Following the disclosure of the SolarWinds supply-chain compromise in December 2020, details continue to emerge about the scale of the attack. Four cyber-security companies have recently been added to the count of affected organizations: Palo Alto Networks, Qualys, Fidelis, and Mimecast. The ongoing investigation suggests that the scale and ramifications of the SolarWinds attack are still yet to be determined. The allegedly Russia-linked attackers will almost certainly continue to use access provided by the trojanized SolarWinds Orion Platform software to conduct more attacks. As with many supply-chain compromises, this incident seems to have overwhelmingly targeted technology providers.
Most Recent Flipbooks
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Microsoft has announced plans to restrict its product users' ability to manually enable macros in several Office documents
A recent attack showed the potential of cyber-threat activity when used by a nation-state for coercion.
The FBI has warned of a recent surge in cyber attacks that use quick response (QR) codes.
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022