Displaying items by tag: Russia

The affiliate of ransomware operator DarkSide, the Windows malware that was used to attack the US Colonial Pipeline Company, appears to have taken on a target that was outside the parameters set down by the operator, judging from a statement made by the operator on its site on the dark web.

In what appears to be a first, a CIA-bankrolled threat intelligence firm has set up a "tech news" outlet to spread its wares.

The head of security firm Kaspersky's Global Research and Analysis Team, Costin Raiu, says in 2019 more than 70 security companies were given samples of malware that was created by the CIA.

A survey by an anonymous security researcher, who goes by the handle Bank Security on Twitter, has found that the US is the top nation when it comes to accessing the main Russian underground communities on the dark web.

The United States has alleged that the Russian security agency known as the Foreign Intelligence Service was responsible for the attack on the supply chain of SolarWinds Orion network management software.

Most people in the infosec industry are adamant that attribution is the most difficult part of the process, but Romanian security firm Bitdefender's Daniel Clayton is an exception. The vice-president of global services and support said this was not really the case.

Nine Entertainment is maintaining a no-official-comment policy on the breach of its Sydney network that came to light on 28 March, but the company appears to have no objection to its staff making the wildest of claims about the incident.

The SolarWinds attack, and all its ramifications, have made news headlines for months. Tim Brown, the company’s CISO and VP of Security spoke exclusively to iTWire to lay out what really happened - and what did not happen.  It is also a sobering call to how software development practices can never be the same again.

It should be somewhat curious to the average individual that all the coverage about the ongoing Microsoft Exchange Server attacks has focused on anything but the entity responsible for these attacks: Microsoft.

CIA-backed threat intelligence firm Recorded Future has issued a document in which it claims that a China-linked group named RedEcho is targeting the Indian power industry. That's the meaning from the headline which is very definitive.

ANALYSIS The assertion by Microsoft President Brad Smith during a 60 Minutes interview with CBS on Sunday that the supply chain attack revealed by security firm FireEye in December was "the largest and most sophisticated attack the world has ever seen" has once again raised the question of the extent to which Microsoft was involved in this attack.

An intrusion campaign which targets monitoring software from the French company CENTREON has been reported to have breached several French institutions between late 2017 and 2020. The systems that were hit were running CentOS, a free version of Red Hat's Enterprise Linux distribution.

UPDATED 11 February: Ex-NSA hacker and former owner of security company Immunity, Dave Aitel, has launched a fresh salvo of tweets against a book published by New York Times cyber security reporter Nicole Perlroth, after securing and reading a copy of the tome which was published on Tuesday US time.

Global cyber security firm Kaspersky has appointed an insider, Chris Connell, as managing director for its Asia-Pacific operations.

Russian security firm Kaspersky says it has found some similarities in the methods used by the SUNBURST malware, that was used in a supply chain attack on a number of US firms disclosed in December, and long-time attacker, the Turla Group.

The kind of silly claims made by Western news media when it comes to cyber security attacks can be gauged from the latest "exclusive" put out by the British news agency Reuters: a claim that the FBI is investigating a postcard sent to security firm FireEye after it began looking closely at an attack on its own infrastructure.

Breached cyber security company FireEye has explicitly said that the alleged Russian group APT29 is not behind the attack on its own infrastructure and a number of other private and public firms, according to the head of security company Dragos.

Neither American cyber security firm FireEye nor software giant Microsoft, the two companies which carried out an investigation into supply chain attacks on many companies through software made by SolarWinds, have attributed the attacks to any country, least of all Russia, in their reports.

New York-based global minerals-based company Minerals Technologies appears to have been attacked by cyber criminals using the Egregor ransomware that runs only on Microsoft's Windows operating system.

Whenever FireEye, the cyber security firm that just had its crown jewels compromised, publishes a report on some activity by malicious attackers, it always issues a judgment on where they come from – with high confidence most of the time.