1Password Detects Suspicious Activity Following Okta Support Breach
1password detected suspicious activity following the Okta support system breach. After investigation, they determined no user data was accessed.
Sony Investigating After Hackers Offer to Sell Stolen Data
Sony has launched an investigation after a ransomware group claimed to have compromised all systems and offered to sell stolen data.
Inside the subsea cable firm secretly helping American take on China
SubCom is laying deepwater internet cables to boost U.S. economic and military might, including a secret mission to a remote island naval base, Reuters found.
Summary of the Investigation Related to CVE-2023-0669
We’d like to provide an update on our investigation into the suspicious activity detected in our Fortra GoAnywhere MFT solution. Working with Unit 42, we have completed our investigation and have compiled a factual summary of the investigation, as well as continuous improvement actions Fortra is taking to further strengthen our systems and recommended actions customers can take to secure their data and improve their security posture using available features in the GoAnywhere MFT solution.
Meet the FSB contractor: 0Day Technologies
An investigation into the FSB’s digital surveillance and disinformation contractor
Investigating Intrusions From Intriguing Exploits
On 02 February 2023, an alert triggered in a Huntress-protected environment. At first glance, the alert itself was fairly generic - a combination of certutil using the urlcache flag to retrieve a remote resource and follow-on scheduled task creation - but further analysis revealed a more interesting set of circumstances. By investigating the event in question and pursuing root cause analysis (RCA), Huntress was able to link this intrusion to a recently-announced vulnerability as well as to a long-running post-exploitation framework linked to prominent ransomware groups.
Meet the FSB contractor: 0Day Technologies
An investigation into the FSB’s digital surveillance and disinformation contractor
Investigating Intrusions From Intriguing Exploits
On 02 February 2023, an alert triggered in a Huntress-protected environment. At first glance, the alert itself was fairly generic - a combination of certutil using the urlcache flag to retrieve a remote resource and follow-on scheduled task creation - but further analysis revealed a more interesting set of circumstances. By investigating the event in question and pursuing root cause analysis (RCA), Huntress was able to link this intrusion to a recently-announced vulnerability as well as to a long-running post-exploitation framework linked to prominent ransomware groups.