Media coverage - 2021

Media coverage published in 2021

As cloud use grows, agencies must refocus cyber efforts on network detection, response

January 15, 2021

Federal News Network

It’s no surprise to anyone that the recent SolarWinds breach is requiring agencies to rethink their approach to cybersecurity. In many ways, it’s forcing all organizations—public and private sector—to reconsider how they perform network detection and response. Modern attackers, like those who are responsible for the SolarWinds attack, aren’t relying on these former practices of trying to inject malware or get users to click on links.

Text Link

How Bad Actors Are Now Using Vishing

January 20, 2021

Secure World

The FBI has released a private industry notification detailing how cybercriminals have been exploiting network access and escalating network privilege. As remote work has become the norm during the pandemic, many companies have adapted to changing environments and technologies. Due to this, network access and privilege escalation may not be monitored as closely.

Text Link

What could the Biden presidency mean for cybersecurity?

January 21, 2021

Verdict

The Biden administration begins at a time when cyberattacks against the US public and private sector are at an all-time high, meaning those in the cybersecurity community and beyond will be keenly watching to see what changes are brought about by the change of leadership and its strategy for protecting against nation-state attacks.

Text Link

New Malware Discovered in SolarWinds Investigation

January 20, 2021

Security Magazine

The malware, Raindrop is a loader which delivers a payload of Cobalt Strike. Raindrop is very similar to the already documented Teardrop tool, but there are some key differences between the two. Our head of security analytics, Chris Morales, shares that we are now getting into the semantics of minutia of how different malware worked so they can be named and detected with a signature. This is all great after the fact once we already know the attack occurred, however, it did not help when it mattered most.

Text Link

#Inauguration2021: Cyber-Experts React as Joe Biden Set to Become 46th US President

January 20, 2021

InfoSecurity

Experts in the cybersecurity field have commented on the key cybersecurity matters that are likely to play pivotal roles in the Biden/Harris administration over the next four years. Biden therefore has a huge amount of work to do in the cybersecurity area, with attacks at an all-time high against the US public and private sector, says Chris Morales, our head of security analytics.

Text Link

Researchers Find New Form of Malware Used in the SolarWinds Attack

January 20, 2021

Silicon Angle

Detailed Monday by researchers at Symantec, the malware, dubbed “Raindrop,” is a loader designed to deliver a payload of Cobalt Strike. That’s a form of penetration testing software favored by hackers which leaked online in November.

Text Link

SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics

January 19, 2021

Dark Reading

The complex cyberattack campaign against major US government agencies and corporations including Microsoft and FireEye has driven home the reality of how attackers are setting their sights on targets' cloud-based services such as Microsoft 365 and Azure Active Directory to access user credentials — and ultimately the organizations' most valuable and timely information.

Text Link

FBI Warns of Increase in Vishing Attacks

January 19, 2021

Gov Info Security

The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks.

Text Link

Incoming Biden administration looks to shake up US cybersecurity policy

January 19, 2021

The Daily Swig

With cyber-attacks against the US public and private sector at an all-time high, as evidenced by the recent SolarWinds supply chain hack, the incoming Biden administration has a huge amount of work to do in the cybersecurity arena.

Text Link

2020’s biggest AI stories

January 17, 2021

CXO Insight Middle East

Unlike prior decades, the penetration of AI into society and the promise of attainable pragmatic solutions seems likely to sustain AI progress for the foreseeable future. The predictions focus primarily on key learnings from the past year, as well as anticipated trends and areas of clear business necessity.

Text Link

CISA Aware of Several Cyberattacks Against Various Organizations’ Cloud Services

January 14, 2021

Enterprise Security Tech

The Cybersecurity and Infrastructure Security Agency (CISA) announced that it is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors are using phishing and other vectors to exploit poor cyber hygiene practices within a victims’ cloud services configuration.

Text Link

CISA Says Multiple Attacks on Cloud Services Bypassed Multifactor Authentication

January 14, 2021

SC Magazine

The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday said it discovered several recent successful cyberattacks against the cloud services of multiple organizations, offering guidance on how security teams can bolster associated security. CISA said in its report that threat actors have used a variety of tactics and techniques—including phishing, brute force login attempts, and possibly a so-called “pass-the-cookie” attack that bypassed multifactor authentication to exploit cloud security weaknesses.

Text Link

CISA Warns of Surge in Attacks Targeting Cloud Services

January 14, 2021

Gov Info Security

CISA reports in an alert issued Wednesday that attacks targeting cloud services have steadily increased since many organizations switched to a largely remote workforce as a result of the COVID-19 pandemic, with employees using a mix of corporate-owned and personal devices to access these services. Attackers are taking advantage of lax security practices, such as weak passwords and workers accessing data from unsecured laptops.

Text Link

US Government Warns of Cyberattacks Targeting Cloud Services

January 14, 2021

Tech Republic

Organizations with remote workers who use cloud-based services are being warned of several recent successful cyberattacks against those services. Vectra's Tim Wade discusses an organization's ability to quickly zero in on an active risk and then take appropriate action to reduce the impact.

Text Link

CISA: Hackers Bypassed MFA to Access Cloud Service Accounts

January 14, 2021

Security Magazine

In a new alert, the Cybersecurity and Infrastructure Security Agency (CISA) announced that it is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors are using phishing and other vectors to exploit poor cyber hygiene practices within a victims’ cloud services configuration.

Text Link

Google: Attacker ‘Likely’ Had Access to Android Zero-Day Vulnerabilities

January 14, 2021

SC Magazine

Google’s Project Zero on Tuesday introduced a six-part series that offers an analysis of four zero-day vulnerabilities on Windows and Chrome, and known-day Android exploits it found during the team’s extensive research last year.

Text Link

US Issues Warning Over Recent Cyberattacks Targeting Cloud Services

January 14, 2021

Silicon Angle

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency today issued a warning concerning several recent cyberattacks targeting various cloud services.

Text Link

Sunspot Malware Scoured Servers for SolarWinds Builds That it Could Weaponize

January 13, 2021

SC Magazine

Forensic investigators have discovered a novel malware program used in the SolarWinds supply-chain attack – one designed specifically to seek out developers’ builds of the SolarWinds Orion IT management platform and then replace a source file with the Sunburst backdoor.

Text Link

Mimecast certificate compromised by a threat actor

January 13, 2021

Security Magazine

A Mimecast-issued certificate provided to certain customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services has been compromised by a sophisticated threat actor. Oliver Tavakoli, CTO, says that all of the organization’s digital certificates (ones the organization owns and has private keys for) should be destroyed and recreated in this instance.

Text Link

Breadth vs Depth: Attacker behaviour detection

January 13, 2021

Digitalisation World

Any piece of cloud service, software or hardware could represent a way into the system if a new vulnerability is discovered by hackers. Cyber criminals are continually looking for new exploits, producing new strains of malware or tinkering with existing strains just enough to alter their threat profile and evade signature-based detection solutions. Tactics have also evolved at a rapid pace, from the use of social engineering techniques in the initial attack to methods for evading detection once a network is compromised.

Text Link

Hackers Compromise Mimecast Certificate Used to Connect to Microsoft 365

January 12, 2021

Silicon Angle

A security certificate issued by Mimecast Services Ltd. that’s used to authenticate some of the company’s products with Microsoft Corp. 365 Exchange Web Services has been hacked. Oliver Tavakoli, our CTO, shared his thoughts about how attackers can use the private key to perform any actions that the certificate entitles.

Text Link

Researchers See Links Between SolarWinds Sunburst Malware and Russian Turla APT Group

January 12, 2021

SC Magazine

Researchers at Kaspersky said they found code similarities between the Sunburst malware deployed on SolarWinds Orion servers and known versions of Kazuar backdoors linked to the Russian APT group Turla. Oliver Tavakoli, chief technology officer at Vectra, added that these types of findings reinforce the fact that attackers don’t reinvent their attack methodologies and tools from scratch.

Text Link

2020’s Biggest Stories in AI

January 7, 2021

InsideBigData

2020 provided a glimpse of just how much AI is beginning to penetrate everyday life. It seems likely that in the next few years we’ll regularly (and unknowingly) see AI-generated text in our social media feeds, advertisements, and news outlets. The implications of AI being used in the real world raise important questions about the ethical use of AI as well. Christopher Thissen, Ben Wiener, and Sohrob Kazerounian from Vectra share their insights.

Text Link

US intelligence agencies say Russian threat actors are likely behind SolarWinds hack

January 6, 2021

Security Magazine

The National Security Council (NSC) staff released an update regarding its investigative and mitigation efforts of the recent cybersecurity incident involving federal government and private companies. The NSC stood up a task force known as the Cyber Unified Coordination Group (UCG), composed of the FBI, CISA, and ODNI with support from NSA to coordinate the investigation and remediation of this cyber incident.

Text Link

Vectra: What the cybersecurity industry can expect in 2021

January 6, 2021

ITP.net

Oliver Tavakoli, our CTO, looks back to the year that was and shares insights into the year to come for the cybersecurity landscape.

Text Link