Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on…

Growing intrusion trends: A perspective on today’s most sophisticated cyberattacks

According to a new CrowdStrike report, the technology, professional services, and hospitality sectors were targeted most often by cyber adversaries. The actors used a variety of novel tactics, demonstrating particular creativity and perseverance in defense-evasion and credential-access TTPs such as the use of Windows Internal tool, Active Directory Explorer, for one-time credential dumping. Notable percentages…

A view of the global threat landscape: Cybercrime and intrusion trends

Established and well-resourced cyber operations will continue to innovate, developing new methods of distributing crimeware and incorporating advanced tactics to infiltrate, disrupt and destroy systems, according to a new report by CrowdStrike. “We’ve already seen cyber adversaries launch massive, destructive attacks that render organizations inoperable for days or weeks. Looking ahead, security teams will be under…

Attackers disrupt business operations through stealthy crypto mining

WannaMine, a Monero-mining worm discovered last October, is increasingly wreaking havoc on corporate computers. Either by slowing down computers or by crashing systems and applications, the crypto mining worm is, according to CrowdStrike researchers, seriously affecting business operations and rendering some companies unable to operate for days and even weeks.