Get Permission
A new zero-day vulnerability in Ivanti s Pulse Connect Secure products is being combined with recently patched flaws to attack U.S. federal agencies.
The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that U.S. federal agencies and other entities have been compromised by two attack groups. Their primary goals are maintaining long-term access to networks, collecting credentials, and stealing proprietary data, says Charles Carmakal, senior vice president and CTO with FireEye Mandiant. We believe that multiple cyberespionage groups are using these exploits and tools, and there are some similarities between portions of this activity and a Chinese actor we call APT5.
White House Stands Down SolarWinds, Exchange Response Groups Twitter
Deputy National Security Adviser Anne Neuberger (Source: C-SPAN)
The White House announced Monday that it is standing down two Unified Coordination Groups that were created to coordinate the federal response to the SolarWinds supply chain attack and attacks on vulnerable on-premises Microsoft Exchange email servers.
Anne Neuberger, the deputy national security adviser for cyber and emerging technology who s overseeing the Biden administration s response to the attacks, says the two groups work can be scaled back because of increases in patching and other mitigation by federal agencies and companies. Due to the vastly increased patching and reduction in victims, we are standing down the current [Unified Coordination Group] surge efforts and will be handling further responses through standard incident management procedures, Neuberger says.
White House Stands Down SolarWinds, Exchange Response Groups bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Post to cybercrime forum describes Clubhouse user data being offered for sale
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
That s a takeaway experts offer after large tranches of data recently became available for sale or for free. The data allegedly was obtained from three social networks: Clubhouse, LinkedIn and Facebook. Scammers can use such data to target individuals via social engineering attacks, and phishers can use it to craft lures, among other potential threats.
Former DHS Leader Shares Details on SolarWinds Attack Twitter
Chad Wolf is the former acting secretary for the Department of Homeland Security.
Chad Wolf, the former acting secretary for the Department of Homeland Security, has confirmed the accuracy of an earlier news report saying that the SolarWinds supply chain attackers gained access to his unclassified DHS email accounts, which included calendar details.
Speaking Monday at a Heritage Foundation virtual event, Wolf said that when he was told about the SolarWinds breach by DHS and the Cybersecurity and Infrastructure Security Agency, he began to realize the scale of what had happened and the breadth of the attack.