Author Archives: Steve Zurier
Fourth SolarWinds malware strain shows diversity of tactics, need to focus on detection, response
Researchers have found a fourth strain of malware – Raindrop – that was used in the SolarWinds supply chain attack, a loader similar to the Teardrop tool. But while Teardrop was delivered by the original Sunburst backdoor in early July 2020, Raindrop was used just under two weeks later for spreading laterally across the victim’s…
The post Fourth SolarWinds malware strain shows diversity of tactics, need to focus on detection, response appeared first on SC Media.
NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks
NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks.
The post NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks appeared first on SC Media.
CISA says multiple attacks on cloud services bypassed multifactor authentication
Threat actors have used a variety of tactics and techniques—including phishing, brute force login attempts, and possibly a so-called “pass-the-cookie” attack that bypassed multifactor authentication to exploit cloud security weaknesses.
The post CISA says multiple attacks on cloud services bypassed multifactor authentication appeared first on SC Media.
Google: Attacker ‘likely’ had access to Android zero-day vulnerabilities
Google’s Project Zero this week introduced a six-part series that offers an analysis of four zero-day vulnerabilities on Windows and Chrome, and known-day Android exploits it found during the team’s extensive research last year.
The post Google: Attacker ‘likely’ had access to Android zero-day vulnerabilities appeared first on SC Media.
Ubiquiti urges password reset, 2fa after breach
IoT networking device vendor Ubiquiti experienced a breach of a web portal it uses to manage remote devices and as a support portal. The web servers stored information pertaining to user profiles for the account.ui.com portal that Ubiquiti makes available to customers who bought one of its router or webcam products, a ZDNet report said.…
The post Ubiquiti urges password reset, 2fa after breach appeared first on SC Media.
Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group
While researchers may want to invest time and energy towards attributing the latest high-profile attack to a particular adversary, more productive is the ability to see similarities in the underlying techniques employed in the attack were to prior attacks.
The post Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group appeared first on SC Media.
Legal recourse? Nissan balances competitive and security fallout from source code leak
News that source code of Nissan North America tools leaked online because of a misconfigured Git server spurs questions not only about potential cyberattacks by bad actors, but also whether competitors could use the sensitive data against the automobile giant.
The post Legal recourse? Nissan balances competitive and security fallout from source code leak appeared first on SC Media.
Forrester offers six-step governance, risk and compliance program
In a new report on governance, risk and compliance, Forrester advises top security officials that they have to prepare for more regulations around privacy and personal control over data, especially when it comes to handling medical data during the pandemic.
The post Forrester offers six-step governance, risk and compliance program appeared first on SC Media.
Thousands infected by trojan that targets cryptocurrency users on Windows, Mac and Linux
A new remote access trojan (RAT) lures cryptocurrency users to download trojanized apps by promoting the apps in dedicated online forums and on social media.
The post Thousands infected by trojan that targets cryptocurrency users on Windows, Mac and Linux appeared first on SC Media.