Security News

The Mimecast certificate compromise reported earlier in January is part of the sprawling SolarWinds supply-chain attack, the security firm has confirmed. Mimecast joins other cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys in being targeted in the attack.

Stack Overflow, the popular Q&A platform for programmers, this week shared technical information on how its systems were breached back in 2019, and it turns out that the hacker often viewed questions posted on Stack Overflow to learn how to conduct various activities on the compromised systems. The security breach was disclosed by Stack Overflow in mid-May 2019, and a few days later it admitted that the incident resulted in the details of some users being exposed.

Developer site Stack Overflow has published details of a breach dating back to May 2019, finding evidence that an intruder in its systems made extensive use of Stack Overflow itself to determine how to make the next move. The report describes the timeline of the attack, which started on April 30th with a probe of the Stack Overflow infrastructure.

The Sophos Rapid Response team has just written up a recent case study of a network attack that involved the account of a sysadmin who had died three months before. The account of the late employee wasn't shut down because various internal services had been configured to use it, presumably because the deceased had been involved in setting up those services in the first place.

A good place to start is to make sure that any major business data lakes follow all security best practices and remain operationally separate from one another. Doing so can limit data exfiltration if unauthorized users gain access due to a security breach.

Cybersecurity companies Mimecast and Qualys have apparently been targeted by the threat actor that breached the systems of IT management solutions provider SolarWinds as part of a sophisticated supply chain attack. Some experts believed at the time that the incident may be related to the SolarWinds breach, and Mimecast on Tuesday confirmed that the theft of the certificate was indeed related to the SolarWinds software compromise and carried out by the same hackers.

The British government has denied being "Complacent" over the Solarwinds hack as a fed-up peer of the realm urged a minister to "Answer the question". Lord True, the government's Cabinet Office spokesman in the House of Lords, described the attack as "a complex and global cyber incident" and said UK.gov was "Working with international partners to fully understand its scale and any UK impact."

A ransomware gang continues to taunt Windows software developer IObit by hacking its forums to display a ransom demand. On January 16th, the IObit forums were hacked as part of an attack to distribute the DeroHE ransomware.

In general terms, a supply chain refers to the network of people and companies involved in the development of a particular product, not dissimilar to a home construction project that relies on a contractor and a web of subcontractors. The most recent case targeting federal agencies involved Russian government hackers who are believed to have sneaked malicious code into popular software that monitors computer networks of businesses and governments.

Former ADT employee Telesforo Aviles took note when there were attractive women at a home he serviced in the Dallas area. Aviles admitted to regularly adding his own email address to customers' ADT Pulse accounts so he could watch customers in real time without them knowing.