Cyberattacks

upguard

What is DLL hijacking? The Windows exploit endangering your sensitive data.

A simple DLL file was the catalyst to the most devastating cyberattack against the United States by nation-state hackers. This cinematic breach demonstrates the formidable potency of DLL hijacking and its ability to dismantle entire organizations with a single infected file. DLL hijacking is a method of injecting malicious code into an application by exploiting the way some Windows applications search and load Dynamic Link Libraries (DLL).

cyberint

SolarLeaks

In the aftermath of the notorious SolarWinds breach, occurring in mid-December 2020, a nefarious website was observed on 12 January 2021 and, presumably linked to the threat actors involved in the original supply chain attacks, purports to offer stolen data from four victim companies for sale: Other than the above, no file listings, screenshots or detailed 'proof' have been provided although links to four encrypted archive files, one for each potential victim organization, were uploaded to the popular

alienvault

Why cybersecurity awareness is a team sport

Cybersecurity may be different based on a person's viewpoint. One may want to simply protect and secure their social media accounts from hackers, and that would be the definition of what cybersecurity is to them. On the other hand, a small business owner may want to protect and secure credit card information gathered from their point-of-sale registers and that is what they define as cybersecurity.

cloudpassage

SolarWinds Orion Compromise Vulnerability Mitigation

SolarWinds, an IT software provider, recently announced that it was the victim of a cyberattack that inserted malware (code name SUNBURST) within their Orion Platform software. Following the announcement of the SolarWinds Orion compromise, the Department of Homeland Security released an advisory for mitigating the code compromise.

Featured Post

4 Most Common Types of Cybersecurity Threats

There's every indication that the pandemic is changing the nature of cybersecurity. Online threats are evolving to match our new remote-work paradigm, with 91% of businesses reporting an increase in cyberattacks during the coronavirus outbreak. Hackers are getting more and more sophisticated and targeted in their attacks. Many of these cyber threats have been around for a while, but they are becoming harder for the average user to detect. Beware of these four common types of cyber threats - and learn what you can do to prevent them.

alienvault

Why are cybercriminals suddenly targeting maritime infrastructure?

If you were asked to list out the top problems society has been facing in 2020, cyberattacks on the maritime industry might not be an obvious issue that would come to mind. But the industry has seen a worrying trend in recent months, as a spike in cyberattacks that has left some of the biggest companies in the industry exposed. Specifically, both the fourth largest global shopping company and the International Maritime Organization (IMO) have been targeted in these attacks.

upguard

What is a supply chain attack (and how to prevent it)

In December 2020, the U.S government announced that it fell victim to what is believed to be the largest security breach in the nation's history. The breach occurred through an innocuous IT update from the Government's network monitoring vendor, SolarWinds. This monumental breach exposes a novel and powerful method of clandestinely penetrating even the most sophisticated security defenses through third-party vendors - supply chain attacks.

redscan

Redscan Threat Intelligence update: SolarWinds Sunburst Q&A

The threat actor then gained a back door into the company’s Orion network management platform – used by over 300,000 organisations worldwide. Given the seriousness of the attack, its potential to affect customers across the SolarWinds supply chain and reports of espionage by nation state attackers, this is a story that is likely to have ongoing repercussions for organisations in 2021.

splunk

Detecting Supernova Malware: SolarWinds Continued

TL;DR: Supernova exposes SolarWinds Orion to attack via an in-memory web shell. It needs to be patched and detections below can help identify adversary actions. As organizations were catching their breath and winding down for the holidays, a fascinating twist in the SolarWinds Orion “Sunburst” intrusions began to appear.