Sunburst: connecting the dots in the DNS requests

On December 13, 2020 FireEye published important details of a newly discovered supply chain attack. An unknown attacker, referred to as UNC2452 or DarkHalo planted a backdoor in the SolarWinds Orion IT software. This backdoor, which comes in the form Read More …

‘This is bad.’ Hacking chaos engulfs FERC, DOE, Microsoft

The Department of Energy’s nuclear weapons office and the Federal Energy Regulatory Commission are the latest agencies swept up in a staggering hack of global computer networks. DOE spokesperson Shaylyn Hynes said the breach “has not impacted the mission-essential national Read More …

Suspected Russian hackers spied on U.S. Treasury emails – sources

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of Read More …

Subway marketing system hacked to send TrickBot malware emails

Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday. Starting yesterday, Subway UK customers received strange emails from ‘Subcard’ about a Subway order that was placed. Read More …

Australia: Communications department flags idea of tying telco licences to cyber capability

The Department of Infrastructure, Transport, Regional Development, and Communications has run up the flagpole the idea of inserting security provisions into the Telecommunications Act to require telcos to safeguard their systems as a condition of their licence to operate. Writing Read More …

CISA and FBI warn of rise in ransomware attacks targeting K-12 schools

In a joint security alert published on Thursday, the US Cybersecurity Infrastructure and Security Agency, along with the Federal Bureau of Investigation, warned about increased cyber-attacks targeting the US K-12 educational sector, often leading to ransomware attacks, the theft of Read More …

European Medicines Agency says it has been targeted by cyber attack

In a short statement published on its website, the agency said: “EMA has been the subject of a cyberattack. The agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities. “EMA cannot provide Read More …

Norway: Russian APT28 state hackers likely behind Parliament attack

Russian-backed hacking group APT28 has likely brute-forced multiple Norwegian Parliament (Stortinget) email accounts on August 24, 2020, according to the Norwegian Police Security Service (PST, short for Politiets Sikkerhetstjeneste). Attackers gained access to a limited number of Stortinget email accounts Read More …

Italian police arrest 2 in defense data theft case

Police in Italy have arrested two people in connection with the hacking of Italian aerospace and electronics company Leonardo, the Interior Ministry announced on Saturday. The Leonardo group also has a cybersecurity division that counts NATO among its customers and Read More …

Three arrested as INTERPOL, Group-IB and the Nigeria Police Force disrupt prolific cybercrime group

Three suspects have been arrested in Lagos following a joint INTERPOL, Group-IB and Nigeria Police Force cybercrime investigation. The Nigerian nationals are believed to be members of a wider organized crime group responsible for distributing malware, carrying out phishing campaigns Read More …