AP Sources: SolarWinds Hack Got Emails of Top DHS Officials
The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is not publicly known, but the symbolism is stark. Their accounts were accessed as part of what’s known as the SolarWinds intrusion and it throws into question how the U.S. government can protect individuals, companies and institutions across the country if…
Tips to harden Active Directory against SolarWinds-type attacks
The SolarWinds/Solorigate attacks used some concerning methodologies. One of them has been what is called the Golden SAML attack process. Security Assertion Markup Language (SAML) enables the exchange of authentication and authorization information between trusted parties. The Golden SAML technique allows attackers to generate their own SAML response to gain access or control. To do…
Microsoft, Energy Department and Others Named as Victims of SolarWinds Attack
Microsoft has confirmed that it has detected the malicious SolarWinds binaries delivered by the threat actor on its own systems as well. The tech giant took steps to remove the malware and claimed it had found no evidence that the attackers used its own systems to target others. Microsoft said in a blog post on…
