Nobelium APT Group: A New Supply Chain Attack where Tech Resellers Are Targeted

Nobelium APT group, the one behind the famous SolarWinds attack and also associated with Russia’s spy agency, seems to reenter the threat landscape scene. This time its targets are tech resellers,…

Global Security Skills Shortage Falls to 2.7 Million Workers

Global Security Skills Shortage Falls to 2.7 Million Workers The global cybersecurity skills shortage has fallen for the second consecutive year, but the size of the workforce is still 65%…

SolarWinds hackers, Nobelium, hit cloud providers and resellers

So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group. The IT security researchers at…

Defending Assets You Don’t Know About Against Cyberattacks

No security defense is perfect, and shadow IT means no company can inventory every single asset that it has. David “moose” Wolpoff, CTO at Randori, discusses strategies for core asset…

BQE Web Suite Billing App Rigged to Inflict Ransomware

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. Threat actors have been…

SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks

The Nobelium group, linked to Russia’s spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers – and it’s working. The SolarWinds attackers –…

Latest Russian espionage activity is broader than SolarWinds-style hacking effort, Microsoft's Tom Burt says

Written by Tim Starks Oct 25, 2021 | CYBERSCOOP An apparent espionage campaign from the same Russian hacking group that breached the U.S. federal contractor SolarWinds in 2020 differed from…

Nominations Sought for Global Cyber Awards

Nominations Sought for Global Cyber Awards The organizers of the Globee Business Awards are seeking nominations for the top performers in the cybersecurity industry.  Star performers are being sought for the 18th…

Russian spies compromised 14 tech providers, aiming to 'piggyback' on customer access, Microsoft says

Written by Jeff Stone Oct 25, 2021 | CYBERSCOOP Suspected Russian spies who exploited a federal contractor to breach nine U.S. government agencies last year have continued targeting technology supply…

What is EDR and why is endpoint security so important?

Cybersecurity leaders have a daunting task and have needed to increase the scope of their security framework and how to effectively protect their organizations. Many frameworks such as ones provided…