#supply-chain-compromise

[ follow ]
#iran-linked-actors #unc1549-nimbus-manticore #twostroke--deeproot #ransomware #data-breach
fromThe Hacker News
1 week ago

Iranian Hackers Use DEEPROOT and TWOSTROKE Malware in Aerospace and Defense Attacks

The infection chains, per Google, involve a combination of phishing campaigns designed to steal credentials or distribute malware and leveraging trusted relationships with third-party suppliers and partners. The second approach signals a particularly clever strategy when striking defense contractors. While these organizations tend to have robust defenses, that may not be the case with third-party partners - a weak link in the supply chain that UNC1549 weaponizes to its advantage by first gaining access to a connected entity in order to infiltrate its main targets.
Miscellaneous
Information security
fromSecurityWeek
2 months ago

Volvo Group Employee Data Stolen in Ransomware Attack

Volvo Group North America notified employees that names and Social Security numbers were exposed after a ransomware attack on supplier Miljödata.
Information security
fromThe Hacker News
2 months ago

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

Threat actors hijacked an abandoned Sogou Zhuyin update server to deliver multiple malware families and conduct espionage against targets across Eastern Asia.
Information security
fromThe Hacker News
3 months ago

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

Murky Panda exploits trusted cloud relationships, internet-facing appliances, and supply-chain weaknesses to gain access and deploy a Golang RAT called CloudedHope.
[ Load more ]