Only 3 agencies have hit deadline for cyber event logging standards, GAO finds

The Department of Agriculture, the National Science Foundation and the Small Business Administration are the only CFO Act agencies that met OMB’s August 2023 timeline for the implementation of enhanced logging requirements.

The post Only 3 agencies have hit deadline for cyber event logging standards, GAO finds appeared first on CyberScoop.

Continue reading Only 3 agencies have hit deadline for cyber event logging standards, GAO finds

SolarWinds Threat Actors Behind New Email Attack Campaign

The threat actors behind last year’s SolarWinds supply chain attack have launched a new email attack campaign aimed at organizations around the world. This attack wave attracted the attention of the Microsoft Threat Intelligence Center (MSTIC) on … Continue reading SolarWinds Threat Actors Behind New Email Attack Campaign

SolarWinds hackers targeting 24 countries with NativeZone backdoor

By Waqas
Microsoft has disclosed that the SolarWinds hackers or SolarWinds supply chain attack-fame threat actors are back in action.
This is a post from HackRead.com Read the original post: SolarWinds hackers targeting 24 countries with NativeZone bac… Continue reading SolarWinds hackers targeting 24 countries with NativeZone backdoor

SolarWinds hackers are behind a widespread phishing campaign impersonating USAID, Microsoft says

The same Russian spies who exploited SolarWinds software to infiltrate U.S. government agencies have in the last week launched a phishing campaign that aimed to hack some 150 organizations in 24 countries, Microsoft said Thursday. The suspected Russian hackers have posed as the U.S. Agency for International Development, a government agency that funds aid projects around the world, to target some 3,000 individual accounts in a blitz of phishing emails since May 25, Microsoft said in a blog post. The majority of the target organizations are in the U.S., and at least a quarter of them work in international development, humanitarian aid and human rights, Microsoft said. The hackers blasted out the nefarious messages by using a breached account that USAID uses to send marketing emails, according to Tom Burt, Microsoft’s corporate vice president for customer security and trust. A USAID spokesperson said that a forensic investigation into the breach […]

The post SolarWinds hackers are behind a widespread phishing campaign impersonating USAID, Microsoft says appeared first on CyberScoop.

Continue reading SolarWinds hackers are behind a widespread phishing campaign impersonating USAID, Microsoft says

Cozy Bear revisits one of its greatest hits, researchers say: election skulduggery

It looks like the Russian government-linked hacking group Cozy Bear is back in the election trickery business. The security firm Volexity publicized a spearphishing campaign on Thursday that it identified only days ago, a scheme that uses an election fraud document as a lure. The emails purport to be from the the United States Agency for International Development, with targets including government agencies, research institutions and nongovernmental organizations in the U.S. and Europe. Volexity said it had concluded, with moderate confidence, that Cozy Bear — the group also known as APT29 or the Dukes — was behind the emails. If true, it would be a return to an old favorite subject for Cozy Bear, which the U.S. government and others implicated in the 2016 hacks of the Democratic National Committee and Hillary Clinton’s presidential campaign, among other election interference efforts. More recently, Cozy Bear has garnered attention from the Biden […]

The post Cozy Bear revisits one of its greatest hits, researchers say: election skulduggery appeared first on CyberScoop.

Continue reading Cozy Bear revisits one of its greatest hits, researchers say: election skulduggery

Facebook Lotteries to Avoid – with help from AA419

This morning I received a tip from one of the top West African fraud experts in the world, Derek Smythe from AA419. Derek and his team had been in communication with several victims of a “Poker Lottery” scam and had documented a set of linked domains… Continue reading Facebook Lotteries to Avoid – with help from AA419