A multinational law enforcement operation has disrupted the Emotet botnet's infrastructure by gaining control of hundreds of servers, Europol reports. Some cybersecurity experts, however, expect the botnet operation to rebound.
A targeted phishing campaign is using a fake Microsoft Office 365 update to steal email credentials from business executives, and the credentials are then being offered for sale in underground forums, security firm Trend Micro reports.
Email security vendor Mimecast confirmed Tuesday that the hackers responsible for the SolarWinds supply chain hack also breached the security firm's network to compromise a digital certificate that encrypts data that moves between some of the firm's products and Microsoft's servers.
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.
The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline, eliminating its ability to use email and conduct business.
When deploying automation in their security operations centers, organizations should start with "small and simple things," advises Nat Smith of Gartner, who also offers tips on retaining skilled SOC analysts.
Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. SonicWall is urging customers to apply temporary fixes to secure VPNs and gateways.
Threat actors behind a distributed denial-of-service campaign targeted the same set of victims again after the organizations refused to pay the initial ransom demand, a new report by security firm Radware finds.
Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned.