Author: Asad Yaseen

In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management software with a trojanized version of SoalrWinds.Orion.Core.BusinessLayer.dll delivered as part of a digitally-signed Windows Installer Patch. The trojanized file delivers a backdoor, dubbed SUNBURST by FireEye (and Solorigate by Microsoft), that communicates to third-party servers for command and control and malicious file transfer giving the attacker a foothold on the affected system with elevated privileges. From…

Some experts argue that users might actually be the most vital link when it comes to certain types of cyberattacks. Image: iStockphoto/maxkabakov “People often represent the weakest link in the security chain and are chronically responsible for the failure of security systems.” This quote is from the book Secrets and Lies: Digital Security in a Networked World, written by well-known cybersecurity expert Bruce Schneier and first published in 2000.  Some experts, including Ciarán Mc Mahon,…

Russia has officially denied any culpability for a recent cyber-attack that impacted at least six federal agencies in the United States. America’s Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive last week after cyber-criminals trojanized updates to SolarWinds’ Orion IT monitoring and management software to launch a large-scale cyber-attack.  CISA said that the incident poses “unacceptable risk to the security of federal networks” and urged all federal civilian agencies to review their networks for indicators of compromise…

In early December 2020, Anomali Threat Research identified a website engaging in fraudulent dog sales, specifically for German Shepherds. The analysis revealed 17 additional websites also engaging in pet fraud activities for birds and cats, as well as one phone number match for a Facebook page car fraud scheme, and one number for an essential oils scam. The actor(s) behind this campaign are not sophisticated, and aim to receive non-refundable deposits for fraudulent pet sales…

This week, we announced the latest release of MVISION Unified Cloud Edge, which included a number of great data protection enhancements. With working patterns and data workflows dramatically changed in 2020, this release couldn’t be more timely. According to a report by Gartner earlier in 2020, 88% of organizations have encouraged or required employees to work from home. And a report from PwC found that, corporations have termed the remote work effort in 2020, by…

Arlington Capital Partners portfolio company BlueHalo today announced that it has completed the acquisition of Maryland businesses Base2 LLC and Fortego LLC. While both companies are leading providers of complex, mission-critical cyber and Signals Intelligence (SIGINT) solutions, Base2 specializes in the design and development of cyber-solutions in the areas of Computer Network Operations (CNO), SIGINT, and Quick Reaction Capability (QRC). “We reached a point where it was time to consider being part of a larger organization that could help our company grow long term,”…

If you want to improve or expand your current skill set, there are a few options you can focus on. Tom Merritt lists five tech skills to master in the coming year. Looking for an IT job in 2021? Want to make sure you stay up to speed in the job you have? It’s good to know which skills will give you the best chance at landing or keeping that position you want. TechRepublic’s Veronica…

The 5 tech skills should you master in 2021 Length: 2:04 | Dec 21, 2020 If you want to improve or expand your current skill set, there are a few options you can focus on. Tom Merritt lists five tech skills to master in the coming year. Source link