Tweets used by attackers to demonstrate previous "exploits" they'd discovered (Source: Google)

Vulnerability Researchers Hit by North Korean Hackers

Mathew J. Schwartz • January 26, 2021

North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.

►

Governance & Risk Management

Ransomware Disrupts Scottish Environment Protection Agency

Latest

Cybercrime

Mimecast Confirms SolarWinds Hackers Breached Company

Scott Ferguson • January 26, 2021

Email security vendor Mimecast confirmed Tuesday that the hackers responsible for the SolarWinds supply chain hack also breached the security firm's network to compromise a digital certificate that encrypts data that moves between some of the firm's products and Microsoft's servers.

3rd Party Risk Management

Supply Chain Integrity: The Role of Verified Reproducible Builds

Jeremy Kirk • January 26, 2021

The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.

Breach Notification

Cyber Incident Knocks Construction Firm Palfinger Offline

Doug Olenick • January 25, 2021

The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline, eliminating its ability to use email and conduct business.

Fraud Management & Cybercrime

Assessing the SolarWinds Hack's Impact on Fraud

Suparna Goswami • January 25, 2021

What impact could the SolarWinds supply chain hack have on fraud trends? Al Pascual of Breach Clarity offers an analysis.

DDoS Protection

DDoS Attackers Exploit Vulnerable Microsoft RDP Servers

Prajeet Nair • January 25, 2021

Threat actors are exploiting vulnerable Microsoft Remote Desktop Protocol servers to amplify DDoS attacks, according to a report from Netscout, which offers mitigation advice.

Security Operations

Automating the SOC: 'Start Small'

Anna Delaney • January 25, 2021

When deploying automation in their security operations centers, organizations should start with "small and simple things," advises Nat Smith of Gartner, who also offers tips on retaining skilled SOC analysts.

Application Security

SonicWall Investigating Zero-Day Attacks Against Its Products

Scott Ferguson • January 24, 2021

Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. SonicWall is urging customers to apply temporary fixes to secure VPNs and gateways.

Cybercrime as-a-service

DDoS Attackers Revive Old Campaigns to Extort Ransom

Akshaya Asokan • January 23, 2021

Threat actors behind a distributed denial-of-service campaign targeted the same set of victims again after the organizations refused to pay the initial ransom demand, a new report by security firm Radware finds.

Breach Notification

Intel Investigating Hack of Confidential Financial Report

Doug Olenick • January 23, 2021

Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned.

Business Email Compromise (BEC)

Fraudsters Are Using Google Forms to Evade Email Filters

Prajeet Nair • January 23, 2021

Fraudsters are using Google forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to identify targets for a possible follow-up business email compromise attack.

COVID-19

President Biden Orders SolarWinds Intelligence Assessment

Mathew J. Schwartz • January 22, 2021

The new Biden administration has pledged to hold Russia accountable for its recent "reckless and adversarial" actions and has ordered a full-scale intelligence review of the SolarWinds hack. The moves signal the importance of cybersecurity to President Biden's national security agenda.

3rd Party Risk Management

How to Manage Software Supply Chain Risks

Jeremy Kirk • January 22, 2021

The threat posed by software supply chain attacks is growing, but organizations can take steps to minimize the risks. Trey Herr of the Atlantic Council outlines ways to gain more insight into supply chain problems.