North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.
The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline, eliminating its ability to use email and conduct business.
Good news on the cybercrime front: "Cryptocurrency-related crime fell significantly in 2020," compared to 2019, reports blockchain analysis firm Chainalysis. Unfortunately, in the same timeframe, ransomware profits surged 311%, stoking calls for a crackdown on ransom payments.
Threat actors are exploiting vulnerable Microsoft Remote Desktop Protocol servers to amplify DDoS attacks, according to a report from Netscout, which offers mitigation advice.
A Russian national who served as the administrator for the now-defunct Deer.io online clearinghouse - which sold stolen credentials, hacked servers and criminal services, such as assistance performing hacking activities - has pleaded guilty to a federal charge.
When deploying automation in their security operations centers, organizations should start with "small and simple things," advises Nat Smith of Gartner, who also offers tips on retaining skilled SOC analysts.
Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. SonicWall is urging customers to apply temporary fixes to secure VPNs and gateways.
Threat actors behind a distributed denial-of-service campaign targeted the same set of victims again after the organizations refused to pay the initial ransom demand, a new report by security firm Radware finds.
Fraudsters are using Google forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to identify targets for a possible follow-up business email compromise attack.
The new Biden administration has pledged to hold Russia accountable for its recent "reckless and adversarial" actions and has ordered a full-scale intelligence review of the SolarWinds hack. The moves signal the importance of cybersecurity to President Biden's national security agenda.
President Joe Biden's COVID-19 response strategy calls for an assessment of "ongoing cyberthreats and foreign interference campaigns targeting COVID-19 vaccines and related public health efforts."
The threat posed by software supply chain attacks is growing, but organizations can take steps to minimize the risks. Trey Herr of the Atlantic Council outlines ways to gain more insight into supply chain problems.
Zscaler's ThreatLabz research team is tracking a new botnet dubbed DreamBus that's installing the XMRig cryptominer on powerful, enterprise-class Linux and Unix systems with the goal of using their computing power to mine monero.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.