Colonial Pipeline attack expected to trigger imminent hardening of cybersecurity rules for federal agencies
Colonial Pipeline’s ransomware attack caused the White House to possibly refine a planned Executive Order on cybersecurity.
SUPERNOVA malware discovered on SolarWinds Orion server
During an incident response investigation CISA found SUPERNOVA malware hidden on a server running SolarWinds Orion.
CodeCov supply-chain compromise likened to SolarWinds attack
A sophisticated supply-chain attack on CodeCov appears to have given attackers access to “hundreds” of the company’s clients, and their codebases.
Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities
US intelligence and law enforcement agencies have issued a joint advisory listing 5 specific vulnerabilities being used by the SVR against the US and its allies.
A week in security (March 29 – April 4)
A roundup of the previous week’s security news, from March 29 to April 4.
Report goes “behind enemy lines” to reveal SilverFish cyber-espionage group
PRODAFT researchers have uncovered a sophisticated cyber-espionage group with links to SolarWinds and EvilCorps.
A week in security (March 1 – 7)
A roundup of cybersecurity news from March 1 – 7, including Ryuk going worm, Exchange servers under attack, stolen VPN data, and more.
Update now! Chrome patches zero-day that was exploited in the wild
The successfully exploited vulnerability is suspected of being used in targeted attacks against security researchers.
A week in security (January 18 – January 24)
An action-packed week on Malwarebytes Labs with ZeroLogon, DNSPooq, WhatsApp privacy, Tiktok settings, Zoom watermarking, and more.
A week in security (December 21- December 27)
A roundup of cybersecurity news from December 21 – 27, including SolarWinds, international cybersecurity, Emotet, and free online games.
