X-Industry

Russian cyberespionage group APT29, responsible for the devastating SolarWinds supply chain attacks in 2020, is back in the news.  In a technical report published by Microsoft, the APT29 cyber-spies have acquired authentication bypass of a new post-exploitation tactic.  Microsoft previously tracked the actors as Nobelium (a), Cozy Bear (b), and the Dukes (C).

Findings Details:  Microsoft wrote in its report that the hackers are targeting corporate networks with a new authentication bypassing tec

Cyber security investigators have reported that replicable attacks and a low barrier to entry will ensure the rate of supply chain attacks increases in 2022.  The supply chain is a consistent attack vector for threat actors today. By compromising a centralized service, platform, or software, attackers can then either conduct widespread infiltration of the customers and clients of the original singular victim or may choose to cherry-pick from the most valuable potential targets.  This can save cy

The Year 2021 was on fraught with numerous cyber attacks and ransomware lead the list.  Here is a look back at the biggest cyber incidents of 2021.  Over the past couple of years, it has become hard to ignore that the digital life we all live in is completely exposed to cybercriminals. Hackers are happy to take almost any opportunity to make money or have fun, from creating free gym memberships for their entire family to hacking into the energy systems of different countries.  Even though the ye

The US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

IT companies are making up the majority of organizations being targeted amid new activity by the group behind last year’s SolarWinds supply-chain attack, with at least one victim coming from Microsoft’s customer support ranks. 

On 25 June 2021, the Microsoft Threat Intelligence Center said it was monitoring new activity from the Nobelium threat actor, which Microsoft is calling the group, with the vendor observing password spray and brute-force attacks, among other potential methods and tactics.

The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.

The guidance released 28 April 2021, "Defending Against Software Supply Chain Attacks," offers recommendations on how to implement the NIST Cyber Supply Chain Risk Management Framework and the Secure Software Development Framework. "This resource provides in-depth re

The FBI and the Cybersecurity and Infrastructure Security Agency are warning of continued cyber threats stemming from Russia's Foreign Intelligence Service, or SVR, which the Biden administration accused of carrying out the SolarWinds supply chain attack.

In a joint alert issued 26 April 2021, the agencies warn that despite economic and other sanctions against Russia announced by the White House on 15 April 2021, attackers associated with the SVR likely will continue to target government network

This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework.  See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques.

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020.  This APT actor has demonstrated

US federal authorities issued a warning on 17 December 2020 that Russian hackers used an expansive variety of malicious cyber tools to penetrate US government systems and said that the cyber offensive was, “a grave risk to the federal government.”  These cyber findings indicate a wider range of hacking, which appears to extend beyond nuclear research laboratories and the US Pentagon, Treasury and Commerce Department systems.  This expansion of cyber capabilities is complicating challenges for US