Collaborate Disseminate
Morphisec announced that it raised $31 million in funding led by JVP. Other existing investors, including Orange and Deutsche Telekom Capital Partners, also participated in the funding. Morphisec, deployed on over 7 million endpoints, offers enterprise… Continue reading Morphisec raises $31M to enable business to automatically prevent dangerous cyberattacks
Google today announced that BeyondCorp Enterprise, the zero trust security platform modeled after how Google itself keeps its network safe without relying on a VPN, is now generally available. BeyondCorp Enterprise builds out Google’s existing BeyondCorp Remote Access offering with additional enterprise features. Google describes it as “a zero trust solution that enables secure access with […] Continue reading Google’s BeyondCorp Enterprise security platform is now generally available
A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers … Continue reading Malwarebytes was breached by the SolarWinds attackers
Private sector analysts uncovered new hacking tools thought to be used in a suspected Russian spying operation in the latest example of how, as the investigation into the SolarWinds breach continues, the plot only thickens. Security firm Symantec on Tuesday said it had found previously undocumented malicious code that the attackers used to move through victim networks and then transmit additional malware onto specific computers. The attackers installed the malicious code, dubbed Raindrop, on a handful of carefully chosen computers in an effort to spy on them, according to the latest findings. The discovery underscores the range of tools the accused hackers had at their disposal — some to gain access to computer networks, others to sift through data — in a historic campaign that has infiltrated multiple U.S. federal agencies and consumed investigators at top security firms. U.S. federal investigators have said the hacking campaign is “likely Russian in origin.” Moscow […]
The post Symantec connects another hacking tool to SolarWinds breach appeared first on CyberScoop.
Continue reading Symantec connects another hacking tool to SolarWinds breach
A Chinese government-linked hacking group whose operatives have been indicted by the U.S. and sanctioned by the European Union is suspected in a year-long effort to steal sensitive data from numerous Japanese companies and their subsidiaries, security researchers said Tuesday. The attackers, known as APT10 or Cicada, have been burrowing into the networks of companies in the automotive, pharmaceutical and engineering sectors, according to researchers from antivirus provider Symantec. They have sometimes lingered for months before trying to extract data and have targeted domain controllers, the servers that act as gatekeepers for organizations’ network traffic. While Symantec did not identify specific targets, the company said many of the organizations have links to Japan, or Japanese companies. China and Japan are, respectively, the second and third biggest economies in the world. The two Asian countries have long had territorial disputes, and Japanese organizations have been a frequent target of alleged Chinese cyber-espionage. […]
The post Symantec implicates APT10 in sweeping hacking campaign against Japanese firms appeared first on CyberScoop.
Continue reading Symantec implicates APT10 in sweeping hacking campaign against Japanese firms
One of the most prolific cyber-espionage groups linked to Iran has used old tricks — and perhaps a new hacking tool — in dozens of attempts to breach government and telecommunications operators in the Middle East in recent months, security researchers said Wednesday. The hacking attempts have hit organizations in Iraq, Kuwait, Turkey and the United Arab Emirates, according to researchers at security provider Symantec. Iran has strategic interests in all of those countries. And the attackers appear to be trying to smuggle key data from the organizations they managed to breach. It’s a reminder that while other hacking teams associated with Tehran have gained notoriety for disruptive, data-wiping attacks against Middle East organizations, the group known as MuddyWater, or Seedworm, has been relentless in its spying efforts. “These actors are extremely focused in what they’re doing,” said Vikram Thakur, technical director at Symantec, a division of semiconductor and software maker Broadcom. “They’re not […]
The post ‘MuddyWater’ spies suspected in attacks against Middle East governments, telecoms appeared first on CyberScoop.
Continue reading ‘MuddyWater’ spies suspected in attacks against Middle East governments, telecoms
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or have exploited in attacks. “Most of the vulnerabilities […] can be e… Continue reading 25 vulnerabilities exploited by Chinese state-sponsored hackers
By Sudais Asif
According to Orca Security major vulnerabilities have been found in top vendors like IBM, Dell, Oracle, Cisco, and Symantec Cloud Solutions.
This is a post from HackRead.com Read the original post: Major vulnerabilities found in top virt… Continue reading Major vulnerabilities found in top virtual appliances
Two weeks after someone (allegedly the US Cyber Command) temporarily interrupted the operation of the infamous Trickbot botnet, a coalition of tech companies headed by Microsoft has struck a serious blow against its operators. “We disrupted Trick… Continue reading Microsoft and partners cut off key Trickbot botnet infrastructure
TrickBot’s margin for success just got a lot smaller. The Pentagon’s offensive hacking arm, Cyber Command, has carried out an operation to hinder the ability of TrickBot, one of the world’s largest botnets, from attacking American targets, according to one U.S. government official who spoke to CyberScoop on the condition of anonymity because they were not authorized to discuss the matter. Microsoft also has sought to disrupt the TrickBot botnet, according to Tom Burt, the company’s corporate vice president of customer security and trust. The two operations represented distinct efforts to interrupt a pernicious threat that U.S. government officials say could be used to launch ransomware attacks against IT systems that support the voting process ahead of Election Day. Such an attack against voter registration systems, for instance, could result in confusion, delays or other uncertainties when Americans cast their ballots. As a result of the Microsoft operation, the people behind the TrickBot botnet — […]
The post Cyber Command, Microsoft take action against TrickBot botnet before Election Day appeared first on CyberScoop.
Continue reading Cyber Command, Microsoft take action against TrickBot botnet before Election Day