4 matches found
Threat Source newsletter (April 6, 2023) — Another friendly reminder about supply chain attacks
Welcome to this weeks edition of the Threat Source newsletter. It seems like we cant go a full calendar year without a major supply chain attack. In late 2020 we had the SolarWinds incident which, doesnt that somehow seem like five years ago but also yesterday?, then the REvil ransomware group...
SolarWinds and Market Incentives
In early 2021, IEEE Security and Privacy asked a number of board members for brief perspectives on the SolarWinds incident while it was still breaking news. This was my response. The penetration of government and corporate networks worldwide is the result of inadequate cyberdefenses across the...
DarkHalo after SolarWinds: the Tomiris connection
Background In December 2020, news of the SolarWinds incident took the world by storm. While supply-chain attacks were already a documented attack vector leveraged by a number of APT actors, this specific campaign stood out due to the extreme carefulness of the attackers and the high-profile natur...
Nobelium Phishing Campaign Poses as USAID
The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities. Microsoft Threat Intelligence Center MSTIC...