F5 Confirms Nation-State Breach, Source Code and Vulnerability Data Stolen

F5 has confirmed it was the victim of a state-sponsored cyberattack that allowed hackers to access its internal…...

Backdoor in XZ Utils That Almost Happened

Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention--but it should. There’s an important moral to the story of the attack and its discovery: The...

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

This blog provides an update on the nation-state attack that was detected by the Microsoft Security Team on January 12, 2024. As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process. The Microsoft Threat...

Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know

The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is no...

The final report on NOBELIUM’s unprecedented nation-state attack

This is the final post in a four-part series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. Microsoft’s four-part video series “Decoding NOBELIUM” pul...

Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack

This is the third in a four-part blog series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. Microsoft’s four-part video series “Decoding NOBELIUM” pul...

How nation-state attackers like NOBELIUM are changing cybersecurity

This is the first post in a four-part series on the NOBELIUM nation-state cyberattack. Microsoft started telling the industry about this extremely advanced cyberattack in December 2020. The NOBELIUM blog series—which mirrors Microsoft’s four-part video series “Decoding NOBELIUM”—will pull the...

Malwarebytes Hit by SolarWinds Attackers

Malwarebytes is the latest discovered victim of the SolarWinds hackers, the security company said – except that it wasn’t targeted through the SolarWinds platform. “While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” it...

CVE-2020-8616: NXNSAttack: Recursive DNS Inefficiencies and Vulnerabilities

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...

Guarding against supply chain attacks—Part 3: How software becomes compromised

Do you know all the software your company uses? The software supply chain can be complex and opaque. It’s comprised of software that businesses use to run operations, such as customer relationship management CRM, enterprise resource planning ERP, and project management. It also includes the...

Anthem, Apple and the Pentagon: A Data-Breach Cornucopia

Like pumpkin spice and turning leaves, data breaches have become a theme for the fall. This season is shaping up to be no exception, with Anthem, Apple and, worryingly, the Pentagon all making headlines in the last few days. It is, of course, part of the “new normal” as cyberattackers continue to...

Russian-Speaking Turla Joins APT Elite

SINT MAARTEN—In the waning moments of his 2016 talk at the Security Analyst Summit, Thomas Rid had a drop-the-mic moment when he disclosed there were likely links between the infamous Moonlight Maze cyberespionage operation of the mid- and late-1990s and the modern-day Turla APT. Today during thi...

Stolen Yahoo Data Sold to Spammers, One Government Client

A database of one billion stolen Yahoo accounts has been sold to at least three different buyers for $300,000 each, and the group selling the data and behind the 2013 intrusion—the largest data breach on record—is a criminal operation, not a state-sponsored attack group as Yahoo claims. Andrew...

State-Sponsored SCADA Malware targeting European Energy Companies

Security researchers have discovered a new campaign targeting energy companies in Western Europe with a sophisticated malware that almost goes to great lengths in order to remain undetected while targeting energy companies. Researchers from SentinelOne Labs discovered the malware, which has alrea...