Cyberattacks

rezilion

The Solarwinds Breach Highlights the Need for Desired State Enforcement

The recent Solarwinds hack is the latest headline grabbing zero day to send shockwaves throughout the information security community. It was a sophisticated supply chain attack that incorporated several forensic countermeasures and impacted a number of large government institutions and private companies.

netskope

Applying 3 Practical Lessons from the SolarWinds Breach

It’s been more than a month since the SolarWinds breach first started dominating security headlines, and we’re still learning new details about the attacks and the organizations affected. Even as the discussion quiets down, it’s easy to imagine we’ll still be looking back and analyzing the full effects of these incidents in much the same way we talk about other seminal breaches and security events from the past 20 years.

detectify

DNS Hijacking - Taking Over Top-Level Domains and Subdomains

TL;DR: On January 7, the Detectify security research team found that the .cd top-level domain (TLD) was about to be released for anyone to purchase and claimed it to keep it secure before any bad actors snatched it up. A technical report with full details is available on Detectify Labs. This blog post will discuss the basics of domain takeover.

Top 10 Hacks Of The Past Decade | Solarwinds | WannaCry | Panama Papers | Cambridge Analytica |

Security breaches have become a normal part of our lives over the past decade, but each hack comes with its own complications and ramifications. In this webinar, Teleport Tech Writer Virag Mody will dive deep into the details of the top 10 hacks of the past decade and how they affected the way we approach cybersecurity.
upguard

What is DLL hijacking? The Windows exploit endangering your sensitive data.

A simple DLL file was the catalyst to the most devastating cyberattack against the United States by nation-state hackers. This cinematic breach demonstrates the formidable potency of DLL hijacking and its ability to dismantle entire organizations with a single infected file. DLL hijacking is a method of injecting malicious code into an application by exploiting the way some Windows applications search and load Dynamic Link Libraries (DLL).

cyberint

SolarLeaks

In the aftermath of the notorious SolarWinds breach, occurring in mid-December 2020, a nefarious website was observed on 12 January 2021 and, presumably linked to the threat actors involved in the original supply chain attacks, purports to offer stolen data from four victim companies for sale: Other than the above, no file listings, screenshots or detailed 'proof' have been provided although links to four encrypted archive files, one for each potential victim organization, were uploaded to the popular

alienvault

Why cybersecurity awareness is a team sport

Cybersecurity may be different based on a person's viewpoint. One may want to simply protect and secure their social media accounts from hackers, and that would be the definition of what cybersecurity is to them. On the other hand, a small business owner may want to protect and secure credit card information gathered from their point-of-sale registers and that is what they define as cybersecurity.

cloudpassage

SolarWinds Orion Compromise Vulnerability Mitigation

SolarWinds, an IT software provider, recently announced that it was the victim of a cyberattack that inserted malware (code name SUNBURST) within their Orion Platform software. Following the announcement of the SolarWinds Orion compromise, the Department of Homeland Security released an advisory for mitigating the code compromise.