Malicious campaign using SolarWinds Orion
One of the largest providers of information security solutions FireEye announced a malicious campaign using infected legitimate SolarWinds Orion software. As a result of the attack on the supply chain, the attackers managed to inject malicious code into the software, after which it was distributed through the official update CORE-2019.4.5220.20574-SolarWinds-Core-v2019.4.5220-Hotfix5.msp, affecting versions from 2019.4 to 2020.2.1 HF1. Software developer SolarWinds has already released an unscheduled update 2020.2.1 HF 2 , which fixes a backdoor in the legitimate Orion product.
A large-scale database for information security researchers announced
Information security companies ReversingLabs and Sophos presented a database for researchers in the field of cybersecurity. The project, called SOREL-20M, contains more than 20 million executable files, half of which are deactivated malware samples. The main goal of the project is to accelerate research in the field of malware detection using machine learning.
Fraud with mobile device emulators revealed
The IBM Security Trusteer team reported a scam in which cybercriminals used about 20 emulators to simulate more than 16,000 mobile phones. With the help of devices, cybercriminals emulated the phones of the owners of compromised accounts to steal money through mobile banks. According to experts, the damage amounts to several million dollars.