fireeye

Red Cross Hack Linked to Iranian Influence Operation?

Red Cross Hack Linked to Iranian Influence Operation?

| | Data breaches, FBI, fireeye, ICRC hack, International Committee for the Red Cross, KELA, [email protected], Ne'er-Do-Well News, RaidForums, Ransomware, Red Cross and Red Crescent Movement, Restoring Family Links, Sheriff, threat_actor, unindicted
A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity ...
Krebs on Security
Mandiant is for Sale and Microsoft Should Get Serious with Enterprise Security

Mandiant is for Sale and Microsoft Should Get Serious with Enterprise Security

| | enterprise security, fireeye, FireEye hack, Mandiant, Microsoft
FireEye Failed, Mandiant is for Sale and it’s Time for Microsoft to Get Serious with Enterprise Security  An autopsy of FireEye’s missteps and why Microsoft should acquire Mandiant and create a security ...
Security Boulevard
Task Force Seeks to Disrupt Ransomware Payments

Task Force Seeks to Disrupt Ransomware Payments

| | amazon, cisco, Department of Homeland Security, disrupting ransomware payments, Emsisoft, Europol, FBI, fireeye, Institute for Security and Technology, mcafee, Microsoft, Philip Reiner, Ransomware, The Coming Storm, The Wall Street Journal, U.K. National Crime Agency, U.S. Justice Department, U.S. Treasury Department
Some of the world's top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and ...
Krebs on Security
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

| | A Little Sunshine, CVE-2020-4006, Cybersecurity Infrastructure Security Administration, Democratic National Committee, FBI, fireeye, GoldMax, Lexicon.exe, Microsoft, National Security Agency, National Telecommunications and Information Administration, NTIA, solarwinds-hack, Sunshuttle, The Wall Street Journal, U.S. Commerce Department, U.S. Treasury Department, VirusTotal, VMware
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye ...
Krebs on Security
SolarWinds Backdoor State Diagram

Targeting Process for the SolarWinds Backdoor

| | avsvmcloud.com, backdoor, C2, CNAME, dns, fireeye, Microsoft, SolarWinds, Solorigate, Stage 2, STAGE2, SUNBURST, targeted
The SolarWinds Orion backdoor, known as SUNBURST or Solorigate, has been analyzed by numerous experts from Microsoft, FireEye and several anti-virus vendors. However, we have noticed that many of the published reports ...
NETRESEC Network Security Blog
23 SUNBURST Targets Identified

Twenty-three SUNBURST Targets Identified

| | avsvmcloud.com, CERT-SE, CNAME, dns, fireeye, Microsoft, Passive DNS, pDNS, SecureList, SolarWinds, Solorigate, STAGE2, SUNBURST, VriesHd
Remember when Igor Kuznetsov and Costin Raiu announced that two of the victims in FireEye's SUNBURST IOC list were ***net.***.com and central.***.gov on Kaspersky's Securelist blog in December? Reuters later reported that ...
NETRESEC Network Security Blog
SolarWinds: What Hit Us Could Hit Others

SolarWinds: What Hit Us Could Hit Others

| | CrowdStrike, fireeye, Orion, Other, SolarWinds breach, Sudhakar Ramakrishna, Sunburst malware, Sunspot malware, Teardrop malware
New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company's software development labs honing their attack before inserting ...
Krebs on Security
Cyber Security Roundup for January 2021

Cyber Security Roundup for January 2021

| | credential stuffing, cyber security roundup, cybercrime, Cyberwar, fireeye, google, ICO, mcafee, Microsoft, Password Security, Ransomware, SolarWinds, Spotify, SUNBURST
A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, December 2020.A suspected nation-state sophisticated cyber-attack of SolarWinds which led ...
IT Security Expert Blog
SUNBURST Security Applications Chart

Extracting Security Products from SUNBURST DNS Beacons

| | beacon, C2, Carbon Black, CB28867A08967B43, CrowdStrike Falcon, dns, ESET, f-secure, fireeye, SolarWinds, Solorigate, SUNBURST, SunburstDomainDecoder, Windows Defender
The latest version of our SunburstDomainDecoder (v1.7) can be used to reveal which endpoint protection applications that are installed on trojanized SolarWinds Orion deployments. The security application info is extracted from DNS ...
NETRESEC Network Security Blog
Automated Playbook with IPS/AV/AntiBot + Siemplify SOAR to Solarwinds' Sunburst attack

Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack 

| | APT, fireeye, Industry Trends, Security Orchestration and Automation, SolarWinds, SUNBURST
Cybersecurity vendor FireEye recently disclosed a sophisticated attack which led to the “unauthorized access of their red team tools.” A... The post Using SOAR Technology to Orchestrate Detection and Response to the ...
Siemplify
Load more