SOC analysts overloaded, but role more important than ever

Organizations are spending more to account for widespread security operation center (SOC) challenges including growing security management complexity, increasing analyst salaries, security engineering and management outsourcing costs, yet are still dis… Continue reading SOC analysts overloaded, but role more important than ever

SolarWinds: What Hit Us Could Hit Others

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company’s software development pipeline could be repurposed against many other major software providers. Continue reading SolarWinds: What Hit Us Could Hit Others

Russia-linked postcard was “sent to FireEye’s CEO after cybersecurity firm uncovered hack”

The CEO of FireEye, the cybersecurity company hacked by a state-sponsored attack, received a postcard at his home mocking any claims that Russia might have been responsible. Continue reading Russia-linked postcard was “sent to FireEye’s CEO after cybersecurity firm uncovered hack”

SQL injection: The bug that seemingly can’t be squashed

If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) again. It’s a common vulnerability that – despite being easily remedied &#… Continue reading SQL injection: The bug that seemingly can’t be squashed

Cyber Security Roundup for January 2021

A suspected nation-state sophisticated cyber-attack of SolarWinds which led to the distribution of a tainted version the SolarWinds Orion network monitoring tool, compromising their customers, dominated the cyber headlines in mid-December 2020.  This w… Continue reading Cyber Security Roundup for January 2021

Microsoft says SolarWinds hackers accessed company source code

Microsoft said Thursday that the SolarWinds hackers were able to access company source code, although the technology giant described the incident as largely harmless in an update to an internal investigation. “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft said in a blog post. “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.” The initial reports that Microsoft suffered a breach via updates to the SolarWinds Orion software generated some partial denials, but the investigation update helps illuminate what happened, and what didn’t, in an apparent cyber-espionage operation that also hit the federal government and other major companies. Microsoft “found no evidence of access to production […]

The post Microsoft says SolarWinds hackers accessed company source code appeared first on CyberScoop.

Continue reading Microsoft says SolarWinds hackers accessed company source code

Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack 

Cybersecurity vendor FireEye recently disclosed a sophisticated attack which led to the “unauthorized access of their red team tools.” A…
The post Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack  appeared… Continue reading Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack 

SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security

In episode 152 for December 21st 2020: A discussion about the SolarWinds Orion backdoor, third-party security, and the threat of supply chain attacks with co-host Kevin Johnson. ** Links mentioned on the show ** US govt, FireEye breached after SolarWin… Continue reading SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security

FireEye Hack Turns into a Global Supply Chain Attack

The FireEye hack turned into a global supply chain attack affecting thousands of SolarWinds customers around the world.
The post FireEye Hack Turns into a Global Supply Chain Attack appeared first on Radware Blog.
The post FireEye Hack Turns into a Gl… Continue reading FireEye Hack Turns into a Global Supply Chain Attack

FireEye, Microsoft find ‘killswitch’ to hamper SolarWinds-related malware

As the U.S. government works to contain a sprawling hacking campaign that relies on software in technology from SolarWinds, a federal contractor, technology firms are disabling some of the hackers’ key infrastructure. Cybersecurity giant FireEye on Wednesday said that it had worked with Microsoft and the domain registrar GoDaddy to take over one of the domains that attackers had used to send malicious code to victim machines. The move is no panacea for stopping the suspected state-sponsored hacking campaign, though it could help stem the tide of victims, which reportedly includes the departments of Treasury and Homeland Security. The seized domain, known as a “killswitch,” will “affect new and previous” infections of the malicious code coming from that particular domain, FireEye said in a statement that was first reported by independent journalist Brian Krebs. “Depending on the IP address returned when the malware resolves avsvmcloud[.]com, under certain conditions, the malware […]

The post FireEye, Microsoft find ‘killswitch’ to hamper SolarWinds-related malware appeared first on CyberScoop.

Continue reading FireEye, Microsoft find ‘killswitch’ to hamper SolarWinds-related malware