US blames Russia for SolarWinds attack, imposes sanctions

US President Joe Biden has imposed new sanctions on Russia and expelled almost a dozen Russian diplomats from US soil, as per a BBC report.  One of the key factors behind the move is last year’s SolarWinds supply chain cyberattack, which saw cybercriminals infiltrate more than 18,000 US companies and government organizations. The US government has now officially blamed the …

Tovább a bejegyzéshez

SolarWinds hack the work of thousands of cybercriminals

When many people think about a cyberattack, they probably imagine a lone hacker furiously typing out code in his basement. The recent SolarWinds hack, however, appears to have been the work of at least 1,000 cybercriminals. This is according to Microsoft President Brad Smith, who described the attack as “the largest and most sophisticated attack the world has ever seen” …

Tovább a bejegyzéshez

Mimecast may be latest victim of SolarWinds hackers

Email and web security specialist Mimecast has notified customers that it has suffered a cyberattack. The company explained a “sophisticated threat actor” had hijacked its Sync and Recover, Continuity Monitor and IEP (Internal Email Protect) products to spy on users. This was made possible through a certificate used to authenticate different services to Microsoft Office 365 Exchange Web Services that …

Tovább a bejegyzéshez

SolarWinds hackers also used brute force password techniques to breach victims

While the majority of victims of the SolarWinds supply chain attack were breached through the compromised Orion update, some had their perimeters breached via brute force password techniques. According to a recently updated advisory from the US Cybersecurity and Infrastructure Security Agency (CISA), the SolarWinds attackers didn’t always rely on the poisoned Orion update as the initial access vector. “CISA …

Tovább a bejegyzéshez

US government blames Russia for SolarWinds hack

The US government has accused Russia of being behind the recent SolarWinds attack, which is considered to be among the most significant of 2020. On Tuesday, four US security agencies, all members of a task force set up specifically to investigate the SolarWinds attack, issued a joint statement claiming the attack was “likely Russian in origin”. The agencies in question …

Tovább a bejegyzéshez

SolarWinds hackers found to have accessed Microsoft source code

Microsoft has revealed that whoever was behind the SolarWinds cyberattack managed to view source code repositories for some of its products. The company, however, was quick to downplay the significance of the compromise, providing two main reasons why the criminals can do little with the material accessed. For one, the accounts were view-only, so the attackers could not have altered …

Tovább a bejegyzéshez

ICO warns SolarWinds victims they must report any related breaches

The UK data privacy watchdog, the Information Commissioner’s Office (ICO), is warning businesses that were potentially breached through a compromised SolarWinds Orion patch that they are obliged to report the incident within three days of its discovery. In a statement published on the ICO website, the regulator stated that all businesses that used the compromised version of the Orion IT …

Tovább a bejegyzéshez

IT giants VMware, Cisco confirmed as victims of SolarWinds hack

Cisco and VMware have emerged as the latest confirmed victims of the high-profile SolarWinds hack, in line with previous reports that tech companies make up a large proportion of those affected. According to Bloomberg, Cisco moved quickly to eliminate the threat and is confident that its products have not been compromised. “At this time, there is no known impact to …

Tovább a bejegyzéshez

Microsoft says it has identified over 40 victims of SolarWinds hack

Microsoft has managed to identify more than 40 victims of the Solorigate / SUNBURST malware, the firm claims. Using data collected from its free Windows Defender cybersecurity tool, it found that while infected US government agencies may be the most headline-grabbing victims, they represent only a small portion of affected organizations. The majority of the companies are tech firms that …

Tovább a bejegyzéshez

Up to 18,000 businesses hit in SolarWinds hack

Further complications have been identified in relation to the FireEye data breach, which we first reported on last week. It appears that not only was FireEye, together with a couple of US government agencies, breached as a result of a tainted SolarWinds update, but approximately 18,000 companies also fell victim to the attack. SolarWinds, whose internal networks were breached by …

Tovább a bejegyzéshez