SolarWinds Archives - Page 2 of 3 - Cyber Security Minute

The Logistics Supply Chain is Being Targeted by Both Cybercriminals and Nation States

Issued by: Security Week

Attacks against the supply chain have been growing in quantity and gravity for several years, culminating in SolarWinds. Most discussion has focused on the software supply chain, but a new study shows that the physical logistics supply chain is equally subject, and susceptible, to cyberattacks. The Covid-19 pandemic has increased and highlighted the world’s reliance…

Network Security

Months After Hack, US Poised to Announce Sanctions on Russia

Issued by: Security Week

The sanctions, foreshadowed for weeks by the administration, would represent the first retaliatory action announced against the Kremlin for last year’s hack, familiarly known as the SolarWinds breach. In that intrusion, Russian hackers are believed to have infected widely used software with malicious code, enabling them to access the networks of at least nine agencies…

Software Security

Biden Names 2 Ex-NSA Officials for Senior Cyber Positions

Issued by: Security Week

Chris Inglis, a former NSA deputy director, is being nominated as the government’s first national cyber director. Jen Easterly, a former deputy for counterterrorism at the NSA, has been tapped to run the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security. The appointments come as the Biden administration grapples with the aftermath…

Malware & Threats

AP Sources: SolarWinds Hack Got Emails of Top DHS Officials

Issued by: Security Week

The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is not publicly known, but the symbolism is stark. Their accounts were accessed as part of what’s known as the SolarWinds intrusion and it throws into question how the U.S. government can protect individuals, companies and institutions across the country if…

Vulnerabilities

Mimecast Says SolarWinds Hackers Stole Source Code

Issued by: Security Week

Mimecast was one of the several cybersecurity companies to confirm being targeted by the hackers who breached the systems of IT management solutions provider SolarWinds. After compromising SolarWinds systems, the attackers, which have been linked to Russia, used their access to deliver malicious updates for SolarWinds’ Orion monitoring product to roughly 18,000 customers. A few…

Software Security

How to Choose the Right Cybersecurity Framework

Issued by: Dark Reading

The dramatic rise in ransomware attacks and the SolarWinds Orion hack have thrust cybersecurity back into the spotlight. With everyone a target, it’s time for organizations to implement cybersecurity frameworks like those provided by the National Institute of Standards and Technology (NIST), which can help you set a bar for measuring your cybersecurity effectiveness. Taking…

Network Security, Software Security

Microsoft Adopted an ‘Aggressive’ Strategy for Sharing SolarWinds Attack Intel

Issued by: Dark Reading

In the wake of a widespread cyberattack, enterprise IT providers can play a key role in how businesses learn about and mitigate the security threat. That role has evolved as attacks grow more complex – and it presents a tricky challenge when a provider must keep businesses informed of an attack that has infiltrated its…

Malware & Threats

How SolarWinds Busted Up Our Assumptions About Code Signing

Issued by: Dark Reading

As the fallout from the SolarWinds hack broadens, we continue to learn more about just how it happened in the first place. There have now been four malware strains identified, one being Sunspot, which was installed on the SolarWinds build server that developers use to piece together software applications. When it comes to software supply…

Software Security

SecurityWeek to Host Supply Chain Security Summit on March 10, 2021

Issued by: Security Week

In the wake of the SolarWinds mega-hack that continues to unravel, software supply chain security and fragility is again on the front-burner for enterprise security decision makers. The complexity and opaqueness of the software supply chain has led to nation-state compromises and major worries that we’re only seeing the tip of the iceberg. Free to…

Vulnerabilities

SolarWinds Product Vulnerabilities Allow Hackers to Take Full Control of Systems

Issued by: Security Week

SolarWinds was recently targeted in a sophisticated supply chain attack that resulted in thousands of organizations receiving malicious updates for the company’s Orion monitoring product, and a few hundred — ones that presented an interest to the attackers — getting other malware that may have given the hackers deep access into their networks. Following the…