On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distribute a malware named SUNBURST, and then used this foothold in the organization to contact their Command & Control … [Read more...] about Detecting and Responding to SolarWinds Infrastructure Attack with Cisco Secure Analytics
attack
How Does Triton Attack Triconex Industrial Safety Systems?
Triton is malware developed to affect industrial systems, particularly the Triconex safety system from Schneider. This is deployed at over 15,000 sites across the world, but the malware allegedly only targeted a critical energy industrial site in the Middle East in 2017. The attack, also known by the names of Trisis and Hatman, is broken down into different phases: Intrusion … [Read more...] about How Does Triton Attack Triconex Industrial Safety Systems?
Oldsmar’s Cyber Attack Raises the Alarm for the Water Industry
On February 8, 2021, the City of Oldsmar, Florida gave a press conference to disclose “an unlawful intrusion to the city’s water treatment system.” Someone on the Internet successfully accessed the computer controlling the chemicals used to treat drinking water for the city and changed the level of sodium hydroxide to 11,100 parts per million (ppm), a significant increase from … [Read more...] about Oldsmar’s Cyber Attack Raises the Alarm for the Water Industry
CD Projekt confirms ransomware attack on internal system
CD Projekt has issued a statement, saying that unspecified ransomware attacked the company’s information systems. The company, known for game series The Witcher and the notorious Cyberpunk 2077 project and behind digital distribution service GOG.com, says that to its knowledge users’ personal data wasn’t affected by the attack. What happened? According to the statement, unknown … [Read more...] about CD Projekt confirms ransomware attack on internal system
A New Software Supply‑Chain Attack Targeted Millions With Spyware
Cybersecurity researchers today disclosed a new supply chain attack compromising the update mechanism of NoxPlayer, a free Android emulator for PCs and Macs. Dubbed "Operation NightScout" by Slovak cybersecurity firm ESET, the highly-targeted surveillance campaign involved distributing three different malware families via tailored malicious updates to selected victims based in … [Read more...] about A New Software Supply‑Chain Attack Targeted Millions With Spyware
New Attack Could Let Remote Hackers Target Devices On Internal Networks
A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research. Detailed by enterprise IoT security firm Armis, the new attack (CVE-2020-16043 and CVE-2021-23961) builds on the previously disclosed technique to bypass routers and firewalls and reach any unmanaged device within … [Read more...] about New Attack Could Let Remote Hackers Target Devices On Internal Networks
New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys
Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication (2FA) device can clone it by exploiting an electromagnetic side-channel in the chip embedded in it. The … [Read more...] about New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys
Software Supply-Chain Attack Hits Vietnam Government Certification Authority
Cybersecurity researchers today disclosed a new supply-chain attack targeting the Vietnam Government Certification Authority (VGCA) that compromised the agency's digital signature toolkit to install a backdoor on victim systems. Uncovered by Slovak internet security company ESET early this month, the "SignSight" attack involved modifying software installers hosted on the CA's … [Read more...] about Software Supply-Chain Attack Hits Vietnam Government Certification Authority
SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack
Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory page, the company urged its customers to update Orion Platform to version 2020.2.1 HF … [Read more...] about SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack
Threat Advisory: SolarWinds supply chain attack
Cisco Blogs / Security / Threat Research / Threat Advisory: SolarWinds supply chain attack Cisco Talos is monitoring yesterday’s announcements by FireEye and Microsoft that a likely state-sponsored actor compromised potentially thousands of high-value government and private organizations around the world via the SolarWinds Orion product. FireEye reported on Dec. 8 … [Read more...] about Threat Advisory: SolarWinds supply chain attack