Author: DEFENDEDGE

  • CISA and CNMF Analysis of SolarWinds-related Malware

    DEFENDEDGE

    Original release date: April 15, 2021 CISA and the Department of Defense (DoD) Cyber National Mission Force (CNMF) have analyzed additional SolarWinds-related malware variants—referred to as SUNSHUTTLE and SOLARFLARE. One of the analyzed files was identified as a China Chopper webshell server-side component that was observed on a network with an active SUNSHUTTLE infection. The… Read more

  • Attackers Target ProxyLogon Exploit to Install Cryptojacker

    DEFENDEDGE

    Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. Read more

  • Security Bug Allows Attackers to Brick Kubernetes Clusters

    DEFENDEDGE

    The vulnerability is triggered when a cloud container pulls a malicious image from a registry. Read more

  • Ransomware Attack Creates Cheese Shortages in Netherlands

    DEFENDEDGE

    Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw. Read more

  • NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks

    DEFENDEDGE

    Original release date: April 15, 2021 CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on Russian Foreign Intelligence Service (SVR) actors scanning for and exploiting vulnerabilities to compromise U.S. and allied networks, including national security and government-related systems. Specifically, SVR actors are targeting… Read more

  • What’s your Insider Threat?

    DEFENDEDGE

    What’s your insider Threat? What is Cyberwarfare? There is still widespread debate around the true definition of “cyberwarfare.’ Some experts define it as an “extension of policy by actions taken in cyberspace by state actors that constitute a serious threat to another state’s security.” Others in the field believe that cyberwarfare is the “use of… Read more

  • FBI Clears ProxyLogon Web Shells from Hundreds of Orgs

    DEFENDEDGE

    In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand. Read more

  • Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes

    DEFENDEDGE

    Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack. Read more

  • Threat Actors Targeting Cybersecurity Researchers

    DEFENDEDGE

    Original release date: April 14, 2021 Google and Microsoft recently published reports on advanced persistent threat (APT) actors targeting cybersecurity researchers. The APT actors are using fake social media profiles and legitimate-looking websites to lure security researchers into visiting malicious websites to steal information, including exploits and zero-day vulnerabilities. APT groups often use elaborate social… Read more

  • SAP Releases April 2021 Security Updates

    DEFENDEDGE

    Original release date: April 13, 2021 SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for April 2021 and apply the necessary updates.   This product is… Read more