Dec. 16: The FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign. Pursuant to Presidential Policy Directive (PPD) 41, the FBI, CISA, and ODNI have formed a Cyber Unified Coordination Group (UCG) fbi.gov/news/pressrel/… Image
RT @Unit42_Intel | In this blog, we will share an overview of its operation and function, tactics and techniques that support the hypothesis of an advanced persistent threat (APT). unit42.paloaltonetworks.com/solarstorm-sup…
RT @Unit42_Intel | "While SolarStorm is capable of utilizing many techniques to accomplish their goal, details on initial access vectors beyond the compromised SolarStorm software have not yet been confirmed." unit42.paloaltonetworks.com/solarstorm-sup…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 780th Military Intelligence Brigade (Cyber)

780th Military Intelligence Brigade (Cyber) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @780thC

Jan 11
According to researchers suspected Chinese hackers used two previously undiscovered software flaws to break into a US-based research organization last month as part of a persistent spying campaign | @CNNcnn.com/2024/01/10/pol…
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN | @Volexityvolexity.com/blog/2024/01/1…
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation | @Mandiantmandiant.com/resources/blog…
Read 4 tweets
Jan 6, 2021
Joint Statement by the Cyber Unified Coordination Group (UCG), composed of the FBI, CISA, and ODNI with support from NSA: "This work indicates that an APT actor, likely Russian in origin, is responsible..." cisa.gov/news/2021/01/0…
Report on Russian Cyber Units (Congressional Research Service): beta.documentcloud.org/documents/2044… | Collectively, these units are sometimes referred to as APT (Advanced Persistent Threat) 28, Fancy Bear, Voodoo Bear, Sandworm, and Tsar Team.
New Findings From Our Investigation of SUNBURST (SolarWinds): orangematter.solarwinds.com/2021/01/11/new…
Read 5 tweets
Dec 22, 2020
Maryland U.S. Attorney’s Office Seizes Two Domain Names Purporting to be Websites of Biotechnology Companies Developing Treatments for Covid-19 #becybersmart | justice.gov/usao-md/pr/mar…
The FBI, HHS-OIG, and CMS have received complaints of scammers using the public’s interest in COVID-19 vaccines to obtain personally identifiable information (PII) and money through various schemes. #becybersmart fbi.gov/news/pressrel/…
RT @FlashpointIntel "As a result of the COVID-19 pandemic and its enormous impact worldwide, demand for malicious and illicit goods, services, and data has reached new peak highs across dark web marketplaces (DWMs)." #BeSafeOutThere | flashpoint-intel.com/blog/dark-web-… /
Read 4 tweets
Dec 15, 2020
RT @arstechnica | SolarWinds hackers have a clever way to bypass multi-factor authentication arstechnica.com/information-te…
Thought I'd list a series of reports from various cybersecurity companies in the hope it will assist...
Dark Halo Leverages SolarWinds Compromise to Breach Organizations volexity.com/blog/2020/12/1… #volexity via @Volexity
Read 10 tweets
Dec 14, 2020
Did you know... "The Embassy of Russia in the USA" has a Facebook and Twitter account? facebook.com/RusEmbUSA/post… and .
A Zebra in Gopher’s Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy intezer.com/blog/research/…
On Dec. 7, 2020, the National Security Agency (NSA) published a cybersecurity advisory indicating they observed Russian state-sponsored actors exploiting a VMware command injection vulnerability (CVE-2020-4006) | unit42.paloaltonetworks.com/cve-2020-4006/
Read 6 tweets
Dec 14, 2020
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. cisa.gov/news/2020/12/1…
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. | Mitigate SolarWinds Orion Code Compromise (CISA): cyber.dhs.gov/ed/21-01/
FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST | fireeye.com/blog/threat-re…
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(