Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWinds compromise, but rather due to a separate initial access vector that works by … [Read more...] about SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm
SolarWinds
The SolarWinds Orion Breach, and What You Should Know
By Joe Marshall of Cisco Talos and Paul Smith of Cisco IoT What is this? On December 11th, 2020, the U.S. government and the company SolarWinds disclosed a breach into their SolarWinds Orion Platform network management software. This attack was conducted by a sophisticated and likely nation-state based attacker. SolarWinds Orion is a commonly used network management software … [Read more...] about The SolarWinds Orion Breach, and What You Should Know
Pinpoint Your SolarWinds Exposure with Cisco Endpoint Security Analytics
As various private organizations and high-value government bodies figure out the blast radius of the recent state-sponsored SolarWinds attack, with Cisco Endpoint Security Analytics (CESA) in your toolkit you could quickly assess your own exposure…like the CESA customer noted below. CESA brings together the unparalleled endpoint behavioral visibility of Cisco’s AnyConnect … [Read more...] about Pinpoint Your SolarWinds Exposure with Cisco Endpoint Security Analytics
SolarWinds Hackers Also Accessed U.S. Justice Department’s Email Server
The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that … [Read more...] about SolarWinds Hackers Also Accessed U.S. Justice Department’s Email Server
Microsoft Says SolarWinds Hackers Accessed Some of Its Source Code
Microsoft on Thursday revealed that the threat actors behind the SolarWinds supply chain attack were able to gain access to a small number of internal accounts and escalate access inside its internal network. The "very sophisticated nation-state actor" used the unauthorized access to view, but not modify, the source code present in its repositories, the company said. "We … [Read more...] about Microsoft Says SolarWinds Hackers Accessed Some of Its Source Code
A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that's used to interface with all other Orion system monitoring and management products suffers … [Read more...] about A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says
As the probe into the SolarWinds supply chain attack continues, new digital forensic evidence has brought to light that a separate threat actor may have been abusing the IT infrastructure provider's Orion software to drop a similar persistent backdoor on target systems. "The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also … [Read more...] about A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says
Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack
The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought. News of Microsoft's compromise was first reported by Reuters, which also said the company's own … [Read more...] about Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack
New Evidence Suggests SolarWinds’ Codebase Was Hacked to Inject Backdoor
The investigation into how the attackers managed to compromise SolarWinds' internal network and poison the company's software updates is still underway, but we may be one step closer to understanding what appears to be a very meticulously planned and highly-sophisticated supply chain attack. A new report published by ReversingLabs today and shared in advance with The Hacker … [Read more...] about New Evidence Suggests SolarWinds’ Codebase Was Hacked to Inject Backdoor
SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack
Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory page, the company urged its customers to update Orion Platform to version 2020.2.1 HF … [Read more...] about SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack