The SolarWinds breach is a reminder that, in general, any company that relies heavily on tools alone to secure its network infrastructure and software is taking an enormous risk.
The White House team leading the investigation into the SolarWinds hack is worried that the breach of 100 US companies has the potential to make the initial compromise a headache in future.
In a new report, Zscaler revealed the widespread use of Discord to host multiple payloads, including the Epsilon ransomware, Redline stealer, XMRig miner, and Discord token grabbers.
Hackers attacked military-run government websites in Myanmar on Thursday (Feb 18) as a cyber war erupted after authorities shut down the Internet for a fourth straight night.
The French information security agency (ANSSI) linked Russian group Sandworm with a three-year-long stealthy operation involving a breach of several French entities by exploiting an IT monitoring tool.
Purdue University and MITRE are combining their expertise and capabilities to form a new public-private partnership focusing on key areas of national safety and security.
Microsoft has announced that the SolarWinds hackers could gain access to source code for a limited amount of components used by Azure, Intune, and Exchange. The investigation also determined that the accessed code did not contain any credentials.
Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns.
A user on a popular hacking forum is selling a database that purportedly contains more than 257,000 user records from orakulas.lt (now known as Olybet.lt), a Lithuanian online betting service.
The MITRE ATT&CK framework is a well known and widely used knowledge base of cyber adversary tactics, techniques and procedures, and is based on observations on real-world attacks.