Author: DEFENDEDGE
-
Sunburst’s C2 Secrets Reveal Second-Stage SolarWinds Victims
Examining the backdoor’s DNS communications led researchers to find a government agency and a big U.S. telco that were flagged for further exploitation in the spy campaign. Read more
-
Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies
The ongoing, growing campaign is “effectively an attack on the United States and its government and other critical institutions,” Microsoft warned. Read more
-
Cyberpunk 2077 Headaches Grow: New Spyware Found in Fake Android Download
Threat actors impersonate Google Play store in scam as Sony pulls the game off the PlayStation store due to myriad performance issues. Read more
-
NSA Releases Cybersecurity Advisory on Detecting Abuse of Authentication Mechanisms
Original release date: December 17, 2020 The National Security Agency (NSA) has released a cybersecurity advisory on detecting abuse of authentication mechanisms. This advisory describes tactics, techniques, and procedures used by malicious cyber actors to access protected data in the cloud and provides guidance on defending against and detecting such activity. CISA encourages users and… Read more
-
5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack
A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin. Read more
-
Police Vouch for Hacker Who Guessed Trump’s Twitter Password
No charges for Dutch ethical hacker Victor Gevers who prosecutors say did actually access Trump’s Twitter account by guessing his password, “MAGA2020!” last October. Read more
-
Nuclear Weapons Agency Hacked in Widening Cyberattack – Report
Sources said the DoE suffered “damage” in the attack, which also likely extends beyond the initially known SolarWinds Orion attack vector. Read more
-
AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
Original release date: December 17, 2020<br/><h3>Summary</h3><p class=”tip-intro” style=”font-size: 15px;”><em>This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the <a href=”https://attack.mitre.org/versions/v8/”>ATT&CK for Enterprise version 8</a> for all referenced threat actor tactics and techniques.</em></p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical… Read more
-
The SolarWinds Perfect Storm: Default Password, Access Sales and More
Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack. Read more
-
Easy WP SMTP Security Bug Can Reveal Admin Credentials
A poorly configured file opens users up to site takeover. Read more