Sunburst: connecting the dots in the DNS requests

On December 13, 2020 FireEye published important details of a newly discovered supply chain attack. An unknown attacker, referred to as UNC2452 or DarkHalo planted a backdoor in the SolarWinds Orion IT software. This backdoor, which comes in the form Read More …

‘This is bad.’ Hacking chaos engulfs FERC, DOE, Microsoft

The Department of Energy’s nuclear weapons office and the Federal Energy Regulatory Commission are the latest agencies swept up in a staggering hack of global computer networks. DOE spokesperson Shaylyn Hynes said the breach “has not impacted the mission-essential national Read More …

Saudi Arabia: Explosives-laden boat hits fuel ship at Jeddah port, ministry says

Saudi Arabia said on Monday that a fuel transport ship anchored at a Jeddah terminal was hit by an explosive-laden boat in what it called a terrorist attack, after shipping firm Hafnia said one of its tankers was struck by Read More …

Suspected Russian hackers spied on U.S. Treasury emails – sources

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of Read More …

Subway marketing system hacked to send TrickBot malware emails

Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday. Starting yesterday, Subway UK customers received strange emails from ‘Subcard’ about a Subway order that was placed. Read More …

CISA and FBI warn of rise in ransomware attacks targeting K-12 schools

In a joint security alert published on Thursday, the US Cybersecurity Infrastructure and Security Agency, along with the Federal Bureau of Investigation, warned about increased cyber-attacks targeting the US K-12 educational sector, often leading to ransomware attacks, the theft of Read More …

Chinese APT suspected of supply chain attack on Mongolian government agencies

A Chinese state-sponsored hacking group, also known as an APT, is suspected of having breached a Mongolian software company and compromised a chat app used by hundreds of Mongolian government agencies. The attack is believed to have taken place earlier Read More …

European Medicines Agency says it has been targeted by cyber attack

In a short statement published on its website, the agency said: “EMA has been the subject of a cyberattack. The agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities. “EMA cannot provide Read More …

Foxconn electronics giant hit by ransomware, $34 million ransom

Foxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices. Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and Read More …

Norway: Russian APT28 state hackers likely behind Parliament attack

Russian-backed hacking group APT28 has likely brute-forced multiple Norwegian Parliament (Stortinget) email accounts on August 24, 2020, according to the Norwegian Police Security Service (PST, short for Politiets Sikkerhetstjeneste). Attackers gained access to a limited number of Stortinget email accounts Read More …