Category Archives: APTs/cyberespionage

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

Some 250 servers were apparently breached by the Lebanese Cedar APT group, an organization with suspected links to the Hezbollah Cyber Unit in Lebanon. The target victims include companies from many countries, including the United States, United Kingdom, Saudi Arabia, Egypt, Jordan, Lebanon, Israel and the Palestinian Authority. Many more companies and organizations have been…

The post Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide appeared first on SC Media.

Continue reading

Posted in APTs/cyberespionage, Cyberespionage, Security News, Threat intelligence, Threat Security Intelligence | Comments Off on Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

Does SolarWinds change the rules in offensive cyber? Experts say no, but offer alternatives

While tempting, most experts agree that hack-back strategies are a bad idea for companies. But there are tactics that can help deter nation-state actors and limit their ability to penetrate networks.

The post Does SolarWinds change the rules in offensive cyber? Experts say no, but offer alternatives appeared first on SC Media.

Continue reading

Posted in APT, APTs/cyberespionage, Cyberespionage, Featured, Security News, Security strategy, SolarWinds hack | Comments Off on Does SolarWinds change the rules in offensive cyber? Experts say no, but offer alternatives

Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs

Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.

The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.

Continue reading

Posted in APT, APTs/cyberespionage, Featured, Network Security, Security News, SolarWinds hack, Threat intelligence | Comments Off on Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs

Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years

The effectiveness of this operation serves as a reminder of the risks of openly sharing and storing plain-text network credentials or sensitive network access instructions on internet-accessible apps or servers.

The post Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years appeared first on SC Media.

Continue reading

Posted in APTs/cyberespionage, Cloud, Cloud Security, Cyberespionage, Featured, Network Security, Security News | Comments Off on Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years

Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group

While researchers may want to invest time and energy towards attributing the latest high-profile attack to a particular adversary, more productive is the ability to see similarities in the underlying techniques employed in the attack were to prior attacks.

The post Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group appeared first on SC Media.

Continue reading

Posted in APT, APTs/cyberespionage, SolarWinds hack, Threat intelligence | Comments Off on Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group