Showing only posts tagged Mandiant. Show all posts.

Canadian Man Arrested in Snowflake Data Extortions

Source

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: https://www.pomerium.com/blog/the-real-lessons-from-the-snowflake-breach On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of …

The Dark Nexus Between Harm Groups and ‘The Com’

Source

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023. It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in …

Mandiant, the security firm Google bought for $5.4 billion, gets its X account hacked

Source

Enlarge Google-owned security firm Mandiant spent several hours trying to regain control of its account on X (formerly known as Twitter) on Wednesday after an unknown scammer hijacked it and used it to spread a link that attempted to steal cryptocurrency from people who clicked on it. “We are …

CISA Order Highlights Persistent Risk at Network Edge

Source

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances …

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Source

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the …

3CX Breach Was a Double Supply Chain Compromise

Source

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. The lengthy, complex intrusion has all the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised …

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Source

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being …

Microsoft Patch Tuesday, February 2023 Edition

Source

Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that …

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Source

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat …

Hackers are exploiting 0-days more than ever

Source

Enlarge / VPNfilter had a total of nine modular tools discovered thus far by researchers, potentially turning thousands of routers into a versatile attack platform. Previously unknown “ zero-day ” software vulnerabilities are mysterious and intriguing as a concept. But they're even more noteworthy when hackers are spotted actively exploiting the novel …

Indictment, Lawsuits Revive Trump-Alfa Bank Story

Source

In October 2016, media outlets reported that data collected by some of the world’s most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the Trump Organization and Alfa Bank, one of Russia’s largest financial institutions. Those publications set off speculation …

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Source

Last week cybercriminals deployed ransomware to 1,500 organizations, including many that provide IT security and technical support to other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service …