U.S. government officials have blamed Russia for the SolarWinds attack . Moscow has denied involvement.
Many things are taking place:
Hackers Taunt FireEye's Kevin Mandia At Home With Postcard: Report
Hackers attempted to troll FireEye CEO Kevin Mandia with a postcard that called into question the company’s ability to attribute cyberattacks to the Russian government, Reuters reported.
U.S. officials familiar with the postcard are investigating whether it was sent by people associated with a Russian intelligence service due its timing and content, according to Reuters. This suggests Russian intelligence officials had internal knowledge of the massive hack well before it was publicly disclosed in December, Reuters said. FireEye declined to comment to CRN on the Reuters report.
SolarWinds hackers linked to known Russian spying tools, investigators say | Reuters
Investigators at Moscow-based cybersecurity firm Kaspersky said the "backdoor" used to compromise up to 18,000 customers of U.S. software maker SolarWinds closely resembled malware tied to a hacking group known as "Turla," which Estonian authorities have said operates on behalf of Russia's FSB security service.
The findings are the first publicly-available evidence to support assertions by the United States that Russia orchestrated the hack, which compromised a raft of sensitive federal agencies and is among the most ambitious cyber operations ever disclosed.
The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group | WIRED
Finally, both malware specimens used the same mathematical function to determine a random "sleeping time" before the malware communicates back to a command control server in an effort to evade detection. Those times could be as long as two weeks for Sunburst and as long as four weeks for Kazuar, unusually long delays that indicate a similar level of patience and stealth built into the tools.
Together, those three matches in malware functionality likely represent more than a coincidence, says Kaspersky's Raiu. "Any one of these three similarities, if you take it by itself, is not that uncommon," he says. "Two such similarities, that doesn't happen every day. Three is definitely kind of an interesting find."
Were you following this:
Parler hack: Public info from platform archived by 'activist hackers'
The hacker, who goes by @donk_enby on Twitter, said her goal was to preserve every post from Wednesday's Capitol breach before the Parler platform was taken down, like "a bunch of people running into a burning building trying to grab as many things as we can."
* * *
According to the Atlantic Council , Parler is one of the social media platforms popular with conservatives and extremists that was used to plan last week's riots. Others cited include Gab and MeWe.
This Android malware claims to give hackers full control of your smartphone | ZDNet
A new combination of two older types of malware, which provides hackers with access to almost everything a user does on an Android smartphone, is up for sale on underground forums for as little as $29.99 – providing even low-level cyber criminals with the ability to steal sensitive personal data.
The malware gets around being detected as malicious by exploiting Google's Firebase service for apps in order to masquerade as a legitimate app on the device and help it remain embedded and active.
Lockdown Lessons: Why Hackers Hack - The Profile
Security Tips for Protecting your Backup Servers @Carbonite dlvr.it/RqWZSb https://t.co/K8BXPtYS8R
Debunking the top 5 myths about ransomware and SMBs @Carbonite dlvr.it/RqWQ85 https://t.co/lZakUriZKc
. @SADA launches #SaaS Alliance – find out what that means. dlvr.it/RqWF3y https://t.co/C3ZjgN20Wy
. @dandh extends financial terms to help partners during #COVID19 pandemic. dlvr.it/RqWD93 https://t.co/lbz7vk8x6I
Microsoft Says Russian Hackers Viewed Some of Its Source Code - The New York Times
Microsoft said on Thursday that the far-reaching Russian hack of U.S. government agencies and private corporations had gone further into its network than the company previously understood.
"Our investigation into our own environment has found no evidence of access to production services or customer data," the company said in a blog post . "The investigation, which is ongoing, has also found no indications that our systems were used to attack others."
Happening on Twitter
—— Unveiled —— Researchers finally discovered how #SUNBURST backdoor was inserted into the #SolarWinds software.… https://t.co/oSJFQq6ZxJ TheHackersNews (from The Internet) Tue Jan 12 05:41:09 +0000 2021
Pretty cool. SolarWinds hackers put malware on the build systems which would hijack the compile process and quietly… https://t.co/oy9Cvupr4i MalwareTechBlog (from Los Angeles, CA) Mon Jan 11 23:52:44 +0000 2021
Mimecast says a key certificate has been compromised; investigators suspect the work of the SolarWinds hackers. https://t.co/U13aiIxbM2 razhael Tue Jan 12 16:44:29 +0000 2021
No comments:
Post a Comment