CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a 'grave risk' to critical infrastructure, government and private sector organizations.

Continue ReadingCISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

Attackers reverse Outlook vulnerability CVE-2017-11774 patch functionality

Researchers at FireEye have spotted an uptick in active exploits of CVE-2017-11774, an Outlook security feature bypass vulnerability. Attackers are also actively reversing Outlook vulnerability patch functionality. To help protect against such exploits, FireEye has provided Outlook hardening guidelines.

Continue ReadingAttackers reverse Outlook vulnerability CVE-2017-11774 patch functionality

TEMP.Periscope cyber espionage group targets Engineering and Maritime Industries

A suspected Chinese-linked cyber espionage campaign dubbed Temp.Periscope has been targeting engineering and maritime industries. FireEye has observed a spike in the campaign activity since early 2018 and has tracked the activity since 2013.

Continue ReadingTEMP.Periscope cyber espionage group targets Engineering and Maritime Industries