SolarWinds Archives - Page 3 of 3 - Cyber Security Minute

Tips to harden Active Directory against SolarWinds-type attacks

Issued by: CSO

The SolarWinds/Solorigate attacks used some concerning methodologies. One of them has been what is called the Golden SAML attack process. Security Assertion Markup Language (SAML) enables the exchange of authentication and authorization information between trusted parties. The Golden SAML technique allows attackers to generate their own SAML response to gain access or control. To do…

Malware & Threats

Malwarebytes was breached by the SolarWinds attackers

Issued by: Help Net Security

A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers that organizations can use to check their Microsoft 365 tenants for signs of intrusion. Then, on Tuesday, Malwarebytes CEO…

Malware & Threats

SolarWinds hack investigation reveals new Sunspot malware

Issued by: Help Net Security

Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on…

Malware & Threats

A hacker’s predictions on enterprise malware risk

Issued by: Help Net Security

2020 has ended with a stunning display of nation-state cyber capabilities. The Kremlin’s SVR shocked the cybersecurity industry and U.S. government with its intrusions into FireEye and the U.S. Office of the Treasury by way of SolarWinds, revealing only traces of its long-term, sophisticated campaigns. These breaches are reminders that no organization is immune to…

Malware & Threats

SolarWinds hack is a wakeup call for taking cybersecurity action

Issued by: CSO

Advanced Persistent Threats (APTs) have long been a concern of the cybersecurity community. Well-organized teams with significant resources and targets they are not willing to give up attacking until their mission is accomplished are certainly not a threat to be underestimated. The tactics deployed by such groups involve a combination of attack types, from exploiting…

Vulnerabilities

How to prepare for and respond to a SolarWinds-type attack

Issued by: CSO

If you use the recently compromised SolarWinds Orion monitoring products, you are already reviewing your infrastructure and possibly blocking network access to the servers in your domain. For those of you who do not use the SolarWinds software, this is an opportunity to review your own processes and determine whether you would have detected the…