TOP-3 cybersecurity events of the week according to Jet CSIRT

The top three information security news of this week include a malicious campaign using legitimate software from SolarWinds, the announcement of a large database for information security research, and the disclosure of fraud using mobile phone emulators. Read more under the cut.

Malicious campaign using SolarWinds Orion

One of the largest providers of information security solutions FireEye reported about a malicious campaign using the infected legitimate SolarWinds Orion software. As a result of the attack on the supply chain, the attackers managed to inject malicious code into the software, after which it was distributed through the official update CORE-2019.4.5220.20574-SolarWinds-Core-v2019.4.5220-Hotfix5.msp, affecting versions from 2019.4 to 2020.2.1 HF1. SolarWinds software developer has already released unscheduled update 2020.2.1 HF 2which fixes a backdoor in a legitimate Orion product.

A large-scale database for information security researchers announced

Information security companies ReversingLabs and Sophos presented a database for cybersecurity researchers. The project, called SOREL-20M, contains over 20 million executable files, half of which are deactivated malware samples. The main goal of the project is to accelerate research in the field of malware detection using machine learning.

Fraud with mobile device emulators revealed

IBM Security Trusteer Team reported about a fraud, during which cybercriminals used about 20 emulators to simulate more than 16 thousand mobile phones. With the help of devices, cybercriminals emulated the phones of holders of compromised accounts to steal money through mobile banks. According to experts, the damage amounts to several million dollars.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *