Swift new developments have continued to pour out on the SolarWinds breach. Under normal circumstances it is difficult to keep up to date on the news and especially so with a story that continues to grow. Nevertheless, the Threat Lab team at WatchGuard has been keeping an eye out on the latest updates. Beyond the major players such as FireEye, Microsoft, CISA, and SolarWinds, … [Read more...]
FBI Indicates Possible Second Hack By APT29
As news of the recent SolarWinds hack still unfolds, new information about APT29 possibly hacking a second major technology supplier could cause major disruptions. "CISA is investigating other initial access vectors in addition to the SolarWinds Orion supply chain compromise. " the CISA report reads. This statement replaces a previous statement indicating there was another … [Read more...]
UK, Canada and US All Warn of New Attacks on Covid-19 Research
The UK Cyber Security Center (NCSC) and Canada’s Communications Security Establishment (CSE) with the help of the NSA released an advisory today on attacks from APT29 (also known as ‘the Dukes’ or ‘Cozy Bear’), a group with ties to the Russian intelligence services. "APT29 is using custom malware known as ‘WellMess’ and ‘WellMail’ to target a number of organisations … [Read more...]