SolarLeaks site claims to sell data stolen in SolarWinds attacks

A website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack. Last month, it was disclosed that network management company SolarWinds suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers. According to a joint statement issued by the FBI, … Continue reading SolarLeaks site claims to sell data stolen in SolarWinds attacks

Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments

CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques, including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices. In response, CISA has released Analysis Report AR21-013A: Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services … Continue reading Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments

Mimecast discloses Microsoft 365 SSL certificate compromise

Email security company Mimecast has disclosed today that a "sophisticated threat actor" compromised one of the certificates the company issues for customers to securely connect Microsoft 365 Exchange to their services. Mimecast discovered that the certificate was compromised after recently receiving a notification from Microsoft. "Microsoft recently informed us that a Mimecast-issued certificate provided to … Continue reading Mimecast discloses Microsoft 365 SSL certificate compromise

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise … Continue reading Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The vulnerability received a CVSS score of 7.8, it could be exploited … Continue reading Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack