01 Mar 2021

The SolarWinds Body Count Now Includes NASA and the FAA

According to new information about the SolarWinds Orion Russian espionage campaign that targeted both US organizations and federal agencies, the Federal Aviation Administration and NASA were both compromised as part of the operation. The suspected Russian state hackers compromised SolarWind’s Orion IT management tool in a supply chain attack that

Read More
01 Mar 2021

Hackers exploit websites to give them excellent SEO before deploying malware

According to Sophos researchers, cyberattackers have been utilizing an interesting new technique: turning to search engine optimization to deploy malware payloads to as many victims as possible. The search engine method includes abuse of human psychology and SEO tricks to push up websites that have been compromised in Google’s rankings

Read More
01 Mar 2021

Tether faces 500 Bitcoin ransom

Over the weekend, blockchain organization Tether revealed that they were being asked to pay 500 Bitcoin to threat actors who allegedly plan to leak sensitive company information online if ransom demands are not met. The company has stated that it will refuse to pay the $24 million request, which is

Read More
26 Feb 2021

Health Website Leaks 8 Million COVID-19 Test Results

In India, a teenaged ethical hacker named Sourajeet Majumder uncovered a flawed endpoint associated with a health department in the state of Bengal that exposed eight million Covid-19 test results and personally identifiable information. The data leak, likely a human-related error, has exposed confidential health information for an entire geographic

Read More
26 Feb 2021

Cisco Warns of Critical Auth-Bypass Security Flaw

Cisco has allegedly fixed a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches. The vulnerability could allow for a remote attacker to bypass authentication, according to the company. The bug is one of three critical flaws patched by Cisco this past week. The

Read More
26 Feb 2021

Microsoft Releases Free Tool for Hunting SolarWinds Malware

Microsoft has released a free tool designed to hunt SolarWinds malware following a devastating espionage campaign in which Russian state hackers compromised SolarWind’s Orion software in a supply-chain attack that affected major US organizations and federal agencies. Organizations who are still investigating whether they are victims of or still infected

Read More
26 Feb 2021

VMware patches bug that put many large networks at risk

VMware has patched a critical vulnerability that was found in its vCenter Server VMware utility that could have allowed for remote code execution on a vulnerable server. Positive Technologies discovered the flaw and reported VMware to the bug. In a press release published on Wednesday, the security company explained how

Read More
25 Feb 2021

Microsoft Lures Populate Half of Credential-Swiping Phishing Emails

According to a Tuesday report by Cofense, cybercriminals are increasingly using Microsoft services such as Outlook, Teams, and Office to launch themed phishing attacks and steal credentials from their targets. According to Cofense, almost half of phishing attacks in 2020 aimed to steal Microsoft credentials using lures related to the

Read More
25 Feb 2021

New APT Group Targets Airline Industry & Immigration

According to researchers at Malwarebytes,  a new APT group has been discovered. The group has been named LazyScript and bears some similarities to other known Middle Eastern threat groups, however, due to techniques and tools used, Malwarebytes has designated them to be a distinct operation separate from other known groups.

Read More
25 Feb 2021

Solarwinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021

Due to the recent Russian espionage breach against its Orion software, SolarWinds reportedly spent more than $3 million on cybersecurity costs in the fourth quarter of 2020 and predicts this number will rise to $25 million in 2021. The massive spending includes initiatives to further product defense, remediation for the

Read More