Fortinet
Featured Government Nation-state

FBI says an APT breached a US municipal government via an unpatched Fortinet VPN

The Federal Bureau of Investigation said today that foreign hackers had breached the network of a local US municipal government after exploiting vulnerabilities in an unpatched Fortinet networking appliance.

Belgium
Featured Government Nation-state

Belgium government discovers old 2019 hack during Hafnium investigation

Belgian officials said that hackers breached the network of its interior ministry in a security incident that took place in April 2019.

Iran-mosaic
Featured Nation-state

New Iranian threat actor targets Israel with wipers disguised as ransomware

Cyber-security firm SentinelOne said in a report published today that it discovered a new threat actor operating out of Iran and which heavily relied on data-wiping malware to destroy its targets’ IT infrastructure, and then ask for ransoms in an attempt to mask their attacks as ransomware extortions.

Russia-Kremlin-Moscow-APT
Featured Government Nation-state

FSB NKTsKI: Foreign ‘cyber mercenaries’ breached Russian federal agencies

Foreign hackers have breached and stolen information from Russian federal executive bodies, the Russian government said in a report published last week.

IDF-Hamas-bombing
Featured Government Nation-state

Israel bombed two Hamas cyber targets

Amid the recent flareup in the Israel-Palestine conflict, the Israeli military said it bombed two objectives in the Gaza Strip that housed centers for Hamas cyber operations.

SolarWinds
Featured Leadership Nation-state

SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019

Corporate keynotes at the annual RSA Conference are generally uneventful PR opportunities for executives and vendors. But the chief executive of SolarWinds on Wednesday gave a candid assessment of the company’s supply chain compromise, apologizing for the way the company initially blamed the incident on an intern and providing new details about the timing of the attack…

EU-flag
Featured Government Nation-state

EU extends sanctions against Chinese, Russian, and N. Korean hackers for another year

The European Union has extended today the legal framework that allows it to sanction foreign hackers, effectively extending its existing sanctions on Chinese, Russian, and North Korean hackers for another year, until May 18, 2022.

DBIR
Cybercrime Featured Nation-state

The rebellious origins of cybersecurity’s wittiest, must-read report

The idea that would become the world’s wittiest cybersecurity report was born in the mind of Wade Baker, then a Security Risk Management consultant at a forgotten firm called Cybertrust. It was the mid-aughts, Baker recalls, when he overheard one of the firm’s incident responders talking about patterns he kept uncovering during breach investigations. That’s when it occurred to Baker that the firm’s investigative arm might have access to the exact information he felt was lacking in the cybersecurity industry. Why not use Cybertrust’s incident responders to collect data on the x’s and o’s of cyber intrusions?

SolarWinds
Featured Nation-state Technology

SolarWinds says fewer than 100 customers were impacted by supply chain attack

Texas-based software firm SolarWinds downgraded the number of customers impacted by its 2020 supply chain attack from 18,000 to less than 100.

Russia hacker
Featured Government Nation-state Technology

UK and US share more vulnerabilities exploited by Russia’s APT29 hackers

The UK government’s cybersecurity agency has published today an in-depth report detailing techniques used by a group of Russian state hackers known as APT29, Cozy Bear, or the Dukes.