SolarWinds Archives - Cyber Security Minute

Microsoft Shares New Guidance in Wake of ‘Midnight Blizzard’ Cyberattack

Issued by: Dark Reading

Microsoft has released new guidance for organizations on how to protect against persistent nation-state attacks like the one disclosed a few days ago that infiltrated its own corporate email system. A key focus of the guidance is on what organizations can do to protect against threat actors using malicious OAuth apps to hide their activity…

Malware & Threats

SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures

Issued by: SecurityWeek

The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company’s October 2018 initial public offering (IPO) and its December 2020 revelation of a sophisticated cyberattack dubbed “SUNBURST.” The software supply chain cyberattack involved Russia-linked threat actors breaching SolarWinds systems in 2019, or possibly even…

Software Security

Scribe Integrity helps developers authenticate open-source and proprietary source code

Issued by: Help Net Security

Scribe Security released Scribe Integrity, a code integrity validator that authenticates open-source and proprietary source code, and an integral building block of its platform solving the software supply chain security challenge. Scribe Integrity provides developers with an added layer of visibility, allowing developers peace of mind that the code they are using is safe. Scribe…

Software Security

XDR Isn’t Enough to Protect Your Organization: The Importance of Adversary Detection and Response

Issued by: CIO Security

It’s more difficult than ever to protect our infrastructure, government, and businesses from becoming victims of well-funded, skilled adversaries. From the Log4j vulnerability to the SolarWinds hack to the Colonial Pipeline cyberattack, organizations are more vulnerable to cyberattacks than ever before. In fact, 87% of enterprises across 11 countries have fallen victim to cyberattacks in…

Network Security

SolarWinds Outlines ‘Triple Build’ Software Development Model to Secure Supply Chain

Issued by: Security Week

In the SolarWinds incident, up to 18,000 companies could have received the malware injected into the SolarWinds software. Not all could have been affected. Many of these ‘victims’ did not install the infected version, and many others did so on servers with no internet connectivity. Of those companies that did receive the Nobelium Sunburst malware,…

Malware & Threats

A multi-party data breach creates 26x the financial damage of single-party breach

Issued by: Help Net Security

Cyentia Institute and RiskRecon released a research that quantifies how a multi-party data breach impacts many organizations in today’s interconnected digital world. The study is based on an analysis of 897 multi-party breaches involving three or more interrelated companies. The impact of multi-party data breach events 897 multi-party data breach incidents, also referred to as…

Malware & Threats

Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation: Microsoft

Issued by: Security Week

The missing mitigation was flagged by Microsoft in a post mortem of last month’s zero-day attack that hit businesses using the SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP products. Microsoft originally shipped the mitigation — called ASLR (Address Space Layout Randomization) in Windows Vista back in 2006 as part of a larger plan…

Malware & Threats

Hackers Targeted SolarWinds Earlier Than Previously Known

Issued by: Security Week

SolarWinds had previously traced the origins of the hack to the fall of 2019 but now believes that hackers were doing “very early recon activities” as far back as the prior January, according to Sudhakar Ramakrishna, the company’s president and CEO. “The tradecraft that the attackers used was extremely well done and extremely sophisticated, where…

Malware & Threats

A Renewed Push to Improve the Nation’s Cybersecurity

Issued by: Security Week

In response to recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline ransomware attack, President Biden on May 12, 2021 signed an Executive Order (EO) to improve the nation’s cybersecurity and protect federal government networks. For close observers, this seems to be like Groundhog Day, as past incoming administrations have issued similar…