5 matches found
French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks
State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard...
New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack
Cybersecurity researchers on Wednesday disclosed a previously undocumented backdoor likely designed and developed by the Nobelium advanced persistent threat APT behind last year's SolarWinds supply chain attack, joining the threat actor's ever-expanding arsenal of hacking tools...
Experts Uncover Several C&C Servers Linked to WellMess Malware
Cybersecurity researchers on Friday unmasked new command-and-control C2 infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that has been spotted actively serving WellMess malware as part of an ongoing attack campaign. More than 30 C2 servers operated by the...
Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a "sophisticated second-stage backdoor," as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat...
Sunburst backdoor – code overlaps with Kazuar
Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named...