The SolarWinds supply chain attack demonstrates that Russian intelligence services have learned from previous operations and adjusted their tactics, says Dmitri Alperovitch, the former CTO of security firm CrowdStrike, which investigated Russian interference in the 2016 election.
Criminals operating online continue to tap ransomware in their pursuit of an illicit payday. That was the cybercrime reality throughout 2020, and unfortunately it still appears to be holding true in the first months of this year, the Cisco Talos Incident Response team reports.
The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources, including email, according to researchers at Proofpoint.
Whether accidental or malicious, insider incidents can result in financial fraud, privacy abuses, intellectual property theft, or damage to infrastructure. It’s difficult for security pros to detect this suspicious activity because insiders need to have privileged access to data to do their jobs. Since insiders are...
Swiss cybersecurity firm Prodaft says it has accessed several servers used by an advanced persistent threat group tied to the SolarWinds supply chain attack. These attackers continue to target large corporations and public institutions worldwide, with a focus on the U.S. and the European Union, the researchers say.
Large enterprises generally have a good grasp on gathering and operationalizing threat intelligence. But when it comes to the midmarket, there are unique challenges. Neal Dennis of Cyware Labs tells how to overcome these obstacles and achieve value from a threat intel platform.
Email security vendor Mimecast, which was targeted by the SolarWinds supply chain hack in January, reports in a Tuesday update that the hackers used the "Sunburst" backdoor as an initial attack vector to steal some source code. But Mimecast says it "found no evidence of any modifications" to that code.
An ongoing spear-phishing campaign by the threat group TA800 is distributing a new malware loader based on the Nim programming language that's designed to help avoid detection, according to the cybersecurity company Proofpoint.
Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 APT groups that have been collectively been hitting thousands of companies over the last three months, including prior to when Microsoft was first alerted to the flaws and issued a patch, security researchers warn.
Russian hackers apparently weren't the only ones targeting SolarWinds customers. An attack last year by the Spiral hacking group, believed to be based in China, against one organization used malware that targeted a vulnerability in SolarWinds' Orion software, according to the Secureworks Counter Threat Unit.
A Microsoft Exchange Server at the European Banking Authority, a regulatory agency of the European Union, was hacked. But the agency says there are no indications of data exfiltration.
In this Total Economic Impact™ (TEI) study of ManagedXDR, Forrester Consulting assesses the cost savings, productivity gains, and business benefits Secureworks users experience.
The study found a potential ROI of 413 percent* over three years for ManagedXDR customers, as well as other quantified and...
It used to be enough to protect the network perimeter, but in recent years, an expanding perimeter has opened the door to threat actors preying on a larger attack surface.
Understanding the evolution of endpoint security and the solutions available to your organization is key to protecting your business in...
Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.