Dec. 16: The FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign. Pursuant to Presidential Policy Directive (PPD) 41, the FBI, CISA, and ODNI have formed a Cyber Unified Coordination Group (UCG) fbi.gov/news/pressrel/…
RT @Unit42_Intel | In this blog, we will share an overview of its operation and function, tactics and techniques that support the hypothesis of an advanced persistent threat (APT). unit42.paloaltonetworks.com/solarstorm-sup…
RT @Unit42_Intel | "While SolarStorm is capable of utilizing many techniques to accomplish their goal, details on initial access vectors beyond the compromised SolarStorm software have not yet been confirmed." unit42.paloaltonetworks.com/solarstorm-sup…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
According to researchers suspected Chinese hackers used two previously undiscovered software flaws to break into a US-based research organization last month as part of a persistent spying campaign | @CNNcnn.com/2024/01/10/pol…
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN | @Volexityvolexity.com/blog/2024/01/1…
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation | @Mandiantmandiant.com/resources/blog…
Joint Statement by the Cyber Unified Coordination Group (UCG), composed of the FBI, CISA, and ODNI with support from NSA: "This work indicates that an APT actor, likely Russian in origin, is responsible..." cisa.gov/news/2021/01/0…
Report on Russian Cyber Units (Congressional Research Service): beta.documentcloud.org/documents/2044… | Collectively, these units are sometimes referred to as APT (Advanced Persistent Threat) 28, Fancy Bear, Voodoo Bear, Sandworm, and Tsar Team.
Maryland U.S. Attorney’s Office Seizes Two Domain Names Purporting to be Websites of Biotechnology Companies Developing Treatments for Covid-19 #becybersmart | justice.gov/usao-md/pr/mar…
The FBI, HHS-OIG, and CMS have received complaints of scammers using the public’s interest in COVID-19 vaccines to obtain personally identifiable information (PII) and money through various schemes. #becybersmartfbi.gov/news/pressrel/…
RT @FlashpointIntel "As a result of the COVID-19 pandemic and its enormous impact worldwide, demand for malicious and illicit goods, services, and data has reached new peak highs across dark web marketplaces (DWMs)." #BeSafeOutThere | flashpoint-intel.com/blog/dark-web-… /
A Zebra in Gopher’s Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy intezer.com/blog/research/…
On Dec. 7, 2020, the National Security Agency (NSA) published a cybersecurity advisory indicating they observed Russian state-sponsored actors exploiting a VMware command injection vulnerability (CVE-2020-4006) | unit42.paloaltonetworks.com/cve-2020-4006/
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. cisa.gov/news/2020/12/1…
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. | Mitigate SolarWinds Orion Code Compromise (CISA): cyber.dhs.gov/ed/21-01/
FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST | fireeye.com/blog/threat-re…