Last week, it became known that the EU imposed sanctions on PJSC “Group Pozitiv” (the parent company of the Positive Technologies group), as part of the 11th package of sanctions against Russia.

The company said that this decision is based on the fact that the company has a license from the Federal Security Service of the Russian Federation and does not affect the Positive Technologies business in any way.

The document related to the new package of sanctions has already been published in the Official Journal of the EU and has entered into force.

It is strange that the Russians are outraged, because let me remind you that we also wrote that the U.S. [...]

Autodesk representatives notified the US Securities and Exchange Commission that they also suffered from large-scale supply chain attack and hack of SolarWinds.

It turned out that one of the company’s servers was infected with Sunburst malware.

We identified a compromised SolarWinds server and took immediate steps to contain and eliminate the threat. While we believe that Autodesk’s customer operations and products were not affected by this attack, other similar attacks could have a significant negative impact on our systems and operations.the company said in a statement.

An Autodesk spokesman told Bleeping Computer that the attackers did not deploy any malware on [...]

Microsoft discovered new attacks by the Nobelium hack group that is responsible for the high-profile SolarWinds hack last year, one of the victims was Microsoft customer support employee.

Let me remind you that the SolarWinds hack has become one of the largest attacks on the supply chain in history. In December 2020, it became known that unknown attackers had attacked the company and infected its Orion platform with malware. Of the 300,000 SolarWinds customers, only 33,000 were using Orion, and at the beginning of the year, it was reported that an infected version of the platform was installed on approximately 18,000 customers, according to official figures.

As a result of [...]

Last week, representatives of the Texas-based company SolarWinds, which in 2020 suffered from a massive attack on the supply chain, filed documents with the US Securities and Exchange Commission.

The statement said that based on new information that emerged during the investigation of the attack (in particular, the DNS traffic logs), it became clear that the incident affected not 18,000 clients, as previously thought, but only about 100.

Let me remind you that the SolarWinds hack has become one of the largest attacks on the supply chain in history. In December 2020, it became known that unknown attackers had attacked the company and infected its Orion platform with malware. Of [...]

The US government has officially accused Russia of attacking SolarWinds and its clients and has imposed sanctions on a number of Russian companies. Joe Biden’s administration claims that the Russian Foreign Intelligence Service and its “government hackers” known as APT 29, Cozy Bear or The Dukes were behind the attack.

According to the authorities, they “used the SolarWinds Orion platform and other IT infrastructures as part of a large-scale cyber-espionage campaign.”

“Compromise of the SolarWinds’ supply chain by Russian Foreign Intelligence Service has enabled them to spy on and potentially disrupt more than 16,000 computer systems [...]

The hackers responsible for the attacks on Solarwinds gained access to Mimecast’s digital certificates, infiltrated the company’s internal network and stole the source codes of the product.

Back in mid-January 2021, representatives of Mimecast warned that an unknown hacker had one of its digital certificates. The attacker then abused it to gain access to some Microsoft 365 customer accounts.

The compromised certificate was used by several of the company’s products (Mimecast Sync and Recover, Continuity Monitor, and IEP) to connect to Microsoft’s infrastructure.

At the same time, it was reported that only 10% of customers used the above products [...]

This week, cybersecurity experts from Microsoft and FireEye published new reports and found three more malware that attacked SolarWinds and its customers.

Last year, it became known that SolarWinds, which develops software for enterprises to help manage their networks, systems and infrastructure, has been compromised. This attack on the supply chain has been attributed to a supposedly Russian-speaking hack group that cybersecurity experts track under the names StellarParticle (CrowdStrike), UNC2452 (FireEye) and Dark Halo (Volexity).

After infiltrating the SolarWinds network, the attackers provided Orion’s centralized monitoring and control platform with a malicious [...]

SolarWinds expenses due to cyber attack in its supply chain amounted to $3.5 million, including incident investigation and remediation costs. It will take the US government from a year to 18 months to fully recover from the SolarWinds hack.

SolarWinds noted additional expenditures after paying for legal, consulting and other professional services related to the December hack. However, according to company representatives, even higher costs are expected in the future.

“We expect an increase in expenses on insurance, finance, compliance with regulatory requirements, as well as compliance with tightening legal and regulatory requirements,” – the company [...]

In January 2021, it became known that the information security company Malwarebytes was the victim of an attack by the same hackers that attacked SolarWinds. At the same time, it was emphasized that Malwarebytes did not use SolarWinds products at all, did not install the version of Orion infected with malware, and the cybercriminals used “another vector of invasion” to gain access to its internal emails.

Now Brandon Wales, acting head of the Department of Homeland Security’s Cybersecurity and Infrastructure Protection Agency (DHS CISA), said that overall, about a third of the companies attacked by these hackers were not directly related to [...]

As expected, the list of companies that have become victims of the SolarWinds attack continues to grow with new names. It turned out that the high-profile attack on the supply chain affected the companies Mimecast, Palo Alto Networks, Qualys and Fidelis Cybersecurity. [dropcap]L[/dropcap]et me remind you that the attack on SolarWinds is attributed to a supposedly Russian-speaking hack group, which information security experts track under the names StellarParticle (CrowdStrike), UNC2452 (FireEye), and Dark Halo (Volexity).

In December 2020, it became known that unknown hackers had attacked SolarWinds and infected its Orion platform with malware.

Of the 300,000 SolarWinds [...]