Top White House cyber official says action taken so far not enough to deter further Russia cyberattacks cbs58.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from cbs58.com Daily Mail and Mail on Sunday newspapers.
Supernova Attack Leveraged SolarWinds, Pulse Secure
DougOlenick) • April 23, 2021
Secureworks says the Bronze Spiral APT group was involved in the attack described by CISA.
An advanced persistent threat group gained long-term access to an unnamed entity s network through its Ivanti Pulse Secure VPN and SolarWinds Orion server and then installed Supernova malware, according to the U.S. Cybersecurity and Infrastructure Security Agency. The threat actor connected to the entity s network via a Pulse Secure virtual private network appliance, moved laterally to its SolarWinds Orion server, installed malware referred to by security researchers as Supernova and collected credentials, CISA says in a Thursday alert.
Welcome to Cyber Security Today. This is the Week In Review edition for Friday April 23rd. From my studio in Toronto, I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
With me is guest analyst Terry Cutler of Montreal’s Cyology Labs. We’re going to take a deep dive into insider threats and what to do about them. But first a look at some of the top news from the past seven days:
A ransomware group called REvil has given Apple a May 1st deadline to buy back product schematics it says were stolen from Apple’s Taiwan manufacturer. As proof of the theft the group started posting what appears to be drawings of a yet-to-be-released laptop. This is a twist on supply chain attacks that ransomware groups are now adopting: Steal data from one company, then pressure that firm’s customers to squeeze the victim company for money. According to one news site, the gang is demanding $50 million to prevent the Apple data from being sold to competitors.
China-linked hackers used VPN flaw to target US defense industry
Written by Reuters -
Cyber coding.
At least two groups of China-linked hackers have spent months using a previously undisclosed vulnerability in American virtual private networking devices to spy on the US defense industry, researchers and the devices’ manufacturer said Tuesday.
Utah-based IT company Ivanti said in a statement the hackers took advantage of the flaw in its Pulse Connect Secure suite to break into the systems of “a very limited number of customers.”
Ivanti said that while mitigations were in place, a fix for the issue would be unavailable until early May.
CISA Orders Agencies to Mitigate Pulse Secure VPN Risks
Compliance Twitter Get Permission
The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability and three other recently patched flaws in Pulse Connect Secure VPN products.
On Tuesday, Ivanti, the parent company of Pulse Secure, and the security firm FireEye warned that at least two nation-state attack groups, including one with links to China, were exploiting the vulnerability to target a range of victims, including U.S. government agencies, critical infrastructure providers and other private sector organizations.