Enlarge (credit: Getty Images) Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including nine US federal agencies. Nobelium—the name […]
Enlarge (credit: Getty Images) The Russian state hackers who orchestrated the SolarWinds supply chain attack last year exploited an iOS zero-day as part of a separate malicious email campaign aimed at stealing Web authentication credentials from Western European governments, according to Google and Microsoft. In a post Google published on Wednesday, researchers Maddie Stone and […]
Enlarge (credit: Getty Images) Microsoft said on Tuesday that hackers operating in China exploited a zero-day vulnerability in a SolarWinds product. According to Microsoft, the hackers were, in all likelihood, targeting software companies and the US Defense industry. SolarWinds disclosed the zero-day on Monday, after receiving notification from Microsoft that it had discovered that a […]
Enlarge (credit: Getty Images ) SolarWinds, the company} at the center of a supply chain attack that compromised nine US agencies and 100 private companies, is scrambling to contain a new security threat: a critical zero-day vulnerability in its Serv-U product line. Ms discovered the exploits and privately reported them to SolarWinds, the latter company […]
Enlarge (credit: Getty Images) The nation-state hackers who orchestrated the SolarWinds supply chain attack compromised a Microsoft worker’s computer and used the access to launch targeted attacks against company customers, Microsoft said in a terse statement published late on a Friday afternoon. The hacking group also compromised three entities using password-spraying and brute-force techniques, which […]
Enlarge / “And people reliably click on these emails? Really?” (credit: Kremlin official photo) The Russian hackers who breached SolarWinds IT management software to compromise a slew of United States government agencies and businesses are back in the limelight. Microsoft said on Thursday that the same “Nobelium” spy group has built out an aggressive phishing […]
Enlarge (credit: Getty Images) The Kremlin-backed hackers who targeted SolarWinds customers in a supply chain attack have been caught conducting a malicious email campaign that delivered malware-laced links to 150 government agencies, research institutions and other organizations in the US and 23 other countries, Microsoft said. The hackers, belonging to Russia’s Foreign Intelligence Service, first […]
Enlarge (credit: Matt Anderson Photography/Getty Images) US officials on Thursday formally blamed Russia for backing one of the worst espionage hacks in recent US history and imposed sanctions designed to mete out punishments for that and other recent actions. In a joint advisory, the National Security Agency, FBI, and Cybersecurity and Information Security Agency said […]
Enlarge / Breaking in the computer. (credit: Getty Images) Email-management provider Mimecast has confirmed that a network intrusion used to spy on its customers was conducted by the same advanced hackers responsible for the SolarWinds supply chain attack. The hackers, which US intelligence agencies have said likely have Russian origins, used a backdoored update for […]
Enlarge (credit: Getty Images) By now, most people know that hackers tied to the Russian government compromised the SolarWinds software build system and used it to push a malicious update to some 18,000 of the company’s customers. On Monday, researchers published evidence that hackers from China also targeted SolarWinds customers in what security analysts have […]