many parts make the whole
The Salt Typhoon saga continues to unfold, the latest victims confirmed to have been compromised are Charter and Windstream. AT&T, Verizon, and Lumen are also confirmed to be impacted at this time. The attack has been attributed to Chinese state-sponsored threat actors that obtained text messages, voicemails, phone calls and wiretap information of active U.S … Read More “Charter and Windstream ADDED TO LIST OF TELCO PROVIDERS COMPROMISED BY Salt Typhoon” »
A Chinese state-sponsored espionage campaign being dubbed Salt Typhoon now includes nine U.S telecommunication firms. The Chinese government has denied responsibility for the attack which has compromised communications of senior U.S government officials. The full scope of the attack may never be known as the sophisticated attackers took steps to erase evidence of their presence. … Read More “NINTH TELECOM COMPANY ADDED TO LIST OF Salt Typhoon TARGETS” »
Frontier Communications was forced to shut down some of their IT systems following a cyberattack to prevent threat actors from laterally moving through their network. Attackers did have access to PII data but it is not clear if that data was related to employees or clients. The company is saying the attack did not disrupt … Read More “FRONTIER COMMUNICATIONS SHUTS DOWN SERVICES DUE TO CYBERATTACK” »
Tom Forbes recently published an interesting article detailing how a strange pull request on his pypi-data project led him to discover a publicly available release file that contained a hard coded AWS access key and an AWS secret key. This key was still active and allowed Tom access to an AWS bucket containing clinical data … Read More “InfoSys LEAKS FullAdminAccess AWS KEYS ON PyPi FOR OVER A YEAR” »
Compromised updates for Solarwinds Orion are making headlines for containing malware. The updates available from March through May of this year appear to have contained a very elusive and adaptable trojan that FireEye has dubbed the SUNBURST Backdoor. FireEye has published a great write-up on the attack here along with Indications of Compromise. Please be sure to read through … Read More “SOLARWINDS ORION AND THE SUNBURST BACKDOOR” »
One of the most popular VPN provides, NordVPN has been in the news recently for being hacked. According to NordVPN no user data was compromised and the bad actor never had access to any user traffic. A bad actor was able to acquire a TLS key for a single server in Finland. NordVPN is downplaying … Read More “NordVPN COMPROMISE” »
Norsk Hydro, (one of the world’s largest aluminum producers), has suffered a loss of profits due to a recent cyber attack. Additionally large US cities are struggling with ransomware. Baltimore and Atlanta have both fallen victim recently and they are not alone. These attacks were noteworthy in that they did not target the people but … Read More “NORSK HYDRO AND US CITIES AFFECTED BY RANSOMWARE” »