Attack, Cloud computing, Security, Compromise, Computer security, Argument to moderation

CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds

On Feb 1, 2021
@SecurityWeek shared
CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds https://t.co/gF10ep8Fyb
Open

CISA says many of the victims of the SolarWinds hackers were targeted through other methods, not the SolarWinds supply chain attack.

www.securityweek.com
On Feb 1, 2021
@SecurityWeek shared
CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds https://t.co/gF10ep8Fyb
Open

CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds

CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds

CISA says many of the victims of the SolarWinds hackers were targeted through other methods, not the SolarWinds supply chain attack.

Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball

Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball

A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack.

A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says

A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says

Microsoft Find Supernova Malware On SolarWinds System, Concluding That A Second Hacker Group May Have Also Breached

CISA Emergency Directive: Pull Plug On SOLARWINDS ORION NOW.

CISA Emergency Directive: Pull Plug On SOLARWINDS ORION NOW.

CISA Emergency Directive: Pull Plug On SOLARWINDS ORION NOW.

Four security vendors disclose SolarWinds-related incidents

Four security vendors disclose SolarWinds-related incidents

Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed this week they were also targeted during the SolarWinds supply chain attack.

More Security Vendors Admit to SolarWinds Attacks

More Security Vendors Admit to SolarWinds Attacks

Scale of the cyber-espionage campaign continues to grow

CISA: SolarWinds Compromise Puts Government and National Infrastructure at “Grave Risk”

CISA: SolarWinds Compromise Puts Government and National Infrastructure at “Grave Risk”

The compromise of the software supply chain of SolarWinds by the nation state adversary, Russia, has placed government and infrastructure at grave risk.

SolarWinds breach highlights dangers of supply chain attacks

SolarWinds breach highlights dangers of supply chain attacks

The SolarWinds Orion hack has demonstrated the dangers of a compromised supply chain, according to infosec experts. Threat actors managed to access highly sensitive data of customers like ...

Microsoft, Energy Department and Others Named as Victims of SolarWinds Attack

Microsoft, Energy Department and Others Named as Victims of SolarWinds Attack

Microsoft, the U.S. Energy Department and many others have been named as victims of the espionage campaign involving the SolarWinds hack.

Microsoft identifies more than 40 organizations targeted in massive cyber breach

Microsoft identifies more than 40 organizations targeted in massive cyber breach

Microsoft has identified more than 40 of its customers around the world that had problematic versions of a third-party IT management program installed and that were specifically targeted by ...

Malwarebytes was breached by the SolarWinds attackers

Malwarebytes was breached by the SolarWinds attackers

Malwarebytes CEO disclosed that the SolarWinds attackers breached the company, but not through the compromised SolarWinds platform.

This Week in Security News - Jan. 22, 2021

This Week in Security News - Jan. 22, 2021

Routers Still Compromised Two Years After VPNFilter’s Discovery and Malwarebytes Says Some of its Emails Were Breached by SolarWinds Hackers

Microsoft Finds Backdoor; CISA Warns of New Attack Vectors

Microsoft Finds Backdoor; CISA Warns of New Attack Vectors

Microsoft says it has removed malware related to an expansive hacking campaign that has ensnared thousands of organizations and U.S. government agencies.

Security firm Malwarebytes was infected by same hackers who hit SolarWinds

Security firm Malwarebytes was infected by same hackers who hit SolarWinds

Group backed by a nation-state rifles through company's email servers.

SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics

SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics

Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs ...

Opinion: Mimecast Attack Fits A Pattern For SolarWinds Threat Actor

Opinion: Mimecast Attack Fits A Pattern For SolarWinds Threat Actor

In fact, early on the firm Volexity described the SolarWinds compromise as a late evolution of a long running campaign of sophisticated intrusions going back years and targeting high-value ...

VMware Flaw a Vector in SolarWinds Breach?

VMware Flaw a Vector in SolarWinds Breach?

According to sources, among those was a flaw in software virtualization platform VMware, which the U.S. National Security Agency (NSA) warned on Dec. 7 was being used by Russian hackers to ...

CISA: SolarWinds Is Not the Only Way Hackers Got Into Networks

CISA: SolarWinds Is Not the Only Way Hackers Got Into Networks

The agency also warned that getting attackers out of networks will be complex—especially because they are monitoring IT and cybersecurity employees’ emails.

CISA: Unplug systems using compromised net monitoring tool

CISA: Unplug systems using compromised net monitoring tool

The Cybersecurity and Infrastructure Security Agency issued an emergency directive in response to a sophisticated cyberattack mandating all federal civilian agencies stop using SolarWinds' ...

US govt, FireEye breached after SolarWinds supply-chain attack

US govt, FireEye breached after SolarWinds supply-chain attack

Trojanized versions of SolarWinds' Orion IT monitoring and management software have been used in a supply chain attack leading to the breach of government and high-profile companies after ...