SEARCH
Archive
Software Supply Chain Security Takes Center Stage in Washington
The Biden administration issued new guidance on software supply chain security for federal agencies, which includes requirements for self-attestations and SBOMs.
Russian APT Targets Microsoft 365 Features to Muddle Detection
APT29, the threat actor linked to the SolarWinds hack, is abusing various Azure features in recent attacks against organizations that influence the foreign policy of NATO countries.
Cloud Service Provider Compromises Use CeeLoader Malware
Researchers have linked a malware loader, called CeeLoader, to the threat group behind the SolarWinds supply-chain attack.
Microsoft Warns of Ongoing Nobelium Supply Chain Attacks
Microsoft said that the threat group has used phishing and password-spraying attacks to compromise at least 14 IT service providers this year.
Nobelium Deploying FoggyWeb Backdoor in Targeted Attacks
The Nobelium attackers, who are responsible for the SolarWinds intrusion, have been deploying a new backdoor called FoggyWeb in targeted attacks.