FBI says an APT breached a US municipal government via an unpatched Fortinet VPN
The Federal Bureau of Investigation said today that foreign hackers had breached the network of a local US municipal government after exploiting vulnerabilities in an unpatched Fortinet networking appliance.
Belgium government discovers old 2019 hack during Hafnium investigation
Belgian officials said that hackers breached the network of its interior ministry in a security incident that took place in April 2019.
New Iranian threat actor targets Israel with wipers disguised as ransomware
Cyber-security firm SentinelOne said in a report published today that it discovered a new threat actor operating out of Iran and which heavily relied on data-wiping malware to destroy its targets’ IT infrastructure, and then ask for ransoms in an attempt to mask their attacks as ransomware extortions.
FSB NKTsKI: Foreign ‘cyber mercenaries’ breached Russian federal agencies
Foreign hackers have breached and stolen information from Russian federal executive bodies, the Russian government said in a report published last week.
Israel bombed two Hamas cyber targets
Amid the recent flareup in the Israel-Palestine conflict, the Israeli military said it bombed two objectives in the Gaza Strip that housed centers for Hamas cyber operations.
SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019
Corporate keynotes at the annual RSA Conference are generally uneventful PR opportunities for executives and vendors. But the chief executive of SolarWinds on Wednesday gave a candid assessment of the company’s supply chain compromise, apologizing for the way the company initially blamed the incident on an intern and providing new details about the timing of the attack…
EU extends sanctions against Chinese, Russian, and N. Korean hackers for another year
The European Union has extended today the legal framework that allows it to sanction foreign hackers, effectively extending its existing sanctions on Chinese, Russian, and North Korean hackers for another year, until May 18, 2022.
The rebellious origins of cybersecurity’s wittiest, must-read report
The idea that would become the world’s wittiest cybersecurity report was born in the mind of Wade Baker, then a Security Risk Management consultant at a forgotten firm called Cybertrust. It was the mid-aughts, Baker recalls, when he overheard one of the firm’s incident responders talking about patterns he kept uncovering during breach investigations. That’s when it occurred to Baker that the firm’s investigative arm might have access to the exact information he felt was lacking in the cybersecurity industry. Why not use Cybertrust’s incident responders to collect data on the x’s and o’s of cyber intrusions?
SolarWinds says fewer than 100 customers were impacted by supply chain attack
Texas-based software firm SolarWinds downgraded the number of customers impacted by its 2020 supply chain attack from 18,000 to less than 100.
UK and US share more vulnerabilities exploited by Russia’s APT29 hackers
The UK government’s cybersecurity agency has published today an in-depth report detailing techniques used by a group of Russian state hackers known as APT29, Cozy Bear, or the Dukes.