Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

In December 2020, FireEye uncovered and publicly disclosed a widespread attacker campaign that is being tracked as UNC2452. In some, but not all, of the intrusions associated with this campaign where Mandiant has visibility, the attacker used their access to Read More …

Partial lists of organizations infected with Sunburst malware released online

Multiple security researchers and research teams have published over the weekend lists ranging from 100 to 280 organizations that installed a trojanized version of the SolarWinds Orion platform and had their internal systems infected with the Sunburst malware. The list Read More …

Four years after the Dyn DDoS attack, critical DNS dependencies have only gone up

In 2016, Dyn, a provider of managed DNS servers, was the victim of a massive DDoS attack that crippled the company’s operations and took down domain-name-resolving operations for more than 175,000 websites. While some sites managed to stay up by Read More …

CEOs Will Be Personally Liable for Cyber-Physical Security Incidents by 2024

Digital attack attempts in industrial environments are on the rise. In February 2020, IBM X-Force reported that it had observed a 2,000% increase in the attempts by threat actors to target Industrial Control Systems (ICS) and Operational Technology (OT) assets Read More …

Diving Into End-to-End Deep Learning for Cybersecurity

The application of artificial intelligence (AI) across various industries has undeniably made significant improvements in the digital era. With the capability to interpret and make complex decisions based on data, AI technologies have enabled tasks or processes to function with Read More …

Former Uber CSO charged for 2016 hack cover-up

Uber’s former chief security officer was charged on Thursday for covering up the company’s 2016 security breach, during which hackers stole the personal details of 57 million Uber customers and the details of 600,000 Uber drivers. Prosecutors in Northern California Read More …

Cosmetics giant Avon is recovering from a mysterious cyber-security incident

Avon has filed documents with the US Securities Exchange Commission disclosing the incident on June 9, a day after the company first discovered issues with some of its IT infrastructure. The company said the incident “interrupted some systems and partially affected Read More …

Hackers breached A1 Telekom, Austria’s largest ISP

A1 Telekom, the largest internet service provider in Austria, has admitted to a security breach this week, following a whistleblower’s exposé. The company admitted to suffering a malware infection in November 2019. A1 said its security team detected the malware Read More …

Puerto Rico Government Hit By $2.6M Phishing Scam

A phishing scam has swindled a Puerto Rico government agency out of more than $2.6 million, according to reports. According to reports, the email-based phishing scam hit Puerto Rico’s Industrial Development Company, which is a government-owned corporation aimed at driving economic Read More …