The hackers responsible for the SolarWinds supply chain attacks have again been linked to multiple attacks targeting businesses and governments globally. The hacking group is continuing to refine and retool its methods at an incredible speed while targeting cloud solution providers, services and reseller companies.
The intrusions are being actively tracked under two different activity clusters: UNC3004 and UNC2652. Both of these are associated with UNC2452, an uncategorised hacking group, which has been tied to the Russian intelligence service. It has since been discovered that this group is targeting diplomatic entities using phishing emails. Victims are prompted to open HTML attachments that contain malicious JavaScript, which would drop a Cobalt Strike Beacon onto the device.
Andy Norton, European cyber risk officer at Armis commented: “Culture and Frameworks represent our best defence against sophisticated attackers. Not just in stopping the attackers getting in, but in swift detection once they are in and in deploying response techniques to minimise the damage. In an asymmetric warfare space such as cyber it’s not possible to know the enemy, however it is possible to know yourself. And so, understanding what assets you have, where they are  and how critical they are,  is a vital step in risk management, cyber resilience and survivability.”
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

You May Also Like

The FCC propose new rules for data breach reporting

The Federal Communications Commission (FCC) has called for more in-depth requirements for…

Comment on Understanding PCI SSF compliance standards and its benefits by Sonal Patil

The PCI Security Standards Council (PCI SSC) released a new framework known…

10 countries take part in financial cyberattack war game

Reuters has reported exclusively on a simulated war game in which 10…