Global food supply chain at risk from malicious hackers

Modern “smart” farm machinery is vulnerable to malicious hackers, leaving global supply chains exposed to risk, experts are warning. It is feared hackers could exploit flaws in agricultural hardware used to plant and harvest crops. Agricultural manufacturing giant John Deere Read More …

CISA: Protecting Against Cyber Threats to Managed Service Providers and their Customers

The cybersecurity authorities of the United Kingdom (NCSC-UK), Australia (ACSC), Canada (CCCS), New Zealand (NCSC-NZ), and the United States (CISA), (NSA), (FBI) are aware of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) Read More …

Assembling the Russian Nesting Doll: UNC2452 Merged into APT29

Mandiant has gathered sufficient evidence to assess that the activity tracked as UNC2452, the group name used to track the SolarWinds compromise in December 2020, is attributable to APT29. This conclusion matches attribution statements previously made by the U.S. Government Read More …

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

From at least January 2020, through February 2022, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA) have observed regular targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors. Read More …

Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems

Given this technology’s ubiquity, Trend Micro researchers decided to investigate further and discovered multiple security vulnerabilities, resulting in 13 new CVE IDs for the six most common DDS implementations. This includes one vulnerability in the standard specifications and other deployment Read More …

A New Web Skimmer Campaign Targets Real Estate Websites Through Attacking Cloud Video Distribution Supply Chain

Supply chain networks are frequent targets for cybercrime, as controlling a weak link in the supply chain can grant cybercriminals access to more victims – especially when the weak link is the source of the supply chain. Recently, we found Read More …

Espionage Campaign Targets Telecoms Organizations across Middle East and Asia

Attackers most likely linked to Iran have attacked a string of telecoms operators in the Middle East and Asia over the past six months, in addition to a number of IT services organizations and a utility company. Organizations in Israel, Read More …

Suspected Russian Activity Targeting Government and Business Entities Around the Globe

As the one-year anniversary of the discovery of the SolarWinds supply chain compromise passes, Mandiant remains committed to tracking one of the toughest actors we have encountered. These suspected Russian actors practice top-notch operational security and advanced tradecraft. However, they Read More …