FireEye – Page 9 – WindowsTechs.com

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Posted on December 16, 2020 by BrianKrebs

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Continue reading Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’→

The SolarWinds Perfect Storm: Default Password, Access Sales and More

Posted on December 16, 2020 by Tara Seals

Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack. Continue reading The SolarWinds Perfect Storm: Default Password, Access Sales and More→

SolarWinds hackers’ capabilities include bypassing MFA

Posted on December 16, 2020 by Zeljka Zorz

As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing – according to Reuters, the attackers also breached U.S. Department of Homeland Security’s systems, the State Department, and the … Continue reading SolarWinds hackers’ capabilities include bypassing MFA→

National security officials brief Biden team on SolarWinds hacking campaign

Posted on December 15, 2020 by Sean Lyngaas

U.S. national security officials have briefed the transition team for President-elect Joe Biden and Capitol Hill aides on the consequences of a suspected government-backed hacking campaign affecting multiple federal agencies, according to multiple people familiar with the matter. Trump administration officials held multiple briefings on the topic for Biden aides on Monday, and there is a classified briefing slated for Tuesday, according to a person familiar with the briefings. Among the agencies briefing Biden staff on Monday was the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, a CISA official said. The hacking campaign, which the Washington Post reported as being tied to Russia, forced an emergency meeting of the White House National Security Council and prompted some lawmakers to call for new approaches to defending U.S. companies from malicious cyber activity. Responding to the apparent cyber-espionage effort could be one of the first big tests of Biden’s cybersecurity […]

The post National security officials brief Biden team on SolarWinds hacking campaign appeared first on CyberScoop.

Continue reading National security officials brief Biden team on SolarWinds hacking campaign→

SolarWinds Hack Could Affect 18K Customers

Posted on December 15, 2020 by BrianKrebs

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems. Continue reading SolarWinds Hack Could Affect 18K Customers→

Up to 18,000 SolarWinds customers installed poisoned update that could allow state-sponsored attack

Posted on December 15, 2020 by Graham Cluley

The United States Department of Commerce, Treasury, State Department, National Institutes of Health, Homeland Security, and Pentagon have had their networks compromised in what appears to have been a massive supply-chain attack on American government s… Continue reading Up to 18,000 SolarWinds customers installed poisoned update that could allow state-sponsored attack→

Finding SUNBURST Backdoor with Zeek Logs & Corelight

Posted on December 15, 2020 by John Gamble

John Gamble, Director of Product Marketing, Corelight FireEye’s threat research team has discovered a troubling new supply chain attack targeting SolarWind’s Orion IT monitoring and management platform. The attack trojanizes Orion software updates to d… Continue reading Finding SUNBURST Backdoor with Zeek Logs & Corelight→

SUNBURST: Russia Fingered in ‘Perfect 10’ Supply Chain Attack

Posted on December 14, 2020 by Richi Jennings

Russian spies have been operating inside countless enterprises and government agencies, thanks to a hack of SolarWinds.
The post SUNBURST: Russia Fingered in ‘Perfect 10’ Supply Chain Attack appeared first on Security Boulevard.
Continue reading SUNBURST: Russia Fingered in ‘Perfect 10’ Supply Chain Attack→

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report

Posted on December 14, 2020 by Tara Seals

The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort. Continue reading DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report→

Hackers breached U.S. government agencies via compromised SolarWinds Orion software

Posted on December 14, 2020 by Zeljka Zorz

A “highly sophisticated” hacking group has breached the U.S. Treasury Department, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA), other government agencies and private sector compan… Continue reading Hackers breached U.S. government agencies via compromised SolarWinds Orion software→