SolarWinds Attacks Highlight Importance of Operation-Centric Approach

We’re still learning the full extent of the SolarWinds supply chain attacks. On January 11, for instance, researchers published a technical breakdown of a malicious tool detected as SUNSPOT that was employed as part of the infection chain involving the IT management software provider’s Orion platform.  ... Read More

Contextualizing Microsoft’s Source Code Exposure in the SolarWinds Attacks

In the middle of December, IT management software provider SolarWinds revealed in a security advisory that it had fallen victim to a sophisticated supply chain attack. The offensive involved the placement of a backdoor known as SUNBURST into versions 2019.4 HF 5, 2020.2 with no hotfix installed and 2020.2 HF 1 of ... Read More

Contextualizing Microsoft’s Source Code Exposure in the SolarWinds Attacks

In the middle of December, IT management software provider SolarWinds revealed in a security advisory that it had fallen victim to a sophisticated supply chain attack. The offensive involved the placement of a backdoor known as SUNBURST into versions 2019.4 HF 5, 2020.2 with no hotfix installed and 2020.2 HF 1 of ... Read More

Molerats APT: New Malware and Techniques in Middle East Espionage Campaign

| | research, Threat Alerts
Security researchers observed a politically motivated APT called “Molerats” using three new malware variants to conduct espionage in the Middle East ... Read More

Molerats APT: New Malware and Techniques in Middle East Espionage Campaign

| | research, Threat Alerts
Security researchers observed a politically motivated APT called “Molerats” using three new malware variants to conduct espionage in the Middle East ... Read More
PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers

PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers

Digital attackers launched a new ransomware campaign dubbed “PLEASE_READ_ME” in an effort to target MySQL servers. Guardicore first spotted the attack back in January 2020. After that, it witnessed a total of 92 attacks emanate from 11 IP addresses, with most based in Ireland and the United Kingdom at the ... Read More
New Microsoft Spear-Phishing Attack Uses Exact Domain Spoofing Tactic

New Microsoft Spear-Phishing Attack Uses Exact Domain Spoofing Tactic

Security researchers detected a new spear-phishing attack that’s using an exact domain spoofing tactic in order to impersonate Microsoft. On December 7, IRONSCALES revealed that it had spotted the campaign targeting Office 365 users. Those users primarily worked in the financial services, healthcare, insurance, manufacturing, utilities and telecom industries. The ... Read More
Phorpiex Botnet Named “Most Wanted Malware” in November 2020

Phorpiex Botnet Named “Most Wanted Malware” in November 2020

The Phorpiex botnet earned the notorious designation of “most wanted malware” for the month of November 2020. In its Global Threat Index for November 2020, Check Point Research revealed that it had observed a surge in new Phorpiex botnet infections that had affected four percent of organizations globally. This threat ... Read More
Mercy Health Fired Employee Responsible for Insider Breach

Mercy Health Fired Employee Responsible for Insider Breach

Mercy Health revealed that it had fired an employee who was responsible for an insider breach involving its systems. On December 4, Mercy Health posted a notice informing its patients of a medical records incident that had occurred earlier in the year. The bulletin explained that Mercy Health, the fifth ... Read More
BEC Scammers Struck Philadelphia Non-Profit Food Bank

BEC Scammers Struck Philadelphia Non-Profit Food Bank

Malicious actors used a Business Email Compromise (BEC) scam to prey upon a Philadelphia non-profit food bank. According to The Philadelphia Inquirer, the scam occurred back in July when the hunger relief organization Philabundance was nearing the completion of its $12 million Philabundance Community Kitchen. Nefarious individuals impersonated the construction ... Read More