue reading REvil ransomware attack against MSPs and its clients around the world→

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

Posted on December 23, 2020 by Tara Seals

The nation-state actor is looking to speed up vaccine development efforts in North Korea. Continue reading Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack→

How we protect our users against the Sunburst backdoor

Posted on December 23, 2020 by Kaspersky

The detection logic has been improved in all our solutions to ensure our customers protection. We continue to investigate cyberattack on SolarWinds and we will add additional detection once they are required. Continue reading How we protect our users against the Sunburst backdoor→

Sunburst: connecting the dots in the DNS requests

Posted on December 18, 2020 by Igor Kuznetsov

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs. Continue reading Sunburst: connecting the dots in the DNS requests→

Best of 2020: The SolarWinds Supply Chain Hack: What You Need to Know

Posted on December 18, 2020 by Tony Howlett

As we close out 2020, we at Security Boulevard wanted to highlight the five most popular articles of the year. Following is the first in our series of the Best of 2020. Just when you thought we had the last major hack of 2020 with the FireEye incident… Continue reading Best of 2020: The SolarWinds Supply Chain Hack: What You Need to Know→