The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US DoJ, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices.
Node.js has released updates for a high severity vulnerability that could be exploited by attackers to corrupt the process and cause unexpected behaviors, such as application crashes and potentially remote code execution (RCE).
PetitPotam is the name assigned to a vulnerability that can be exploited by an unauthenticated attacker to get a targeted server to connect to an arbitrary server and perform NTLM authentication.
RiskIQ said in a report that it uncovered active hacking infrastructure that Western governments attributed last summer to the Russian SVR intelligence agency-linked APT29 or Cozy Bear, which it used at the time to try to steal Covid-19 research.
A new report from SonicWall found that attempted ransomware attacks skyrocketed in the first half of 2021, with 304.7 million attempted attacks seen by SonicWall’s security researchers.
A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF (Extended Berkeley Packet Filter) that can give an attacker increased privileges on Ubuntu machines.
Microsoft has continued its analysis of the LemonDuck malware, known for installing crypto-miners in enterprise environments. It makes a strong case for why it is worth removing it from your network.
Details of 30 servers thought to be used by Russia’s SVR spy agency (aka APT29) as part of its ongoing campaigns to steal Western intellectual property were made public today by RiskIQ.
Initially announced in June, the federal civilian enterprise-wide crowdsourced VDP platform provided by BugCrowd and EnDyna was established in support of Binding Operational Directive (BOD) 20-01 issued in September 2020.
As credential phishing is usually conducted via a simple URL link, it is easy to overlook some subtle or exaggerated tactics that threat actors have been using to steal credentials from unsuspecting victims.