SolarWinds Hack Potentially Linked to Turla APT
Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon.
Want to know more about this topic or about us? Contact us!
Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon.
Threatpost editors discuss the SolarWinds hack, healthcare ransomware attacks and other threats that will plague enterprises in 2021. The new year started off with a bang, with the SolarWinds hack revealed in late December acting as a jarring reminder to companies and U.S. government departments alike that cybercriminals continue to successfully . . . Read more
Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group – and have been hired by SolarWinds. SolarWinds, which has been embroiled in a recent, widescale hack, has called in two security powerhouses for help: Former director of the . . . Read more
The agency said the malware has already compromised more than 150 organizations and provided insight into its ransomware-as-a-service behavior. The FBI has alerted companies in the private sector to a spate of attacks using the Egregor ransomware. The malware currently is raging a warpath across businesses worldwide and has already . . . Read more
The cyberattack incident is the wireless carrier’s fourth in three years. T-Mobile USA has reported a data breach – its fourth in three years. The wireless carrier disclosed the breach last week via its website, saying that it detected and shut down “malicious, unauthorized access to some information” related to . . . Read more
From attacks on the UVM Health Network that delayed chemotherapy appointments, to ones on public schools that delayed students going back to the classroom, ransomware gangs disrupted organizations to inordinate levels in 2020. Remote learning platforms shut down. Hospital chemotherapy appointments cancelled. Ransomware attacks in 2020 dominated as a top . . . Read more
The nation-state actor is looking to speed up vaccine development efforts in North Korea. The advanced persistent threat (APT) known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found . . . Read more
What are the riskiest links in the virtual healthcare chain? Threatpost readers weigh in as part of an exclusive telemed poll. Healthcare organizations have gone virtual during the COVID-19 pandemic, just like the rest of us – with the use of telehealth services becoming the go-to format for med checks, . . . Read more
The ongoing, growing campaign is “effectively an attack on the United States and its government and other critical institutions,” Microsoft warned. Microsoft has become the latest victim of the ever-widening SolarWinds-driven cyberattack that has impacted rafts of federal agencies and tech targets. Its president, Brad Smith, warned late Thursday to . . . Read more
Sources said the DoE suffered “damage” in the attack, which also likely extends beyond the initially known SolarWinds Orion attack vector. The Energy Department and its National Nuclear Security Administration (NNSA), which is the agency that maintains the U.S. nuclear stockpile, have been compromised as part of the widespread cyberattack . . . Read more