How Decryption of Network Traffic Can Improve Security

Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Jeff Costlow, CISO at ExtraHop, explains why this might not be a good thing. Strong…

Top 10 Cybersecurity Best Practices to Combat Ransomware

Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile. If you’re like most IT professionals, the…

SolarWinds hackers, Nobelium, hit cloud providers and resellers

So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group. The IT security researchers at…

SolarWinds hackers, Nobelium, once again strike global IT supply chains, Microsoft warns

Microsoft has warned that Nobelium, the hacking group behind the SolarWinds fiasco, has targeted at least 140 resellers and technology service providers in global IT supply chains. On October 24,…

North Korea targeted cybersecurity researchers using a blend of hacking and espionage

Padlokr –  Padlokr –  North Korea has a long history of hacking targets in the U.S. Chris Price/Flickr, CC BY-ND Paulo Shakarian, Arizona State University North Korean hackers have staged…

Microsoft warns of Nobelium hackers using FoggyWeb backdoor

Microsoft has warned of a new FoggyWeb backdoor being used by Nobelium, the same state-sponsored hacking group believed to be responsible for SolarWinds supply-chain attacks. According to Microsoft, the notorious…

SUNBURST backdoor malware: What it is, how it works, and how to prevent it | Malware spotlight

SUNBURST is a supply chain attack that takes advantage of a backdoor implanted in a supplier to target and compromise organizations indirectly around the globe. Orion, the SolarWinds software that…

Snort demo: Finding SolarWinds Sunburst indicators of compromise

Introduction to SolarWinds and Sunburst The SolarWinds hack is one of the biggest security incidents of recent years. After cyberthreat actors gained access to SolarWinds’ network, they implanted a backdoor…

Memory forensics demo: SolarWinds breach and Sunburst malware

The SolarWinds hack is one of the biggest cybersecurity incidents in recent years. By gaining access to SolarWinds’ network, attackers were able to access the company’s development environment and implant…

Identifying UNC2452-Related Techniques for ATT&CK

Matt MaloneDec 22, 2020 · 4 min read By Matt Malone (MITRE), Jamie Williams (MITRE), Jen Burns (MITRE), and Adam Pennington (MITRE) Last updated 19 April 2021 12:00pm EDT Reporting…