Featured Technology

Attacks on SolarWinds Servers Also Linked To Chinese Threat Actor

Secureworks links the second threat actor exploiting SolarWinds Orion servers to a Chinese threat actor it calls Spiral. This is the group who exploited CVE-2020-10148 (Orion API authentication bypass) to install the SUPERNOVA web shell on Orion servers throughout late 2020.

CPU, Processor
Featured Technology

New Side-Channel Attack Targets the CPU Ring Bus for the First Time

In a paper published today, a team of academics from the University of Illinois at Urbana-Champaign have published details about a new side-channel attack against the internal architecture of modern CPUs. In a research paper published tonight and titled “Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical,” UIUC researchers looked at a part of modern multi-core CPUs that hasn’t been analyzed before —namely, the ring interconnect.

Featured Government Technology

NSA and CISA promote PDNS concept

The US National Security Agency and the Cybersecurity and Infrastructure Security Agency have published this week a joint advisory urging companies to adopt DNS-based security solutions as part of a concept the agencies are calling Protective DNS (PDNS).

Featured Technology

US Charges Infosec Veteran John McAfee over Cryptocurrency Pump-and-Dump Scheme

The US Department of Justice has indicted today John McAfee, the founder of cybersecurity firm McAfee, on fraud and money laundering charges stemming from schemes that netted the infosec veteran more than $13 million.

Cybercrime Featured Government Leadership People Technology

White House Cybersecurity Adviser Wants a ‘Cleanliness Rating’ for Software Security

Policymakers are considering a number of changes to the nation’s cybersecurity posture as a result of the SolarWinds supply chain attack discovered late last year, including data breach notification laws and greater oversight of the nation’s critical infrastructure. In one of her first public appearances since joining the Biden White House, Deputy National Security Adviser Anne Neuberger floated another idea from an unlikely place: New York City dining establishments…

Featured Leadership People Technology

What It’s Like To Run a Tech Giant’s Security Team Without Ever Setting Foot in the Office

Mark Adams was appointed Adobe’s chief security officer about four months ago after serving in the same role for four years at Blizzard Entertainment. Thanks to the COVID-19 pandemic, his onboarding process has been untraditional, to say the least. For one, he hasn’t had a chance yet to visit the company’s physical offices. Instead, his calendar has looked like an ultramarathon of video conferences—days with a dozen back-to-back meetings during the first month to get to know his team and understand the company’s priorities…

android phone
Cybercrime Featured Technology

Massive FluBot Botnet Infects 60,000 Android Smartphones

In the span of just two months, a new Android malware strain named FluBot has infected more than 60,000 devices, with 97% of the victims located in Spain. First spotted at the start of the year by security firm ThreatFabric (under the name of Cabassous), FluBot’s inner workings were described in a report published today by Swiss security firm PRODAFT…

Featured Nation-state Technology

Microsoft and Fireeye Detail New Malware Used by SolarWinds Hackers

Cybersecurity firms Microsoft and FireEye have published separate reports today detailing new malware strains they have linked to the threat actor that compromised software firm SolarWinds and its customers in a supply chain attack in 2020. Three new malware strains have been discovered in total, per the Microsoft report. The FireEye report details only one malware family…

Featured Technology

Ad-Blocker Company Releases List of 6K Trackers Abusing CNAME Cloaking

Ad-blocker and privacy software maker AdGuard has published today a list of online trackers that abuse the CNAME cloaking technique to bypass browser privacy defenses and track users across the internet. The list, made available on GitHub, is the largest and most comprehensive of its kind, allowing users to deploy defenses against a technique that has been slowly adopted by an increasing number of web analytics companies to track users as they move across the internet…

Cybercrime Featured Technology

Solutions to Detect Ransomware Attacks Can Often Be Very Trivial

A tool released today has network defenders excited about the idea of detecting and preventing ransomware attacks with the help of fake processes and process canaries, showing that solutions to detect and block ransomware attacks don’t necessarily have to be over-complicated and expensive. Named Killed Process Canary, the tool works by creating a group of empty Windows services on a Windows computer that is likely to be targeted during a ransomware attack…