HackDig : Dig high-quality web security articles for hackers

Russian Hack of US Agencies Exposed Supply Chain Weaknesses

The elite Russian hackers who gained access to computer systems of federal agencies last year didn’t bother trying to break one by one into the networks of each department.Instead, they got inside by sneaking malicious code into a software update pushed out to thousands of government agencies and private companies.It wasn’t surprising that hackers were able
Publish At:2021-01-25 12:17 | Read:43 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Ri

Packaging Giant WestRock Says Ransomware Attack Impacted OT Systems

American packaging giant WestRock (NYSE: WRK) on Monday revealed that it was recently targeted in a ransomware attack that impacted both information technology (IT) and operational technology (OT) systems.The company has shared few details about the incident, which it discovered on January 23, when it “promptly” initiated response and containment protocols.
Publish At:2021-01-25 12:17 | Read:111 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Incident Response Cybercrime

Intel's Early Earnings Release Triggered by Hack

U.S. chip-making giant Intel Corp. has acknowledged a website hack and premature data disclosure forced the early release of its earnings report for the fourth quarter of 2020.The Santa Clara, Calif.-based company had planned on making the earnings announcement after markets closed on Thursday, but discovered the website breach and the external disclosure of
Publish At:2021-01-22 14:05 | Read:84 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Incident Resp

Biden Orders Intel Agencies to Provide Full Assessment of SolarWinds Hack

Just says into his leadership role, U.S. President Joe Biden has instructed U.S. intelligence agencies to provide him with a detailed assessment of the SolarWinds hack, which fueled a global cyber espionage campaign impacting many high-profile government agencies and businesses.The U.S. government and others have said Russia is likely behind the highly sophi
Publish At:2021-01-22 14:05 | Read:66 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Incident Response hack

Microsoft Details OPSEC, Anti-Forensic Techniques Used by SolarWinds Hackers

Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security (OPSEC).The attackers, which some believe to be sponsored by Russia, breached SolarWinds’ systems i
Publish At:2021-01-21 14:41 | Read:78 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Em

In a Remote Work Era, a People-First Approach Keeps Threat Intelligence Teams on Track

Far Too Many Organizations Are Still Failing to Develop Intelligence Requirements Based on the Needs of Their StakeholdersIn the Spring of 2020, COVID-19 hit home for most Americans. At that point, we went from hearing whispers about an overseas virus to knowing we were dealing with a deadly pandemic steadily making its way to the United States. Despite deca
Publish At:2021-01-20 15:17 | Read:108 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response Risk Management Manageme

Malwarebytes Targeted by SolarWinds Hackers

Cybersecurity firm Malwarebytes on Tuesday revealed that it too was targeted by the hackers who breached the systems of Texas-based IT management company SolarWinds as part of a sophisticated supply chain attack.Malwarebytes says it has not used any SolarWinds products, but its investigation revealed that the threat actor gained access to some of its systems
Publish At:2021-01-20 11:23 | Read:155 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats In

FireEye Releases New Open Source Tool in Response to SolarWinds Hack

FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that attacked IT management company SolarWinds.The SolarWinds supply chain attack has made hundreds of victims, and potent
Publish At:2021-01-19 15:53 | Read:134 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Id

OpenWrt Informs Users of Forum Breach

The OpenWrt Project, the developer of the open source Linux operating system for embedded devices, informed users on Monday that someone had breached its forum over the weekend.In a security notice posted on the OpenWrt forum, users were told that the hacker gained access to the account of an administrator on January 16. It’s unclear how the account became c
Publish At:2021-01-19 11:59 | Read:144 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

Data Security Startup Qohash Raises $6 Million

Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.Founded in 2018, the Quebec-based company provides customers with solutions focused on data discovery and classification, helping enterprises monitor data across their environments. Fu
Publish At:2021-01-15 18:17 | Read:147 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Microsoft Reminds Organizations of Upcoming Phase in Patching Zerologon Vulnerability

Microsoft this week published a reminder for organizations that a February 9 security update will kick off the second phase of patching for the Zerologon vulnerability.Tracked as CVE-2020-1472 and addressed on August 2020 Patch Tuesday, the critical vulnerability was identified in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and can be abused to
Publish At:2021-01-15 11:45 | Read:188 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Vulnerabilities Manage

Facebook Takes Legal Action Against Data Scrapers

Facebook on Thursday announced that it took legal action against two individuals for scraping data from its website.In a lawsuit filed in Portugal, Facebook Inc. and Facebook Ireland seek permanent injunction against the two for violation of the social media platform’s terms of service and Portugal’s Database Protection Law.The social media giant says that t
Publish At:2021-01-15 10:29 | Read:117 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Fr

RisingSun: Decoding SUNBURST C2 to Identify Infected Hosts Without Network Telemetry

Nearly three weeks after news regarding the widespread compromise of SolarWinds Orion customers became public, TrustedSec continues to receive inquiries from clients seeking more granular detail about the nature of the compromise. In most cases, clients have received a list of command and control (C2) domains from a major vendor and require assistance in
Publish At:2021-01-14 17:54 | Read:186 | Comments:0 | Tags:Incident Response Incident Response & Forensics

Capcom Says Personal Data of Thousands More Stolen in Ransomware Attack

Video game giant Capcom this week revealed that thousands more people than initially believed had their personal information stolen in a ransomware attack in November 2020.Known for video games such as Devil May Cry, Monster Hunter, Resident Evil, Street Fighter, Ace Attorney and Mega Man, the Japanese company has operations in Asia, Europe, and the United S
Publish At:2021-01-14 11:05 | Read:171 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

Official: Number of Victims of Russian Hack Likely to Grow

The number of federal agencies and private companies who learn that they have been affected by a massive Russian hack is expected to grow as the investigation into it continues, the U.S. government’s chief counterintelligence official said Tuesday.The FBI and other agencies last week attributed the intrusions to Russia as part of what officials described as
Publish At:2021-01-13 15:35 | Read:111 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response hack

Tools

Tag Cloud