Task Force Seeks to Disrupt Ransomware Payments

Credit to Author: BrianKrebs| Date: Thu, 29 Apr 2021 12:26:09 +0000

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

Read more

CodeCov supply-chain compromise likened to SolarWinds attack

Credit to Author: Malwarebytes Labs| Date: Tue, 20 Apr 2021 20:13:24 +0000

A sophisticated supply-chain attack on CodeCov appears to have given attackers access to “hundreds” of the company’s clients, and their codebases.

Categories: Awareness

Tags:

(Read more…)

The post CodeCov supply-chain compromise likened to SolarWinds attack appeared first on Malwarebytes Labs.

Read more

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Credit to Author: BrianKrebs| Date: Fri, 16 Apr 2021 12:57:19 +0000

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy.

Read more

SolarWinds: What Hit Us Could Hit Others

Credit to Author: BrianKrebs| Date: Tue, 12 Jan 2021 20:50:50 +0000

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company’s software development pipeline could be repurposed against many other major software providers.

Read more

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Credit to Author: BrianKrebs| Date: Wed, 16 Dec 2020 18:37:47 +0000

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.

Read more

SolarWinds Hack Could Affect 18K Customers

Credit to Author: BrianKrebs| Date: Tue, 15 Dec 2020 17:41:37 +0000

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems.

Read more

SolarWinds advanced cyberattack: What happened and what to do now

Credit to Author: Threat Intelligence Team| Date: Mon, 14 Dec 2020 19:45:21 +0000

Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now.

Categories: Threat analysis

Tags:

(Read more…)

The post SolarWinds advanced cyberattack: What happened and what to do now appeared first on Malwarebytes Labs.

Read more

A week in security (December 7 – December 13)

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Dec 2020 16:54:19 +0000

A roundup of cybersecurity news from December 7 – 13, including tax scams, FireEye breach, K12 security, and many other topics.

Categories: A week in security

Tags:

(Read more…)

The post A week in security (December 7 – December 13) appeared first on Malwarebytes Labs.

Read more