SolarWinds Hires Chris Krebs and Alex Stamos for Breach Recovery
The former US cybersecurity official and former Facebook security chief will help SolarWinds respond to its recent attack and improve security.SolarWinds, the company targeted in a major cyberattack affecting...
Malware Developers Refresh Their Attack Tools
Cisco analyzes the latest version of the LokiBot malware for stealing credentials, finding that its developers have added more misdirection and anti-analysis features.The developers of attack tools continue to...
FireEye’s Mandia: ‘Severity-Zero Alert’ Led to Discovery of SolarWinds Attack
CEO Kevin Mandia shared some details on how his company rooted out the major cyberattack campaign affecting US government and corporate networks.FireEye CEO Kevin Mandia today shared some insight...
Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020
Research reveals APT groups and cybercriminals employ these offensive security tools as often as red teams.Cobalt Strike and Metasploit were the offensive security tools most commonly used to host...
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
A North Korean threat group has swapped the usual Hangul Office lures for a cleverly packed Office macro.
This post was authored by Hossein Jazi
On December 7 2020 we...
DoJ’s Microsoft 365 Email Accounts Compromised in SolarWinds Attacks
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-25498PUBLISHED: 2021-01-06Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in...
Nissan Source Code Leaked via Misconfigured Git Server
Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.Nissan North America source code was leaked online due to...
China’s APT Groups May Be Looking to Cash In
Two campaigns have resulted in encrypted drives and ransom notes, suggesting that some China-linked nation-state advanced persistent threat groups have added financial gain as a motive, researchers say.A China-linked...
Dark Web Forum Activity Surged 44% in Early COVID Months
Researchers analyzed the activity of five popular English- and Russian-speaking Dark Web forums and discovered exponential membership growth.Dark Web forum activity grew 44% during the spring of 2020 compared...
Netwrix and Stealthbits Merge to Tackle Data Security
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-29491PUBLISHED: 2021-01-04
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to...
