CrowdStrike shares an analysis of Sunspot, a piece of malware that was used by hackers to insert the Sunburst backdoor into SolarWinds’ Orion product in the recent supply chain attack. [Read More]
Bitdefender has released a free decryptor for DarkSide, a piece of ransomware that allegedly helped cybercriminals make millions from targeted companies. [Read More]
Researchers have found some similarities between the Sunburst malware used in the SolarWinds attack and Kazuar, a backdoor attributed to the Russia-linked cyber-espionage group Turla. [Read More]
New Zealand's central bank said Jan 10th that it was responding with urgency to a "malicious" breach of one of its data systems, a third-party file sharing service that stored "sensitive information". [Read More]
Ongoing coverage of the SolarWinds Orion attacks and useful resources, including analysis and indicators of compromise (IOC). Check back often for updates. [Read More]
An investigation has been launched into the impact of the SolarWinds breach on U.S. federal courts, which reportedly were considered a target of interest by the hackers. [Read More]
CISA has recently designated many cyber security positions ‘essential roles', and our understanding of essential businesses and essential employees will continue to change as the pandemic evolves.
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
The holidays are also a bonanza for cybercriminals whose own sales and purchases of contraband on the dark web mirror the one-day-only specials of their consumer-facing counterparts.
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.