Following the disclosure of the SolarWinds supply-chain compromise in December 2020, details continue to emerge about the scale of the attack. Four cyber-security companies have recently been added to the count of affected organizations: Palo Alto Networks, Qualys, Fidelis, and Mimecast. The ongoing investigation suggests that the scale and ramifications of the SolarWinds attack are still yet to be determined. The allegedly Russia-linked attackers will almost certainly continue to use access provided by the trojanized SolarWinds Orion Platform software to conduct more attacks. As with many supply-chain compromises, this incident seems to have overwhelmingly targeted technology providers.
Other content in this Stream
Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Access Brokers Report analyzes this phenomenon and what it means for security practitioners.
ShadowTalk hosts Alec, Ivan, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
The People’s Republic of China-linked advanced persistent threat group “APT31” reportedly cloned and deployed a zero-day exploit developed by NSA's Equation Group in 2013.
ShadowTalk hosts Stefano, Adam, Dylan, and Kim bring you the latest in threat intelligence.
An unidentified attacker accessed the computer systems of a water treatment facility in the US, altering sodium hydroxide levels in the potable water supply.
This guide draws from best practices suggested in SearchLight’s playbooks, so security professionals can improve their tools and processes to prevent employee account takeover.
ShadowTalk hosts Alec, Ivan, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
The North Korean advanced persistent threat (APT) group “ZINC” has been targeting cyber-security professionals with social engineering that leads to malware delivery.
When selecting the optimal Cyber Threat Intelligence solution for your organization, use this guide to assess threat intelligence providers across 6 critical categories.
ShadowTalk hosts Alec, Charles, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
A new web portal is aiding cyber-threat incident responders by detailing vulnerabilities in popular malware.
ShadowTalk hosts Stefano, Adam, Kim, and Dylan bring you the latest in threat intelligence.
31:28In this session, Digital Shadows will share their insights and assessments into what we can expect to see in 2021.
In this blog, we explore how cybercriminals are taking advantage of not-so-cheery sales this holiday season. From carding methods to account sales, nothing is off-limits.
We are here to go through the top five blogs of 2020—one for each quarter plus a bonus one to quickly recap why they (still) matter and be better prepared for the exciting new year in security.
While we’ve reported on recent Q3 ransomware campaigns targeting the healthcare industry, a new campaign targeting COVID-19 vaccine supply chain partners has emerged.
Have you ever wondered how cybercriminals explain their mysterious means of income to others? While not all threat actors’ illicit ...
Rising rates of cybercriminal activities occur as threat actors observe the flourishing economies in the Middle East.
This year has been a real doozy, y’all: Ransomware capitalizing on extortion, operators compromising thousands of organizations, the COVID-19 pandemic ...