APT annual review 2021
In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews here, here and here....
Tagged: supply-chain attack
Advanced threat predictions for 2022
Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict...
APT trends report Q3 2021
For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research...
IT threat evolution Q2 2021
Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous “DLL side-loading triad”: a legitimate executable,...
SolarWinds Zero-Day Vulnerability Under Active Attack
SolarWinds has been notified by Microsoft of a critical zero-day vulnerability in its Serv-U product line. The research found a limited number of impacted customers. Organizations are suggested to follow the recommendations provided by security...
REvil ransomware attack against MSPs and its clients around the world
An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims have reportedly been compromised through a popular MSP...
Gelsemium Group Linked to NoxPlayer Supply-Chain Attack
Experts took the wraps off of activities of Gelsemium APT, which uses state-of-the-art supply chain attack techniques against targets, including electronics manufacturers, in East Asia and the Middle East. Its attack strategy indicates that...
Codecov Supply Chain Attack Still Haunts Organizations
Does the CodeCov supply chain attack has echoes of SolarWinds? More victims surface with time in yet another months-long ripple effect of a supply chain attack. Users of Codecov are suggested to perform a...
Russian Hackers Actively Targeting the U.S. and Other Organizations
The FBI, the DHS, and the CISA warned of coordinated attacks, in a joint alert, by the Russian Foreign Intelligence Service, aka APT29, against U.S. and foreign organizations. click here to read full Article...
In Yet Another Supply Chain Attack, PHP's Git Server Gets Compromised
To compromise the PHP codebase, two malicious commits were pushed to a Git repository maintained by the PHP development team. click here to read full Article Read more on computer hacking news
This Financially-Motivated Actor has Targeted Countless Industrial Organizations
Security analysts uncovered an attack campaign targeting oil and gas supply chain industries in Europe, the Middle East, Asia Pacific, and North America using spearphishing techniques. click here to read full Article Read more...
There is Still More to SolarWinds Attack
Microsoft and FireEye uncover three more malware strains associated with the suspected Russian perpetrators who breached the SolarWinds software between August and September 2020. click here to read full Article Read more on Malware...
New SignSight Supply-Chain Attack Targeted Certification Authority in Southeast Asia Twice | Cyware Hacker News
The attackers created adjustments to software installers out there for download from a Vietnam authorities internet site. In addition, they extra a backdoor to focus on people of a genuine software. Picture and Write-up...
How we protect our users against the Sunburst backdoor
What transpired SolarWinds, a properly-identified IT managed companies supplier, has just lately turn into a sufferer of a cyberattack. Their solution Orion System, a resolution for monitoring and taking care of their clients’ IT...
Hackers Hide Malware in RubyGems Packages | Cyware Hacker News
Actors are employing malicious RubyGems offers in a source chain assault to steal cryptocurrency from potential victims. This kind of attempts by cyber adversaries sign increasing threats from various program elements. Graphic and Post...
Sunburst: connecting the dots in the DNS requests
On December 13, 2020 FireEye published important details of a newly discovered supply chain attack. An unknown attacker, referred to as UNC2452 or DarkHalo planted a backdoor in the SolarWinds Orion IT software. This...
