Dad On Retire
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms & Conditions
  • Email Whitelisting
  • News
  • Economy
  • Editor’s Pick
  • Investing
  • Stock
No Result
View All Result
  • News
  • Economy
  • Editor’s Pick
  • Investing
  • Stock
No Result
View All Result
Dad On Retire
No Result
View All Result
Home Editor's Pick

SolarWinds hackers have a whole bag of new tricks for mass compromise attacks

by
December 6, 2021
in Editor's Pick
0
0
SHARES
8
VIEWS
Share on FacebookShare on Twitter

Enlarge

Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including nine US federal agencies.

Nobelium—the name Microsoft gave to the intruders—was eventually expelled, but the group never gave up and arguably has only become more brazen and adept at hacking large numbers of targets in a single stroke. The latest reminder of the group’s proficiency comes from security firm Mandiant, which on Monday published research detailing Nobelium’s numerous feats—and a few mistakes—as it continued to breach the networks of some of its highest-value targets.

Abusing trust

One of the things that made Nobelium so formidable was the creativity of its TTPs, hacker lingo for tactics, techniques, and procedures. Rather than breaking into each target one by one, the group hacked into the network of SolarWinds and used the access, and the trust customers had in the company, to push a malicious update to roughly 18,000 of its customers.

Read 15 remaining paragraphs | Comments

Previous Post

iPhones of US diplomats hacked using “0-click” exploits from embattled NSO

Next Post

Microsoft seizes domains used by “highly sophisticated” hackers in China

Next Post

Microsoft seizes domains used by “highly sophisticated” hackers in China

Get the daily email that makes reading the news actually enjoyable. Stay informed and entertained, for free.
Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!
  • Trending
  • Comments
  • Latest

VPN servers seized by Ukrainian authorities weren’t encrypted

July 26, 2021

With help from Google, impersonated Brave.com website pushes malware

July 31, 2021

Prebiotics consumption expands in food and beverage applications – key nutritional benefits drive the ingredient demand

June 11, 2021

With help from Google, impersonated Brave.com website pushes malware

July 31, 2021

Prebiotics consumption expands in food and beverage applications – key nutritional benefits drive the ingredient demand

0

Reply to “Reply to Whitehead” by Desvousges, Mathews and Train: (4) My treatment of the weighted WTP is biased in favor of the DMT (2015) result/conclusion

0

Reply to “Reply to Whitehead” by Desvousges, Mathews and Train: (4) My treatment of the weighted WTP is biased in favor of the DMT (2015) result/conclusion

0

The 40 Weirdest (And Best) Charts We Made In This Long, Strange Year

0

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

Recent News

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

I’m a security reporter and got fooled by a blatant phish

August 11, 2022

Disclaimer: DadOnRetire.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

  • About Us
  • Contact Us
  • Privacy Policy
  • Terms & Conditions
  • Email Whitelisting

Copyright © 2022 DadOnRetire. All Rights Reserved.

No Result
View All Result
  • News
  • Economy
  • Editor’s Pick
  • Investing
  • Stock

Copyright © 2022 DadOnRetire. All Rights Reserved.