The attackers made changes to software installers available for download from a Vietnam government website. In addition, they added a backdoor to target users of a legitimate application.
The recent supply chain attack has proven to be one of the most damaging attacks of 2020. Several distinct malware families have emerged in relation to the compromise. These include the SUNBURST backdoor, SUPERNOVA, COSMICGALE & TEARDROP.
The digital landscape is far too complex for those who rely on it—us—to monitor all the ways we’re exposed. Major factors determining whether our data will be used against us are completely out of our control.
These extensions installed in more than 8 million users’ browsers accessed a remote server in the background, trying to download malicious code, a process that our security solutions detect as dangerous.
SolarWinds has released an updated security advisory for the additional SuperNova malware discovered to have been distributed through the company’s network management platform.
Before reaching out to its C2 server, SUNBURST performs numerous checks to ensure no analysis tools are present. It checks process names, file write timestamps, and Active Directory (AD) domains before proceeding.
The Sponsors are acquiring the business from previous investors Paladin Capital Group, Grotech Ventures, and other shareholders, and the acquisition follows Goldman Sachs’ and ClearSky’s initial investment in the Company earlier this year.
The list, by Rapid7, is focused on the top offenders for the last half of the year and provides a smoothed trending view (vs. discrete daily counts) to help you make your Naughty/Nice inclusion decisions.
“Cosmin Iordache” is the first bug bounty hunter to earn more than $2,000,000 in bug bounty awards through the vulnerability coordination and bug bounty program HackerOne.
Around 2013, U.S. intelligence began noticing an alarming pattern: Undercover CIA personnel, flying into countries in Africa and Europe for sensitive work, were being rapidly and successfully identified by Chinese intelligence.