September 18, 2024 at 06:06AM
Russian antimalware company Doctor Web detected and prevented a cyberattack targeting its resources on September 14. The firm disconnected its resources to check for compromise, temporarily suspending its virus databases. Despite the attack, no Dr.Web users were affected. The company had been monitoring the attacker’s movements and has brought its virus databases back online. No information has been shared about the attackers. Similar cyberattacks have targeted other cybersecurity companies in recent months.
Key takeaways from the meeting notes are as follows:
– Doctor Web, a Russian antimalware company, recently experienced a cyberattack targeting its resources on September 14. The company successfully prevented harm to its infrastructure, ensuring no users protected by Dr.Web were affected.
– As a result of the incident, the company disconnected all resources from its network to check for signs of compromise and temporarily suspended its Dr.Web virus databases. However, the databases have since been brought back online.
– Doctor Web has not disclosed information about the perpetrator of the attack, but it is noted that cybersecurity companies can be targeted by various threat actors, including state-sponsored groups, hacktivists, and profit-driven cybercriminals.
– Additionally, other cybersecurity firms, both Russian and Western, have also been targeted in recent months. This includes Kaspersky, which was targeted at least twice by state-sponsored threat actors, and the Russian security firm Avanpost, which was targeted by pro-Ukrainian hackers.
– The meeting notes also mention instances of Western cybersecurity companies, such as Zscaler and Fortinet, being targeted by profit-driven hackers.
– The notes provide further related information on cybersecurity issues, including North Korean hackers hijacking antivirus updates for malware delivery, a nation-state hack of cybersecurity firm FireEye, and a ransomware gang claiming a hack of Dragos via a third party.