The US-based IT company SolarWinds confirmed that its network management system, Orion Platform, was exploited to conduct a highly sophisticated, manual supply-chain attack. According to SolarWinds, a threat actor obtained access to the company’s systems and implanted malicious code into Orion software builds. Approximately 18,000 SolarWinds customers then installed malicious Orion updates that enabled the attacker to deploy a backdoor, dubbed SUNBURST or Solarigate, into victims’ systems and steal information. It is highly likely that a state-sponsored threat actor/group is responsible but, at the time of writing, there is not enough information to confirm this. Although the attacker’s motives and future intentions are not clear, they will likely use stolen information to conduct additional attacks in the short-term future (one to three months).
The notorious Automated Vending Cart (AVC) website Joker’s Stash allegedly displayed a notification that th...
Most Recent Flipbooks
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.
Microsoft has allegedly halted a long-term cyber-espionage operation of “NICKEL”, a threat group linked to the People’s Republic of China (PRC).
Success of UK security bill depends on Internet of Things users
The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities.