In December 2020, the world discovered that the SolarWinds’ Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize the impact on…
Business Continuity Management / Disaster Recovery , Cybercrime , Fraud Management & Cybercrime Law Enforcement ‘Update’ to Erase Malware From Infected Devices Activated Prajeet Nair (@prajeetspeaks) • April 26, 2021 An “update” pushed out earlier this year by law enforcement agencies, including Europol, on Sunday began erasing Emotet malware from infected devices worldwide,…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of a new advanced persistent threat (APT) that’s leveraging the Supernova backdoor to compromise SolarWinds Orion installations after gaining access to the network through a connection to a Pulse Secure VPN device. “The threat actor connected to the entity’s network via a Pulse Secure…
Emotet, the notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks, was automatically wiped from infected computers en masse following a European law enforcement operation. The development comes three months after a coordinated disruption of Emotet as part of “Operation Ladybird” to seize control of servers used to run and maintain the…
Computer security world in mourning over death of Dan Kaminsky, aged 42 | IT Security News 25. April 2021 DEF CON hails ‘an icon in all the positive ways’ Obit Celebrated information security researcher Dan Kaminsky, known not just for his technical ability but also for his compassion and support for those in his industry,…
Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks , Endpoint Security Social Media Giant says 2 Groups Were Conducting Cyberespionage Akshaya Asokan (asokan_akshaya) • April 25, 2021 Facebook says it has disrupted the activities of two Palestinian advanced persistent threat groups that targeted victims across the Middle East as part of cyber espionage campaigns….
Application Security , Critical Infrastructure Security , Cybercrime as-a-service Cybereason Says Russian Hacking Group Prometei is Behind the Campaign Akshaya Asokan (asokan_akshaya) • April 25, 2021 A Russian botnet group called Prometei is exploiting critical Microsoft Exchange Server vulnerabilities to mine cryptocurrency from various organizations across the world, a new report by security…
CVE-2021-0229 Detail Awaiting Analysis This vulnerability is currently awaiting analysis. Description An uncontrolled resource consumption vulnerability in Message Queue Telemetry Transport (MQTT) server of Juniper Networks Junos OS allows an attacker to cause MQTT server to crash and restart leading to a Denial of Service (DoS) by sending a stream…
Join Transform 2021 this July 12-16. Register for the AI event of the year. The increasingly rich data companies are collecting makes them a more tantalizing target for attacks. But Deep Instinct wants to turn that same data into an enterprise’s greatest defensive asset. Deep Instinct is applying end-to-end deep learning to cybersecurity, an approach…
Application Security , Cloud Security , Endpoint Detection & Response (EDR) Zscaler Is Also Boosting Cloud Capabilities by Picking Up Trustdome Doug Olenick (DougOlenick) • April 24, 2021 Rapid7 is acquiring Velociraptor, an open-source, endpoint-monitoring, digital forensics and incident response organization and professional community that it will continue to operate as a stand-alone…
