SolarWinds Articles

Published 2024-01-19

  1. Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers (Verge)

Published 2023-10-31

  1. SEC Charges SolarWinds and CISO With Misleading Investors (Infosecurity Magazine)
  2. SolarWinds and CISO accused of fraud, control failures (Help Net Security)
  3. SEC charges SolarWinds with fraud over SUNBURST attacks (Register)

Published 2023-10-30

  1. SolarWinds allegedly misled public on its security before Sunburst cyberattack: SEC (IT World Canada News)
  2. US regulators sue SolarWinds and its security chief for alleged cyber neglect ahead of Russian hack (ABC News)
  3. SEC Suit Claims SolarWinds Misled Investors On Cyber Risks (Law360)
  4. SEC charges SolarWinds with fraud tied to its IPO and cybersecurity hack (Austin Business Journal)
  5. SEC charges SolarWinds, top security executive with fraud in 2020 incident
  6. Bob Ackerman on LinkedIn: US SEC sues SolarWinds for concealing cyber risks before massive hacking (13 comments)
  7. SolarWinds Misled Public on Cyber Risk Before Hack, SEC Claims (Bloomberg)
  8. IANS LIVE-US SUES SUDHAKAR RAMAKRISHNA (RUN SOLARWINDS FOR MISLEADING INVESTORS BEFORE MASSIVE HACK)
  9. SEC sues SolarWinds over massive cyberattack
  10. U.S. SEC sues SolarWinds and security chief for fraud (Fortune)
  11. SEC Charges SolarWinds and CISO With Misleading Investors (Infosecurity Magazine)
  12. SolarWinds faces SEC lawsuit after 2020 hack
  13. SolarWinds, chief information security officer charged with fraud by SEC (NYSE:SWI) (Seeking Alpha)
  14. SolarWinds CISO Sued for Fraud by US SEC (secblvd)
  15. BREAKING: Feds Take Unprecedented Action Against CISO in SolarWinds Case
  16. SEC charges SolarWinds, its CISO with fraud (Cybersecurity Dive)
  17. Techmeme: The US SEC charges SolarWinds for failing to disclose alleged cybersecurity failures ahead of a breach by suspected Russian hackers that began as early as 2019 (Tim Starks/Washington Post)
  18. US SEC sues SolarWinds for concealing cyber risks before massive hacking (Reuters)
  19. Reuters Legal on X: "The SEC sued SolarWinds Corp and its top cybersecurity executive, saying they repeatedly misled investors and the public about a software product linked to one of biggest hackings targeting the US government https://t.co/ENR9Rioxaq ht
  20. US regulators sue SolarWinds and its security chief for alleged cyber neglect ahead of Russian hack
  21. What to know about the SEC’s case against SolarWinds (wapo)
  22. SEC charges SolarWinds, CISO with fraud in 2020 supply chain attacks (scmedia)
  23. DOJ Detected SolarWinds Breach Months Before Public Disclosure (WIRED)
  24. SEC sues SolarWinds for misleading investors before 2020 hack
  25. SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack
  26. SEC notifies SolarWinds CISO and CFO of possible action in cyber investigation (Cybersecurity Dive)
  27. SolarWinds charged by SEC for failing to disclose cybersecurity problems (wapo)
  28. SEC.gov (SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures)
  29. SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures (SecurityWeek)
  30. US SEC sues SolarWinds for concealing cyber risks before massive hacking (Reuters)
  31. SEC Sues SolarWinds Over 2020 Hack Attributed to Russians (WSJ)

Published 2023-10-23

  1. SolarWinds Patches High-Severity Flaws in Access Rights Manager (SecurityWeek)

Published 2023-10-20

  1. Critical RCE flaws found in SolarWinds access audit solution
  2. Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover

Published 2023-10-16

  1. (2816) From Hexacon 2023 - A Demonstration of CVE-2022-47504: An RCE in SolarWinds NPM (YouTube)

Published 2023-08-07

  1. Microsoft Signing Key Stolen by Chinese (Schneier)

Published 2023-07-27

  1. US senator blasts Microsoft for “negligent cybersecurity practices” (ars)

Published 2023-07-09

  1. CSP #78 – Solarwinds From the Inside: The Breach and the Aftermath – Tim Brown (scmedia)

Published 2023-06-27

  1. SEC notice to SolarWinds CISO and CFO roils cybersecurity industry (CSO Online)

Published 2023-06-26

  1. SolarWinds Execs Targeted by SEC, CEO Vows to Fight
  2. SolarWinds CISO and CFO are focus of SEC’s Orion investigation (scmedia)
  3. SolarWinds Execs Targeted by SEC, CEO Vows to Fight

Published 2023-06-01

  1. GitHub (mandiant/red_team_tool_countermeasures)

Published 2023-05-28

  1. SolarWinds Sunburst Attack: Lessons On Dealing With A Cyberattack

Published 2023-05-03

  1. SolarWinds: The Untold Story of the Boldest Supply-Chain Hack (WIRED)

Published 2023-04-18

  1. SolarWinds (SolarWinds CISO Tim Brown Named CISO of the Year by Globee Cybersecurity Awards)

Published 2023-03-06

  1. SolarWinds Breach Revealed Shortcomings At CISA, DHS IG Report Shows

Published 2023-02-17

  1. SolarWinds Announces Upcoming Patches for High-Severity Vulnerabilities (SecurityWeek)

Published 2022-12-09

  1. Layoffs at N-able came 'out of nowhere' (WRAL TechWire)

Published 2022-11-01

  1. Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply (Chain Attack)

Published 2022-07-12

  1. Solarwinds From the Inside: The Breach and the Aftermath – Tim Brown – CSP #78 (scmedia)

Published 2022-05-21

  1. SolarWinds is ready to overcome violations and help customers manage them (Newjerseyupdates.com)

Published 2022-05-19

  1. Third (Party Cyber Risk Management Primer)
  2. Conditions are cooling off for troubled SolarWinds (FRN)
  3. Biden administration makes inroads amid zero trust rollout (Cybersecurity Dive)
  4. SonarSource Appoints Kevin Thompson on its Board of Directors
  5. SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities - Nessus (InfosecMatter)
  6. DOJ Won't Prosecute White Hat Hackers, Only Bad Cybercriminals
  7. CISA exec calls SolarWinds hack a wake-up call for government cybersecurity | Secondary Sources | National (Westlaw Today)

Published 2022-05-18

  1. The Four Horsemen of Software Supply Chain Attacks (MSSP Alert)

Published 2022-05-17

  1. One year after Biden executive order, cyber officials defend progress (The Record by Recorded Future)

Published 2022-05-11

  1. SolarWinds data breach lawsuit takeaways for CISOs (Security Magazine)

Published 2022-04-25

  1. SolarWinds breach lawsuits: 6 takeaways for CISOs (CSO Online)

Published 2022-04-22

  1. 60% of Healthcare Orgs Say Third (Party Risk Management Needs Improvement)

Published 2022-04-20

  1. SCuBA gears up agencies to survive the ‘next’ SolarWinds attack (FRN)
  2. The SolarWinds hack pokes holes in Defend Forward (CISSAR)
  3. Secure Cloud Business Applications
  4. Federal News Network: SCuBA gears up agencies to survive the ‘next’ SolarWinds attack (G2Xchange FedCiv)

Published 2022-04-19

  1. SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?
  2. CISA Seeks Comment on Visibility Effort Being Piloted with Cloud Service Providers (Nextgov)

Published 2022-04-18

  1. SolarWinds Co. (NYSE:SWI) Sees Significant Decrease in Short Interest (ETF Daily News)
  2. Lessons Learned from Cyberattacks on Critical Infrastructure (Toolbox It-security)

Published 2022-03-31

  1. Court denies SolarWinds bid to throw out breach lawsuit

Published 2022-02-11

  1. GovCon Expert Dana Barnes: Reflections on White House Zero Trust Cybersecurity Plan

Published 2022-02-09

  1. Ten Questions We Hope the Cyber Safety Review Board Answers—and Three It Should Ignore (Lawfare)
  2. SEC.gov (Statement on Cybersecurity Risk Management for Investment Advisers, Registered Investment Companies, and Business Development Companies)

Published 2022-02-08

  1. Hacks Bring New Urgency to Moves by Congress and Agencies to Reduce Future Cybersecurity Risks (U.S. GAO)

Published 2022-02-06

  1. NIST Suggests Agencies Accept the Word of Software Producers Per Executive Order (Nextgov)

Published 2022-02-03

  1. DHS Launches First-Ever Cyber Safety Review Board (Homeland Security)

Published 2022-01-19

  1. Microsoft: Hackers Exploiting New SolarWinds Serv (U Bug Related to Log4j Attacks)

Published 2022-01-13

  1. Statutory restrictions hindered federal response to SolarWinds, Microsoft Exchange

Published 2021-12-23

  1. White House national security adviser asks software ...
  2. SolarWinds breach updates. Microsoft sinkholes Sunburst's C&C domain. Facebook takes down inauthentic networks.
  3. Federal CISO Clarifies Support for a Standard that Could Make Passwords History (Nextgov)
  4. White House national security adviser asks software companies to discuss cybersecurity
  5. White House national security adviser asks software companies to discuss cybersecurity (Reuters)
  6. IT reseller challenges USDA’s ’20 (year tradition’ of sticking with Microsoft)
  7. Opinion (To keep our country safe, we need a national Cyber Academy. Think of it as West Point for technology defense. - The Washington Post)

Published 2021-12-22

  1. Federal Agencies Issue New Breach Notification Rules for Banking Organizations and Banking Service Providers (Benesch - JDSupra)
  2. Harris calls for 'cyber doctrine' to address increasing attacks (hill)
  3. Threat actors behind SolarWinds compromise are still active, warns Mandiant (IT World Canada News)

Published 2021-12-21

  1. Remote code execution in SolarWinds Database Performance Analyzer (Apache Log4j component)
  2. SolarWinds Trust Center Security Advisories (CVE-2021-44228)
  3. CVE-2021-35248 (SolarWinds Orion Settings access control)
  4. CVE-2021-35234 (SolarWinds Orion sql injection)
  5. SolarWinds Orion sql injection [CVE-2021 (35234] – Yet Another News Aggregator Channel)
  6. Re: Is there a tool similar to Solarwinds Network Configuration Manager for... (The Meraki Community)

Published 2021-12-18

  1. From Cybercrime To National Security Priority: Biden’s War On Ransomware – Analysis (Eurasia Review)

Published 2021-12-17

  1. The new PseudoManuscrypt malware puts over 35,000 PCs at risk (TheDigitalHacker)

Published 2021-12-15

  1. Nobelium gang malware evolves one year after SolarWinds
  2. EETimes (SolarWinds Fallout: When Will Breach Reporting Become Mandatory?)
  3. NASA Probe Becomes First Spacecraft to Enter Sun’s Atmosphere
  4. EETimes (SolarWinds Fallout: When Will Breach Reporting Become Mandatory?)

Published 2021-12-14

  1. SolarWinds (NYSE:SWI) Downgraded by JPMorgan Chase & Co. to Neutral (MarketBeat)

Published 2021-12-13

  1. Research: Announcement of Periodic Review: Moody's announces completion of a periodic review of ratings of SolarWinds Holdings, Inc. (Moody's)
  2. Did a Russian Cyberattack Affect the Election? Officials Couldn't Be Sure

Published 2021-12-12

  1. Massive Software Flaw With Global Reach Forces Quebec To Shut Government Websites (The Street Journal)

Published 2021-12-08

  1. House Passes NDAA Without Cyber Incident Reporting Legislation (Nextgov)
  2. Breach reporting requirement sputters as House passes NDAA (scmedia)
  3. Reviewing the Biggest Data Breaches of 2021 (secblvd)
  4. A Year After the SolarWinds Hack, Supply Chain Threats Still Loom (WIRED)
  5. SolarWinds hack may have been more damaging than previously thought (TechRadar)

Published 2021-12-07

  1. Shareholders Seek to Hold Current and Former SolarWinds Officials Liable for Massive 2020 Security Breach (Benesch - JDSupra)
  2. SolarWinds Attackers Spotted Using New Tactics, Malware (tpost)
  3. Rules Committee Print 117 (21; Text of House Amendment to S. 1605)

Published 2021-12-06

  1. You can’t stop the ‘next SolarWinds’—but you can slow it down (Opera News)
  2. You can't stop the 'next SolarWinds' -- but you can slow it down (VentureBeat)
  3. The Microsoft paradox: Contributing to cyber threats and monetizing the cure (Fortune)
  4. Mandiant: SolarWinds Attackers Continue to Innovate
  5. SolarWinds hackers have been quietly targeting governments, cloud providers (scmedia)
  6. Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets
  7. Suspected Russian Activity Targeting Government and Business Entities Around the Globe (Mandiant)
  8. SolarWinds hackers kept busy in the year since the seminal hack, Mandiant finds
  9. Russian group behind SolarWinds incident ramping up hacking efforts, analysis says (hill)
  10. SolarWinds hackers have been quietly targeting governments, cloud providers (scmedia)
  11. SolarWinds hackers have a whole bag of new tricks for mass compromise attacks (ars)

Published 2021-12-03

  1. Cybersecurity for Idiots (Lawfare)
  2. Microsoft says it identified 40+ victims of the SolarWinds hack | #microsoft | #hacking (#cybersecurity - NATIONAL CYBER SECURITY NEWS TODAY)

Published 2021-11-29

  1. Part of Earth’s Water Came from the Sun, New Study Suggests (Sci-News.com)

Published 2021-11-06

  1. Warning as Microsoft malware attack 'creates backdoor for hackers' to enter servers
  2. TSA to issue regulations to secure rail, aviation groups against cyber threats (hill)

Published 2021-11-05

  1. SolarWinds Board Sued by Pension Funds Over Cyberattack (1)
  2. SolarWinds investors allege board knew about cyber risks (Reuters)

Published 2021-11-04

  1. Known Exploited Vulnerabilities Catalog (CISA)

Published 2021-10-27

  1. CVE-2021-35235 (SolarWinds Kiwi Syslog Server ASP.NET Debugging information disclosure)

Published 2021-10-25

  1. SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks (tpost)
  2. SolarWinds Attacker Targets Cloud Service Providers in New Supply Chain Threat

Published 2021-10-19

  1. Scientists create most detailed map of Uranus' mysterious auroras to date (Space)

Published 2021-10-18

  1. How the SolarWinds Hack (almost) went Undetected

Published 2021-10-16

  1. (1293) SEC-T 0x0D: Erik Hjelmvik - Hiding in Plain Sight - How the SolarWinds Hack Went Undetected (YouTube)

Published 2021-10-15

  1. Reversing Golang used in SolarWinds : ReverseEngineering

Published 2021-10-12

  1. SolarWinds breach updates. Microsoft sinkholes Sunburst’s C&C domain. Facebook takes down inauthentic networks targeting Africa. (SDR News)

Published 2021-10-11

  1. DOJ to Federal Contractors: Report Cyberattacks or Face the False Claims Act (Lexology)

Published 2021-10-10

  1. Microsoft Says Russia Behind Over 50% Of State (Sponsored Cyber Hacks)

Published 2021-10-08

  1. The SolarWinds hack may have been more damaging than previously thought
  2. Biden signs bill to strengthen K-12 school cybersecurity (hill)
  3. Microsoft Digital Defense Report and Security Intelligence Reports
  4. Nobelium Makes Russia Leader in Cyberattacks (BankInfoSecurity)
  5. Microsoft: Russia Behind 58% of Detected State (Backed Hacks)
  6. Hackers of SolarWinds stole data on U.S. sanctions policy, intelligence probes (Reuters)

Published 2021-10-07

  1. Hackers in SolarWinds breach stole data on U.S. sanctions policy, intelligence probes -sources (Nasdaq)
  2. Microsoft: Russia is behind 58% of detected state-sponsored hacks (Fortune)
  3. Hackers in SolarWinds breach stole data on U.S. sanctions policy, intelligence probes -sources (National Post)
  4. Russian hackers behind SolarWinds hack trying to infiltrate US and European government networks - WRCBtv.com | #government | #hacking (#cyberattack - National Cyber Security News Today)

Published 2021-10-06

  1. Senate Committee Passes Major FISMA Changes—Including a New Definition of ‘Major Incident’  (Nextgov)
  2. Lawmakers advocate for establishment of standalone House and Senate cyber panels (hill)
  3. Mandiant Is Back: What to Expect From ‘Part Deux’ (SDxCentral)
  4. Senate Panel Advances FISMA Reform Bill (MeriTalk)
  5. Russian hackers behind SolarWinds hack are trying to infiltrate US and European government networks (CNNPolitics)
  6. Kevin Mandia: Coordination, Tech Among Keys to Cybersecurity Advancement (ExecutiveBiz)
  7. DOJ to go after government contractors that fail to report breaches (hill)
  8. Mandia Alerted NSA on FireEye’s SolarWinds Breach
  9. HILL TECH & CYBER BRIEFING: Senators Weigh Cyber Reporting Mandate

Published 2021-10-05

  1. Lawmakers introduce bill to identify and protect critical groups from cyber threats (hill)

Published 2021-10-04

  1. solarwinds serv (u vulnerabilities and exploits)

Published 2021-10-02

  1. Insurance carriers scrutinize cybersecurity controls (Crain's Cleveland Business)

Published 2021-10-01

  1. Hospital ransomware attack led to infant's death, lawsuit alleges (Healthcare IT News)
  2. White House to convene 30-country cybersecurity meeting (ZDNet)

Published 2021-09-30

  1. New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack

Published 2021-09-29

  1. Tomiris backdoor and its connection to Sunshuttle and Kazuar (Securelist)
  2. House passes legislation to strengthen federal cybersecurity workforce (hill)
  3. ‘Tomiris’ Backdoor Linked to SolarWinds Malware (tpost)

Published 2021-09-28

  1. SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor (tpost)
  2. Nearly all third-party containers deployed in the cloud harbor known vulnerabilities (scmedia)
  3. How one red team exercise averted a new SolarWinds (style attack)
  4. Russia (Linked Nobelium Deploying New 'FoggyWeb' Malware)
  5. Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (SecurityWeek.Com)
  6. SolarWinds hackers Nobelium spotted using a new backdoor
  7. New malware from SolarWinds attackers leaves behind a backdoor (TechRadar)
  8. Microsoft warning: This malware creates a 'persistent' backdoor for hackers (ZDNet)
  9. SolarWinds attackers drop 'FoggyWeb' backdoor on AD SSO servers - Security - Software (iTnews)

Published 2021-09-27

  1. Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers
  2. A multi-party data breach creates 26x the financial damage of single-party breach (Help Net Security)

Published 2021-09-26

  1. Autodesk reveals it was targeted by Russian SolarWinds hackers | #computerhacking (#hacking - National Cyber Security News Today)
  2. SolarWinds CEO talks about protecting IT in the wake of a sunburst (Fuentitech)

Published 2021-09-24

  1. EU 'denounces' Russian malicious cyber activity aimed at member states (hill)
  2. EETimes (SolarWinds Fallout: Cloud Security is the Weak Link)

Published 2021-09-23

  1. SolarWinds CEO Says Attackers Gained Entry, Began Recon in January 2019 (Opera News)
  2. Leading Cyber Officials Favor Fines Over Subpoenas to Enforce Incident Reporting (Nextgov)

Published 2021-09-22

  1. APT focus: ‘Noisy’ Russian hacking crews are among the world’s most sophisticated (The Daily Swig)

Published 2021-09-14

  1. SolarWinds CEO: Breach transparency 'painful' but necessary
  2. Venafi Survey: Execs Say Companies Negligent in Protecting Security Software Build Environments Should Face Clear Consequences (bizwire)

Published 2021-09-13

  1. The SEC gets tough on cybersecurity disclosure controls (Lexology)
  2. First on CNN Business: Moody's is spending $250 million to measure the risk of America's biggest companies getting hacked

Published 2021-09-11

  1. The imperative of the U.S. government’s Zero Trust measures (Digital Journal)
  2. Wide-ranging SolarWinds probe sparks fear in Corporate America - Security - Software (iTnews)

Published 2021-09-10

  1. Exclusive: Wide-ranging SolarWinds probe sparks fear in Corporate America (Reuters)
  2. Corporate Execs Fear SEC's SolarWinds Probe Will Expose Unreported Cybersecurity Incidents - by Cynthia Brumfield (Metacurity)
  3. This Week In Security: Ghoscript In Imagemagick, Solarwinds, And DHCP Shenanigans (Hackaday)
  4. Exclusive: Wide-ranging SolarWinds probe sparks fear in Corporate America (CBNC)
  5. SolarWinds Hack: Extensive SEC Probes Cause Terror in Enterprise America (Fuentitech)
  6. SolarWinds Hack: A wide-ranging SEC investigation has triggered fear in the US corporate world (Technology Shout)
  7. EXCLUSIVE- Wide-ranging SolarWinds probe sparks fear in Corporate America (Nasdaq)
  8. EXCLUSIVE Wide-ranging SolarWinds probe sparks fear in Corporate America (Reuters)
  9. Wide (ranging SolarWinds investigation sparks panic in U.S. business Reuters – Business Press, Business News Portal)

Published 2021-09-09

  1. SolarWinds Attack Spurring Additional Federal Investigations
  2. SEC Advances Broad Theory of Required Disclosures of Security Incidents
  3. Congress Weighs Bills Requiring Firms to Report Cyberattacks (The Crime Report)

Published 2021-09-08

  1. Congress May Require Some Companies to Report Cyber Attacks
  2. Microsoft's $20 billion plan for cybersecurity's big spending problem
  3. Lawmakers question impact of SolarWinds hack on US attorneys' offices (hill)

Published 2021-09-07

  1. Inside the response to the massive Russian SolarWinds hack (Axios)
  2. Congress seeks to compel infrastructure operators to report cyberattacks | National (union-bulletin.com)

Published 2021-09-06

  1. Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack (News Nation USA)
  2. Microsoft Reveals The Real Culprits Behind SolarWinds Serv-U SSH-0 Day Attack (Cyberintel Magazine)

Published 2021-09-05

  1. SolarWinds CEO Sudhakar Ramakrishna on 2020's Massive Hack (Time)

Published 2021-09-04

  1. Autodesk Says Company Was Targeted by SolarWinds Attackers - Latest Hacking News Today (HakTechs)
  2. Autodesk Disclosed it was Targeted in SolarWinds Hack (IT Security News)
  3. Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack (The Cyber Security News)
  4. Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0 (Day Attack)

Published 2021-09-03

  1. Eight US investment firms fined over inadequate cyber security policies (IT PRO)
  2. Attacks against SolarWinds Serv (U SW were possible due to the lack of ASLR mitigationSecurity Affairs)

Published 2021-09-02

  1. Autodesk reveals it was targeted by Russian SolarWinds hackers – Techtwiddle (Technology News and Kicks)
  2. A deep-dive into the SolarWinds Serv-U SSH vulnerability (Microsoft Security Blog)

Published 2021-09-01

  1. Industry lobbies Congress to extend notification timeline after cybersecurity incidents (hill)
  2. House panel mulls mandatory disclosure bill - (FCW)

Published 2021-08-32

  1. OMB directs agencies to increase log sharing to combat cyber incidents

Published 2021-08-30

  1. Zero trust is not enough: The case for continuous control validation - (GCN)

Published 2021-08-27

  1. Microsoft, Google Among Tech Giants Pledging Big Money to Cybersecurity (eSecurityPlanet)
  2. An Update on Recent Major Breaches (Cyber Security Hub)

Published 2021-08-26

  1. What’s Up With Apple: National Security, Google Pays Up, and More (24/7 Wall St.)

Published 2021-08-25

  1. SolarWinds and the Holiday Bear Campaign: A Case Study for the Classroom (Lawfare)
  2. Suing the CISO: SolarWinds Fires Back

Published 2021-08-24

  1. Earnings are growing at SolarWinds (NYSE:SWI) but shareholders still don't like its prospects (Simply Wall St News)

Published 2021-08-19

  1. Most IT executives fear nation-state hacking tools will be used on them (IT PRO)

Published 2021-08-18

  1. Sights and sounds of a Venus flyby
  2. Microsoft touts role in meeting Biden's order to fend off major hacks on the US (ZDNet)

Published 2021-08-17

  1. 2 million government records exposed online in 'no-fly' watchlist, researcher says (CNET)

Published 2021-08-16

  1. Hackers Linked to SolarWinds Return With Phishing Attack, Microsoft Says | #cybersecurity (#cyberattack - National Cyber Security News Today)

Published 2021-08-12

  1. EarthSky (Jupiter’s energy crisis solved: Auroras roast upper atmosphere)

Published 2021-08-10

  1. Senate includes over $1.9 billion for cybersecurity in infrastructure bill (hill)

Published 2021-08-09

  1. Serendipitous double flyby of Venus provides unprecedented science opportunity | Imperial News (Imperial College London)

Published 2021-08-07

  1. SolarWinds (NYSE:SWI) Shares Gap Down After Analyst Downgrade (MarketBeat)

Published 2021-08-05

  1. Senators will vote for amendments to the infrastructure bill as the recess approaches.National news (Pennsylvania News Today)
  2. CISA's Easterly Unveils Joint Cyber Defense Collaborative
  3. Lawmakers roll out bipartisan bill to help track cyber crimes (hill)

Published 2021-08-03

  1. DOJ states that Russians detained in SolarWinds have hacked federal prosecutors: NPR (Eminetra)
  2. Bitglass Security Spotlight: Ransomware Developments, Additional SolarWinds Victims, and More Data Breaches
  3. SolarWinds: Russian hackers broke into email accounts at US attorney offices

Published 2021-08-02

  1. Microsoft blames a Chinese hacker group for the new SolarWinds attack (List23: Latest U.S. News & Breaking World News)

Published 2021-07-31

  1. DOJ says SolarWinds hack impacted 27 US attorneys' offices (The Record by Recorded Future)
  2. SolarWinds hackers accessed over two dozen federal prosecutors' offices: DOJ (hill)

Published 2021-07-30

  1. Experts Uncover Several C&C Servers Linked to WellMess Malware (News Nation USA)
  2. US bids 'do svidaniya' to Russian staff at Moscow embassy
  3. Justice Department says Russians hacked federal prosecutors
  4. Russian hackers continue with attacks despite Biden warning | National (union-bulletin.com)
  5. Russian Hackers Continue With Attacks Despite Biden Warning (Bloomberg)

Published 2021-07-28

  1. Biden to Sign Cyber Security Executive Order (nyt)
  2. Podcast: Why Securing Active Directory Is a Nightmare (tpost)

Published 2021-07-26

  1. SolarWinds Corporation Loss Submission Form | Levi & Korsinsky, LLP (Securities Class Action Attorneys)

Published 2021-07-24

  1. House GOP calls for Biden to sanction China over hacks
  2. SolarWinds Stock Flies Higher after Completing Spin-Off (Millennial Money)
  3. After failing to dissuade cyber-attacks, America looks to its friends for help (The Economist)

Published 2021-07-21

  1. NIST Publishes 'Critical Software' Security Guidance
  2. Blunt, Colleagues Introduce Bipartisan Cyber Reporting Bill Following SolarWinds and Colonial Hacks (U.S. Senator Roy Blunt of Missouri)
  3. SolarWinds spins off enterprise unit into new firm, N-able (News)
  4. Senators introduce bill requiring some critical groups to report cybersecurity incidents (hill)
  5. New bill would make some companies report cyberattacks to government

Published 2021-07-20

  1. SolarWinds Shares Rise, N-able Falls After Spinoff Completed (MarketWatch)
  2. SolarWinds Corp. (SWI) Stock Plummets Following Announcement of Completion of Spin-Off Business (Stocks Telegraph)

Published 2021-07-19

  1. Solarwinds Corp 2021 Current Report 8 (K)
  2. SEC Reportedly Probing SolarWinds Breach (Hacking - nativenewspost)
  3. Biden Administration Blames Hackers Tied to China for Microsoft Cyberattack Spree (WSJ)
  4. US and allies accuse Chinese government of masterminding Microsoft Exchange cyberattack (Sports Grind Entertainment)
  5. US and allies accuse China of hacking campaign
  6. Cyber leaders officially join the ranks as White House grapples with remediation (Utility Dive)
  7. U.S., allies say Chinese intelligence service behind massive Microsoft hack (Washington Times)
  8. Biden administration to blame hackers tied to China for Microsoft cyberattack spree
  9. US puts trade restrictions on six Russian organisations (IT PRO)

Published 2021-07-17

  1. Senate appoints former NSA official as head of US cybersecurity agency (Engadget - News Nation USA)
  2. Video - A Documentary on The SolarWinds Hack (MalwareTips Community)
  3. Microsoft suspects hacker attacks on SolarWinds in another country

Published 2021-07-15

  1. According to Microsoft, Chinese hackers used a SolarWinds exploit to carry out attacks
  2. Daily Roundup: SolarWinds Patches Critical Zero-Day Bug (Opera News)
  3. Microsoft: SolarWinds cyberattack operated by hackers from China: Microsoft, IT Security News, ET CISO
  4. Chinese hackers behind new SolarWinds software attack: Microsoft
  5. 'Chinese hackers behind SolarWinds attack' Says Microsoft (Sentinelassam)
  6. Chinese Attack Group Exploiting SolarWinds Zero Day (Decipher)
  7. CVE-2021-35211 (SolarWinds Serv-U Managed File Transfer buffer overflow)
  8. Microsoft links SolarWinds hacker group to China
  9. SolarWinds Cyberattack: Chinese Hackers Behind SolarWinds Attack, Says Microsoft

Published 2021-07-14

  1. SolarWinds Patches Critical Zero-Day Bug Amid Targeted Attacks (SDxCentral)
  2. Chinese threat actor exploited zero-day SolarWinds (ExBulletin)
  3. Chinese hackers behind SolarWinds attack: Microsoft
  4. Microsoft says new SolarWinds zero-day was exploited by China (based threat actor)
  5. Microsoft attributes new SolarWinds attack to a Chinese hacker group (NewsBeezer)
  6. Zero (Trust Implementation Using WHOIS, IP, and DNS Data)
  7. Microsoft: Chinese Hackers Use Zero-Day to Exploit SolarWinds Software (Tech Times)
  8. SolarWinds Releases Patch for Active Vulnerability in Serv (U Software – Computer – News)
  9. Microsoft Says SolarWinds Serv-U Zero-Day Exploited by Chinese Group (SecurityWeek.Com)

Published 2021-07-13

  1. Chinese hacking group DEV-0322 behind Solarwinds Serv (U 0day attacksSecurity Affairs)
  2. New SolarWinds vulnerability under attack: RCE in Serv (U file sharing tool)
  3. SolarWinds 0-day gave Chinese hackers privileged access to customer servers (ars)
  4. Microsoft links Serv-U zero-day attacks to Chinese hacking group (The Record by Recorded Future)
  5. New CISA Director Confirmed, W.H. Gains Cyber-Director (tpost)
  6. SolarWinds, Alerted By Microsoft, Patches Serv-U Vulnerability (MSSP Alert)
  7. A New Critical SolarWinds Zero-Day Vulnerability Reported (Cyberintel Magazine)
  8. SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack (tpost)

Published 2021-07-12

  1. SolarWinds releases security advisory after Microsoft discovers vulnerability (ZDNet)
  2. DHS cybersecurity chief confirmed amid fallout from another ransomware attack (News Nation USA)
  3. SolarWinds Identifies, Patches Critical Vulnerability in Serv-U (My TechDecisions)
  4. SolarWinds Zero-Day Critical New Vulnerability Under Active Attack – . (FR24 News English)
  5. BreachExchange: SolarWinds Confirms New Zero (Day Flaw Under Attack)
  6. SolarWinds patches sensitive Serv-U Vulnerability used in the Wild (Xiarch Solutions Private Limited)
  7. SolarWinds Issues Patches in Wake of Zero (Day Attacks – Threat.Technology)
  8. SolarWinds released security advisory for critical Serv-U vulnerability (Cloud7 News)
  9. SolarWinds patches critical Serv-U vulnerability (July 2021) (Born's Tech and Windows World)
  10. Microsoft warns SolarWinds customers that Serv-U is under attack (TechCentral.ie)
  11. Remote code execution in SolarWinds Serv (U)
  12. SolarWinds issues yet another emergency patch after hackers strike again (TechRadar)
  13. Solarwinds Serv-U Zero-Day Vulnerability: Dataprise Defense Digest (Dataprise)
  14. SolarWinds warns of ‘targeted’ breach by hackers exploiting new software flaw (MarketWatch)
  15. SolarWinds releases patch for actively exploited zero (day vulnerability)
  16. SolarWinds Serv-U FTP and Managed File Transfer CVE-2021-35211: What You Need to Know (Rapid7 Blog)
  17. SolarWinds issues software update – one it wrote for a change (to patch hole exploited in the wild • The Register)
  18. SolarWinds releases security advisory after Microsoft discovers vulnerability (ZDNet)
  19. Another zero-day vulnerability in SolarWinds Serv (U product exploited by cyber criminals)
  20. SolarWinds Discloses Zero (Day Under Active Attack)
  21. SolarWinds says unknown hackers exploited newly discovered software flaw (Reuters)
  22. Microsoft detects critical SolarWinds zero (day during active attack)
  23. SolarWinds Discloses Zero-Day Under Active Attack (NewsOpener)
  24. Microsoft Discovers SolarWinds Critical Zero-Day Under Active Attack (Insider Voice)
  25. SolarWinds fixes critical Serv-U zero (day exploited in the wildSecurity Affairs)
  26. Chris Inglis formally sworn in as national cyber director (hill)
  27. Senate confirms Jen Easterly as head of U.S. cyber agency (POLITICO)
  28. Rosen Leads Bipartisan Call to Provide $10 Million in Funding for Cybersecurity Education and Training (Senator Jacky Rosen)
  29. Microsoft discovers critical SolarWinds zero-day under active attack (ars)
  30. SolarWinds patches critical Serv (U vulnerability exploited in the wild – News Block)
  31. SolarWinds patches critical Serv (U vulnerability exploited in the wild)

Published 2021-07-09

  1. SolarWinds Trust Center Security Advisories (CVE-2021-35211)
  2. Microsoft Is Said to Be Buying Cybersecurity Company RiskIQ (Bloomberg)
  3. U.S. Cyber Chief in Limbo During REVil Attacks Set to Start Work
  4. Biden Tells Putin Russia Must Crack Down on Cybercriminals (Military.com)
  5. Biden warns Putin on Russian ransomware attacks (hill)
  6. Another Cybersecurity Attack: State Department in Russian Crosshairs This Time (ClearanceJobs)

Published 2021-07-08

  1. Russia (linked ‘Cozy Bear’ Hackers Breach Republican Party Computer Systems From Harlem To Harare)
  2. 4 key takeaways from Biden’s Executive Order on cybersecurity (secblvd)
  3. GOP allegedly hacked by APT29, known as Cozy Bear | 2021-07-08 (Security Magazine)
  4. Three new security plunders: Microsoft said it’s the same group behind SolarWinds hack
  5. FERC and NERC Publish Whitepaper on SolarWinds and Related Supply Chain Compromise (Akin Gump Strauss Hauer & Feld LLP - JDSupra)
  6. Cyber Command lawyer calls for military operations against hackers (hill)

Published 2021-07-07

  1. SolarWinds and Related Supply Chain Compromise
  2. FERC, NERC whitepaper warns of supply (chain risk)
  3. SolarWinds and Related Supply Chain Compromise (Federal Energy Regulatory Commission)
  4. The fencing built around the Capitol after the Jan. 6 riot is coming down. (nyt)
  5. Russian Hacker Group Cozy Bear Behind GOP Cyberattack: Reports (Tech Times)
  6. Attempted to hack RNC and Russian ransomware attack test Biden (Eminetra)
  7. A cyberattack on the R.N.C. was likely carried out by Russians, posing a challenge for Biden. (nyt)
  8. Attempted Hack of R.N.C. and Russian Ransomware Attack Test Biden (nyt)
  9. CRN
  10. RNC says contractor breached in hack, GOP data secure (hill)
  11. Russian hackers targeted Republican National Committee last week, reports say (The Independent)
  12. Republican National Committee Hack: Russian Cozy Bear Group Breached Computers (Bloomberg)
  13. Russia ‘Cozy Bear’ Breached GOP as Ransomware Attack Hit (wapo)

Published 2021-07-06

  1. Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604) (Trustwave)

Published 2021-07-05

  1. SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments
  2. CISA sees zero trust adoption coming into focus under cyber executive order (FRN)
  3. The Hope spacecraft records the aurora borealis of Mars in the most detailed images so far (science and health)

Published 2021-07-03

  1. SolarWinds hack exposes Denmark’s central bank (IceNews - Daily News)

Published 2021-07-02

  1. US, UK warn about Russia's brute force cyber campaign (Illinois News Today)
  2. Denmark's central bank affected by SolarWinds compromise. Notes from the underground. (Publicnewsportal)
  3. Debate Heats Up as Senator Prepares to Introduce Incident-Reporting Legislation (Nextgov)
  4. Understanding Zero Trust in the Cyber Executive Order for Federal Agencies (MeriTalk)
  5. China Likely Outed Soon For Exchange Hacks - Breaking Defense Breaking Defense (Defense industry news, analysis and commentary)
  6. The Countdown Towards Zero Trust and MFA (Infosecurity Magazine)
  7. Solar Winds Hackers Continue To Cause Grief (Cyber Security Hub)

Published 2021-07-01

  1. Microsoft Customers Warned of Targeted Scams by NOBELLIUM (Data Privacy + Cybersecurity Insider)

Published 2021-06-30

  1. SolarWinds hackers had access to Denmark’s central bank for months
  2. Hackers Had Secret Access to Danish National Bank for Seven Months After SolarWinds Attack – Report (SGT Report)
  3. NSA discloses hacking methods it says are used by Russia (The Seattle Times)
  4. SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (NY Press News)
  5. SolarWinds Investigation Leads Microsoft to Another Security Breach Discovery (FindBiometrics)
  6. Danish central bank denies suffering breach in SolarWinds hack (Central Banking)
  7. Senators propose bill to help private sector defend against hackers (hill)
  8. Danmarks Nationalbank’s comments on media reports about SolarWinds
  9. Denmark’s Central Bank Compromised by SolarWinds Cyber Attack: Media Report
  10. SEC Conducts Sweep Of Customers Impacted By SolarWinds Cyber Breach - Corporate/Commercial Law (United States)
  11. SolarWinds hackers remained in Denmark's central bank for monthsSecurity Affairs
  12. SolarWinds hackers had access to Denmark's central bank for 7 months, report says (CyberScoop)

Published 2021-06-29

  1. Microsoft admits certifying a driver loaded with rootkit malware, says 'small number' of customers compromised by SolarWinds hackers (HITBSecNews)
  2. Russian hackers had months (long access to Denmark's central bank)
  3. Microsoft: malicious cyber group Nobelium tried to attack entities in 36 countries (Israel Defense)
  4. SolarWinds Hackers Continue Assault With a New Microsoft Breach (Forbes Alert)
  5. Hackers Disguise Rootkit as Microsoft Drivers
  6. Denmark's Central Bank hacked through SolarWinds vulnerability
  7. Cybersecurity Survey: SolarWinds Attack Costs Impacted Enterprises On Average $ 12 Million (Fuentitech)
  8. Administration to release attribution for Microsoft vulnerabilities in 'coming weeks' (hill)
  9. Denmark's central bank exposed in SolarWinds hack, media report says (Reuters)

Published 2021-06-28

  1. BreachExchange: SolarWinds hackers breach Microsoft support agent to target customers
  2. The Impact of the SolarWinds Cost Companies 11% of Their Annual Revenue
  3. Major Danish bank was attacked by SolarWinds (NewsLine)
  4. Denmark's central bank exposed in SolarWinds hack, media report says
  5. Nobelium, After SolarWinds, Has Now Hit Microsoft (Cyberintel Magazine)
  6. Details of basic customers attacked by Microsoft support agents and SolarWinds attackers (Fuentitech)
  7. SolarWinds hack: Microsoft says new breach discovered during SolarWinds hack probe (The Economic Times)
  8. Microsoft Signed Malware That Spreads Through Gaming (tpost)
  9. Microsoft uncovers new breach while investigating SolarWinds hackers, Digital News (AsiaOne)
  10. The SolarWinds hackers are attacking again. (Aluria Tech)
  11. Microsoft customer support hacked in new campaign by APT29
  12. Investigating and Mitigating Malicious Drivers (Microsoft Security Response Center)
  13. Microsoft accidentally approved malware that could spy on Windows users
  14. Lawmaker, Tech Companies Clash on Software Transparency Requirements (Nextgov)
  15. IT services firms shoulder undue amount of security risk
  16. Microsoft Tracks Attack Campaign Against Customer ...
  17. Bipartisan Bill Aims to Strengthen Federal Cyber Workforce (MeriTalk)
  18. Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)
  19. Hassan, Cornyn float bill to create new federal cybersecurity training programs - (FCW)
  20. Russian hackers breached Microsoft customer support to try phishing targets in 36 countries
  21. Cybersecurity study: SolarWinds attack cost affected companies an average of $12 million (TechRepublic)
  22. Microsoft’s customer support targeted by SolarWinds hackers
  23. Microsoft Discovers New Attacks by SolarWinds Group, Including One Against Its Own Agent - by Cynthia Brumfield (Metacurity)
  24. Microsoft says hackers who compromised SolarWinds breached three new victims
  25.  New Research Finds the SolarWinds Cyber Attack Cost Affected Companies in Key Sectors 11% of Total Annual Revenue on Average
  26. Cybersecurity study: SolarWinds attack cost affected companies an average of $12 million (TechRepublic)
  27. SolarWinds hackers attack Microsoft, shocking security analysts (Techzine Europe)
  28. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (The Star Phoenix)
  29. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Regina Leader Post)
  30. Microsoft (NASDAQ:MSFT) customers compromised in a cyberattack
  31. Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)
  32. SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (The Cyber Security News)
  33. Microsoft says new breach was discovered in probe by suspected SolarWinds hackers by Reuters (My Blog)

Published 2021-06-27

  1. Microsoft says its own customer support tools were compromised by SolarWinds hackers (TechNewsBoy.com)
  2. SolarWinds hackers breach new victims, including a Microsoft support agent (HITBSecNews)
  3. Microsoft Says SolarWinds Hackers Attacked Three in New Breach (usnewsmail)
  4. SolarWinds hackers break into new victims, including Microsoft support agents (Fuentitech)
  5. SolarWinds Hackers Accessed Microsoft Customer Service Tools (Teller Report)

Published 2021-06-26

  1. Microsoft Corporation (NASDAQ:MSFT) - Microsoft Says Its Customer Support Tools, Users' Information Were Exploited By The Hackers Behind SolarWinds (Benzinga)
  2. SolarWinds clients say they will face an investigation from the USSEC over disclosure of cyber breaches (Fuentitech)
  3. Microsoft says a new breach was discovered in a suspected investigation into SolarWinds hackers (India News Republic)
  4. Microsoft admits to signing rootkit malware in supply-chain fiasco (Business Standard News)
  5. SolarWinds hackers attack new victims, including Microsoft support agent – . (FR24 News English)
  6. SolarWinds hackers breach new victims, including a Microsoft support agent – Ars Technica (Million Dollar Business Blog)
  7. SolarWinds Hackers Breach New Victims, Including Microsoft Support Agent (Salesground)
  8. SolarWinds hackers breach new victims, together with a Microsoft help agent (EAUC News)
  9. SEC FORM 3
  10. Microsoft claims its own customer support tools have been compromised by SolarWinds hackers – . (FR24 News English)
  11. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Netscape Money & Business)
  12. Microsoft Discloses New Customer Hack Linked to SolarWinds Cyberattackers (WSJ)
  13. SolarWinds hackers breach new victims, including a Microsoft support agent (ars)
  14. Microsoft: Russia (linked SolarWinds hackers breached three new entitiesSecurity Affairs)
  15. Microsoft reports previously undetected security breach while investigating SolarWinds hack — RT USA News
  16. Microsoft says its own customer support tools were compromised by SolarWinds hackers (Sports Grind Entertainment)
  17. SolarWinds backdoor gang pwns Microsoft support agent to turn sights on customers (Register)

Published 2021-06-25

  1. Senators propose bill to help tackle cybersecurity workforce shortage (hill)
  2. SolarWinds : Cyberattack Generates Recent Widespread SEC Enforcement Requests (MarketScreener)
  3. Microsoft says its own customer support tools were compromised by SolarWinds hackers (Verge)
  4. Bipartisan Legislation Would Establish Cybersecurity Literacy Campaign
  5. Microsoft says SolarWinds hacking group has breached three new victims (The Record by Recorded Future)
  6. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Reuters)

Published 2021-06-24

  1. SEC “Sweep” of Public Companies’ & Registrants’ Responses to the SolarWinds Cyberbreach (Faegre Drinker Biddle & Reath LLP - JDSupra)

Published 2021-06-23

  1. SEC Reportedly Investigating SolarWinds Disruption (Breaking into - The Rv Article)
  2. SEC “Sweep” of Public Companies’ & Registrants’ Responses to the SolarWinds Cyberbreach
  3. SolarWinds Cyberattack Generates Recent Widespread SEC Enforcement Requests (Troutman Pepper - JDSupra)

Published 2021-06-22

  1. SEC Conducts Sweep of Customers Impacted by SolarWinds Cyber Breach (Securities Litigation and Regulatory Enforcement)
  2. SEC.gov (In the Matter of Certain Cybersecurity-Related Events (HO-14225) FAQs)
  3. Open Source Security: Google Has New Plans to Stop Software Supply Chain Attacks (Texas News Today)
  4. Key Lawmaker Calls on Pentagon Leadership to Act on Cyber Certification Program (Nextgov)
  5. CMMC: The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program (Nextgov)
  6. House lawmakers introduce bill to increase American awareness of cyber threats (hill)
  7. Energy wants $201 million to bolster cybersecurity in wake of attacks
  8. US SEC probing clients of SolarWinds over cyber (breach)
  9. The SEC is reportedly investigating SolarWinds breaches (Hacking - Fuentitech)
  10. Federal Agencies Could Have Neutralized SolarWinds Breach, CISA Says
  11. SEC Reportedly Probing SolarWinds Breach (Hacking - newsbinding)
  12. CISA believes SolarWinds attack could have been prevented with simple countermeasures (Cyber Reports Cybersecurity News & Information)
  13. Recent SEC Enforcement Requests Related to SolarWinds Cyberattack (Skadden, Arps, Slate, Meagher & Flom LLP - JDSupra)
  14. Did Companies Fail to Disclose Being Affected by SolarWinds Breach? (The Cyber Post)
  15. CISA: No organization in the public or private sector could’ve prevented SolarWinds breach (FRN)
  16. CISA believes SolarWinds attack could have been prevented with simple countermeasures | 2021-06-23 (Security Magazine)
  17. SEC Reportedly Probing SolarWinds Breach | Hacking (TechNewsWorld)
  18. CISA: Firewall Rules Could Have Blunted SolarWinds Malware
  19. SEC Investigates If Companies Did Not Disclose Effects of SolarWinds Cyber ​​Breach (UK Time News)
  20. SolarWinds customers asked to face investigation from US SEC over cyber breach disclosure (Indian Lekhak)
  21. Politics: Cyber agency says SolarWinds hack could have been deterred by simple security measures - PressFrom (US)
  22. Total Solar Eclipses Shed Light on the Temperature of Solar Winds and Sun's Corona (Science Times)
  23. US SEC Investigates SolarWinds Clients for Cyber ​​Breach: Report (Economy and Business News - Insider Voice)
  24. The US Securities and Exchange Commission is investigating SolarWinds clients for hacking detection - Sources by Reuters (Asia Pacific Live Update)
  25. Hillicon Valley: Cyber agency says SolarWinds hack could have been deterred | Civil rights groups urge lawmakers to crack down on Amazon's 'dangerous' worker surveillance (Manchin-led committee puts forth sprawling energy infrastructure proposal - The Ne)
  26. Could better cyber hygiene have prevented the SolarWinds attack?
  27. SolarWinds Clients Said to Face US SEC Probe Over Cyberattack Disclosures (News Update)
  28. SolarWinds hackers could have been waylaid by simple countermeasure – U.S. officials (102.5 Duke FM)
  29. US SEC investigates SolarWinds clients over cyber breach disclosures (The Cyber Security News)
  30. U.S. SEC has begun probe of cyber breach by SolarWinds – sources
  31. Rethinking US Federal network defenses. Mandatory reporting laws. International CyberCrime Prevention Act, RICO, and money laundering.
  32. US SEC investigates SolarWinds clients over cyber breach disclosures (IT PRO)
  33. Government-mandated SBOMs to throw light on software supply chain security (CSO Online)
  34. The Cybersecurity 202: Defense contractors are yet another sector highly vulnerable to hacking, study finds (wapo)
  35. SolarWinds hackers may have been thwarted by simple security measures, officials say (Fuentitech)
  36. SolarWinds Hackers Could Have Been Waylaid by Simple Countermeasure -US Officials - Latest Tweet by Reuters (LatestLY)
  37. Software bills of materials (SBOM) could help improve cybersecurity (CNX Software)
  38. Mandatory Cyber Reporting Within 24 Hours: Sen. Warner Bill - Breaking Defense Breaking Defense (Defense industry news, analysis and commentary)
  39. Cyber agency says SolarWinds hack could have been deterred by simple security measures
  40. ‎World Business Report: Update: US authorities open probe into SolarWinds' cyber breach on Apple Podcasts
  41. U.S. SEC probing SolarWinds clients over cyber breach disclosures -sources (Reuters)
  42. SP 800-216 (Draft), Recommendations for Federal Vulnerability Disclosure Guidelines (CSRC)
  43. SEC still digging into SolarWinds fallout, nudges undeclared victims (Register)

Published 2021-06-21

  1. US SEC Requests Information from SolarWinds Customers in Cyber ​​Attack Investigation (RB Tech Inc)
  2. SolarWinds’ Breach Disclosures Being Painstakingly Examined by U.S. SEC (Byte News)
  3. U.S. SEC probing SolarWinds clients over cyber breach disclosures (sources)
  4. U.S. SEC seeks information from SolarWinds clients in cyber breach probe (Regina Leader Post)
  5. Hillicon Valley: Cyber agency says SolarWinds hack could have been deterred | Civil rights groups urge lawmakers to crack down on Amazon's 'dangerous' worker surveillance | Manchin-led committee puts forth sprawling energy infrastructure proposal (TheHil)
  6. SolarWinds hackers could have been waylaid by simple countermeasure -US officials (Reuters)
  7. SEC Investigating Companies’ Handling of SolarWinds Attack (Bloomberg)
  8. US SEC officials say government agencies have begun investigating SolarWinds cyber infringement (Texas News Today)
  9. U.S. SEC probing SolarWinds clients over cyber breach disclosures -sources (Reuters)
  10. Biden’s executive order on cybersecurity should include behavior transparency (TechCrunch)

Published 2021-06-20

  1. Jake Sullivan: U.S. preparing more sanctions for Russia

Published 2021-06-18

  1. Senators Draft a Federal Breach Notification Bill
  2. Google’s latest framework aims to prevent SolarWinds (like supply chain attacks)
  3. The Cybersecurity 202: The race is on to make hacked companies more accountable to government. (wapo)
  4. Systemic cyberattacks trigger response from insurers (Insurance Business)

Published 2021-06-17

  1. SolarWinds hackers could have been waylaid by simple countermeasure -US officials (National Post)
  2. Cybersecurity Rule Could Prompt DoD Supplier Fallout (EE Times)
  3. Cybersecurity Rule Could Prompt DoD Supplier Fallout (EE Times)
  4. Google dishes out homemade SLSA, a recipe to thwart software supply (chain attacks • The Register)
  5. Critical cyber targets: You can't touch this (again), Biden tells Putin
  6. Binary Authorization for Borg: how Google verifies code provenance and implements code identity
  7. Open-source security: Google has a new plan to stop software supply chain attacks (ZDNet)
  8. Senate confirms first White House cyber director

Published 2021-06-16

  1. Microsoft's CISO: Why we're trying to banish passwords forever (ZDNet)
  2. Tonya Ugoretz: FBI Needs Industry Cooperation to Address Cyber Incidents
  3. Is an Attacker Living Off Your Land?
  4. NSA cyber director discusses US response, approach to apparent espionage operation
  5. Cyber EO May Move Software Supply Chain Security From Neutral to Highway Speed (MeriTalk)

Published 2021-06-15

  1. How FireEye attributed the SolarWinds hacking campaign to Russian spies (CyberScoop)
  2. Biden Signs Executive Order Intended to Improve the Federal Government's Cybersecurity (Troutman Pepper - JDSupra)
  3. Federal CISO forecasts one of toughest tasks in sweeping Biden cyber executive order

Published 2021-06-14

  1. Bank of America spends over $1 billion per year on cybersecurity
  2. DHS poised to remake federal hiring in September to confront cybersecurity gap - (FCW)
  3. Key Senator Wants Biden to Raise SolarWinds in International Negotiations (Nextgov)

Published 2021-06-11

  1. Cyber ​​regulation could come after a series of hacks and ransomware attacks (Voice of America - Texas News Today)
  2. Federal cyber spending to drive an M&A surge, analyst says (Washington Business Journal)
  3. Biden Signs Executive Order Aimed at Improving the Federal Government’s Cybersecurity (Troutman Pepper - JDSupra)
  4. Notification no (nos: What to avoid when alerting customers of a breach)
  5. Form DEF 14C SolarWinds Corp For: Jun 11
  6. Solarwinds Corp 2021 Definitive information statements DEF 14C

Published 2021-06-10

  1. DOJ Seizes Millions in Ransom Paid to Colonial Pipeline Hackers (Kramer Levin Naftalis & Frankel LLP - JDSupra)
  2. How Attackers Exploit Active Directory: Lessons Learned from High-Profile Breaches (secblvd)
  3. Understanding the Biden Administration’s Cybersecurity Executive Order (ABA Banking Journal)
  4. We Already Know How to Stop SolarWinds (Like Hacks)
  5. Time (lapse Video and Photos of Michigan's 2021 Solar Eclipse)
  6. Sen. Warner teases bipartisan bill requiring some companies to report cyberattacks
  7. Biden moves closer to filling critical cyber roles as administra (WENY News)
  8. US Cyber Command wants more money for network defense

Published 2021-06-08

  1. CISA launches platform to let hackers report security bugs to US federal agencies (TechCrunch)

Published 2021-06-07

  1. Zero Trust is the Only Way: President Biden’s Executive Order Simplified (secblvd)
  2. DOJ recovers most of ransom Colonial Pipeline paid to DarkSide hackers | News (coloradopolitics.com)
  3. Security clearance demands are exploding and government must keep up - (FCW)
  4. America must repel and punish cyber-attackers | Editorials (mtexpress.com)

Published 2021-06-06

  1. Energy secretary backs ban on ransomware payments: 'You are encouraging the bad actors'

Published 2021-06-05

  1. India's Cybersecurity Breach Reporting Law: Time for an Overhaul? (Illinois News Today)

Published 2021-06-04

  1. Senate bill proposes requiring cyber incident notification to feds within 24 hours (CyberScoop)
  2. SolarWinds response team recounts early days of attack
  3. A New Kind of Trust Root. Announcing the Sigstore Root Key… | by Dan Lorenc | Jun, 2021 (sigstore)
  4. How LF communities enable security measures required by the US Executive Order on Cybersecurity (Linux Foundation)
  5. Cyber EO response will involve leaders from every agency, Federal CISO says (FedScoop)
  6. Strengthening US Cybersecurity: Impacts of the Executive Order (NAVEX Global - JDSupra)

Published 2021-06-03

  1. Russian SolarWinds hackers have launched a new campaign using their USAID email address, Microsoft said. (Illinois News Today)
  2. New Executive Order Issued on Improving Nation’s Cybersecurity (Lexology)

Published 2021-06-02

  1. SolarWinds hackers are attempting phishing attacks targeting 150 organizations, Microsoft said. (Illinois News Today)
  2. SolarWinds lawsuit claims private equity owners ‘sacrificed cybersecurity to boost short-term profits’ (The Open Security)
  3. FireEye CEO Kevin Mandia On Ransomware: Businesses Must ‘Try To Reduce The Blast Radius’ Of Attacks
  4. Meatpacking giant JBS believes Russia behind hack that hit plants - Raw Story (Celebrating 17 Years of Independent Journalism)

Published 2021-06-01

  1. US Seizes Domains Used by SolarWinds Hackers in Cyber Espionage Attacks (News Nation USA)
  2. What Microsoft officials know about Russian phishing hacks aimed at USAID (Illinois News Today)
  3. Consolidated Complaint for Violations of the Federal Securities Laws
  4. SolarWinds Corporation (Bernstein Litowitz Berger & Grossmann LLP)
  5. FireEye CEO: 'We are getting sucker (punched in cyberspace')
  6. SolarWinds lawsuit expands to include private equity owners
  7. Biden Warns Businesses of Increased Cybersecurity Threat
  8. Russia's Nobelium uses USAID's email system for hacking, according to Microsoft (Illinois News Today)
  9. Biden weighs direct action against Russian targets following cyberattacks (WHAM)
  10. will over solarwinds latest massive phishing
  11. U.S. seizes domains used in USAID hack (UPI)
  12. US SolarWinds hackers seize domains used in cyber espionage attacks (Jioforme)
  13. SolarWind Attackers Launch New Wave Of Phishing Attacks
  14. Cyberattack On World's Biggest Meat Company 'Likely Based In Russia'
  15. SolarWinds lawsuit claims private equity owners ‘sacrificed cybersecurity to boost short-term profits’ (The Cyber Security News)
  16. Senate Hearing Considers CMMC, and Ability to Stop a SolarWinds-Type Attack (PubKGroup)
  17. Feds seize two domains used by SolarWinds intruders for malware spear (phishing op • The Register)
  18. US seizes 2 domain names used in cyberespionage campaign (The Seattle Times)
  19. Justice Department seizes domains used in Nobelium-USAID phishing campaign (ZDNet)
  20. NobleBaron (New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs)
  21. Poisoned Installers Found in SolarWinds Hackers Toolkit (Flizzyy News)
  22. SolarWinds Threat Actors Behind New Email Attack Campaign
  23. Meatpacking giant JBS hit by cyberattack; believes Russia involved
  24. Here Are Some Of The Major Hacks The U.S. Blamed On Russia In The Last Year
  25. Cybersecurity for U.S. critical infrastructure a ‘national (security imperative,’ NSC official says – Urgent Comms)
  26. U.S. seizes two domains used in cyberattacks that mimicked USAID communications (Nasdaq)
  27. JBS cyber attack: 1/5 of beef production wiped out in massive hack (Axios)
  28. SolarWinds hackers launch phishing attack - (GCN)
  29. Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber
  30. Cyberattacks on Companies' IP Threaten the Global Order (Barron's)
  31. The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow (secblvd)
  32. GISEC 2021: SolarWinds CEO to deliver a keynote address titled SolarWinds: Secure by Design on June 2 (Enterprise Channels MEA)
  33. Biden's $6T budget includes cybersecurity, broadband infrastructure (Healthcare IT News)
  34. New breach by hackers behind SolarWinds 'mostly unsuccessful', says Microsoft (Secure books)
  35. Russian SolarWinds Hacker Launches New Phishing Campaign-Security (Illinois News Today)
  36. How SolarWinds Hackers ‘Nobelium’ Used Constant Contact in Mass Phishing Campaign

Published 2021-05-31

  1. SolarWinds Attackers Launch New Wave Of Nobelium Attacks - Malware News (Malware Analysis, News and Indicators)
  2. New Wave of Phishing Attacks: SolarWinds Hackers Target Government and NGOs
  3. Russian hackers of SolarWinds back on the attack
  4. US Proposes $750m For Federal SolarWinds Response (IT Security News)
  5. Nobelium: The SolarWinds Hackers is Back With Another Cyber Attack (secblvd)
  6. Solarwinds: 150 companies massively targeted by APT29
  7. SolarWinds Engineer's Toolset vs. Splunk Enterprise vs. Terabit Security Comparison
  8. SolarWinds Attack Ongoing U.S. Sets Aside $750 Million to Respond   (USA Herald)
  9. Another Nobelium Cyberattack (Microsoft On the Issues)
  10. SolarWinds Hackers Return, Launch Phishing Campaign Using Compromised Account of US Foreign Aid Agency (CPO Magazine)
  11. Implications Of Russian Solarwinds Hackers New Email Attack On Government Agencies (Information Security Buzz)

Published 2021-05-30

  1. SolarWinds Hackers Have Not Returned, They Have Never Been Removed (J99news)
  2. Keith Alexander Warns About Cyberattacks Linked to Russia
  3. The SolarWinds hackers aren’t back—they never went away (ars)
  4. Gen. Alexander Says Russian Cyber Attacks Escalating, 'More Blatant' (Newsmax.com)
  5. Gen. Alexander Says Russian Cyber Attacks Escalating, ‘More Blatant’ (News Talk WBAP-AM)

Published 2021-05-28

  1. Microsoft warns that Russian hackers used US agency to mount huge cyberattack (CNET)
  2. Hackers are using Trump’s election fraud conspiracy to break into U.S. government agencies
  3. SolarWinds attacker Nobelium targets over 150 companies in new mass email campaign (CSO Online)
  4. Kremlin says has no information on U.S. cyber attack, directs questions to Microsoft (The Star Phoenix)
  5. SolarWinds hackers using NativeZone backdoor against 24 countries
  6. Russian Hackers Of SolarWinds Back On The Attack
  7. MSFT warns group behind SolarWinds cyberattack's returned to target over 150 organizations
  8. Khanna, Mace introduce bill to strengthen federal cyber workforce following major hacks (hill)
  9. New York And Illinois Regulators Recommend Third Party Cybersecurity Review For Specific Vulnerabilities - Technology (United States)
  10. Microsoft says SolarWinds hackers have struck again at the US and other countries (CNN)
  11. Microsoft says group behind SolarWinds hack now targetting government agencies, NGOs (Regina Leader Post)
  12. SolarWinds hackers are at it again, targeting 150 organizations, Microsoft warns
  13. Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency (Register)
  14. Microsoft: SolarWinds hackers target 150 orgs with phishing | Govt. & Politics (yorknewstimes.com)
  15. Microsoft says group behind SolarWinds hack now targeting government agencies, NGOs (Reuters)
  16. SolarWinds hack: Microsoft says SolarWinds hackers now targeting US agencies, NGOs (The Economic Times)
  17. Microsoft: SolarWinds hackers target 150 orgs with phishing
  18. Microsoft Catches NOBELIUM's Email Malware Plans, Also Known for its Part in SolarWinds' Attack (Tech Times)
  19. SolarWinds attacker Nobelium targets almost 3,000 emails (ARN)
  20. Microsoft Says SolarWinds Hackers Are Back, USAID Breached

Published 2021-05-27

  1. Federal Register :: Software Bill of Materials Elements and Considerations
  2. New sophisticated email-based attack from NOBELIUM (MS Security)

Published 2021-05-26

  1. Biden’s Cybersecurity EO: The Wrong Issues (tpost)
  2. SolarWinds prevention, avoiding a cyber security disaster (CyberTalk)
  3. Microsoft has discovered yet more SolarWinds malware | #microsoft | #hacking (#cybersecurity - National Cyber Security News Today)
  4. Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach | #microsoft | #hacking (#cybersecurity - National Cyber Security News Today)
  5. US agencies lack supply chain best practices post (SolarWinds)
  6. White House taps Matt Olsen, Uber security boss and former NSA lawyer, to lead key DOJ division

Published 2021-05-25

  1. (16) Dimon: Cyberattacks are getting worse. DC must do more
  2. Written Sttement of jamie Dimon to Senate Banking Committee
  3. SolarWinds hack 'a big wakeup call,' NASA's human spaceflight chief says (Space)
  4. SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing (R Street)
  5. VIDEO: Congress Holds Joint Hearing On SolarWinds Hack And Cybersecurity (LiveTube)
  6. DoJ, FBI, IC reviewing supply chain threats posed by Russian companies (FRN)
  7. United States House of Representatives : Chairman Foster Opening Statement for Hearing on SolarWinds and Improving the Cybersecurity of Software Supply Chains
  8. Turn the Tables: Supply Chain Defense Needs Some ...
  9. It's Time for Congress to Push Companies to Come Forward on Hacks (Just Security)
  10. Colonial ransomware hack spurs first-ever cybersecurity regulations for pipeline industry (wapo)

Published 2021-05-21

  1. VA found ‘no evidence’ of compromise in SolarWinds hack: CISO Cunningham
  2. 'Early recon activities' for SolarWinds hack may have started in early 2019 ⋅ Windows Global
  3. SolarWinds CEO: Hackers Were Doing "Early Recon" As Early As January 2019 (My TechDecisions)
  4. Veterans Affairs says no evidence of data loss from SolarWinds hack (FRN)

Published 2021-05-20

  1. Biden urged by tech firms to embrace commercial software
  2. Cybersecurity Legal Task Force
  3. Solar Storm Coming to Earth at 2.1 Million km per Hour: How Dangerous Is It? (Nature World News)
  4. SimuLand: Understand adversary tradecraft and improve detection strategies (MS Security)
  5. Hackers targeted SolarWinds earlier than previously known (Arab News)
  6. The UK’s Approach to Russian Cyber Operations Shows No Signs of Changing (RUSI)
  7. N-able Announces New Chief Security Officer and General Counsel to Its Executive Leadership Team (N-able)
  8. President Biden Announces Sweeping New Cybersecurity Reforms (Pillsbury Winthrop Shaw Pittman LLP - JDSupra)
  9. SolarWinds hackers had earlier access than previously thought; Russia denies role (Seeking Alpha)
  10. CMMC is not as scary as you think (secblvd)
  11. The 3 elements of a sound threat intelligence program (TechRepublic)
  12. SolarWinds hack: Nation-state attackers could have launched supply chain attack nine months before previously thought (The Daily Swig)
  13. What to do? GSA cyber advisor offers tips on supply chain risk management. (scmedia)
  14. CISA and NIST Guidance on Software Supply Chain Attacks
  15. Hackers targeted SolarWinds earlier than previously known (Inside Telecom)
  16. New Bill Proposes that Americans Should Be Able to Sue Foreign Hackers (Faegre Drinker Biddle & Reath LLP - JDSupra)
  17. Hackers targeted SolarWinds earlier than previously known (Arab News PK)
  18. CrowdStrike breaks down 'Golden SAML' attack
  19. 12 Lessons Learned From The SolarWinds Breach: RSA Conference
  20. How to Avoid Another Cybersecurity Disaster Like SolarWinds
  21. How 2 New Executive Orders May Reshape ...
  22. SolarWinds CEO extends hack timeline, rethinks intern blame (Cybersecurity Dive)
  23. To avoid insider threats, security strategies call for behavioral profiling and anomaly comparison | 2021-05-20 (Security Magazine)
  24. The Negligence behind the Colonial Pipeline Hack | Business (stltoday.com)
  25. House Panel Passes Bill to Explore Bringing State and Local Cybersecurity Workers into CISA (Nextgov)
  26. President Biden's Executive Order to Improve Cybersecurity Issued (King & Spalding - JDSupra)
  27. SolarWinds: A Harbinger For a National Data Breach Reporting Law (Decipher)

Published 2021-05-19

  1. Hackers targeted SolarWinds earlier than previously known
  2. Dave MacKinnon takes over as CSO of N-able (formerly SolarWinds MSP) | 2021-05-21 (Security Magazine)
  3. SECURITY ALERT - SolarWinds CEO: Attack Began Much Earlier Than Previously Thought (MalwareTips Community)
  4. SolarWinds CEO Apologizes For Blaming An Intern
  5. Hackers targeted SolarWinds earlier than previously known
  6. Hackers Targeted Solarwinds Earlier than Previously Known (VOA)
  7. UPDATE 1 (SolarWinds CEO says hackers may have struck months earlier than thought)
  8. Is it time to test the limits -- and potential -- of expanding CMMC? - (Defense Systems)
  9. SolarWinds CEO: Attack Began Much Earlier Than Previously Thought (NewsOpener)
  10. Hackers targeted SolarWinds earlier than previously known (WDHN - DothanFirst.com)
  11. Would CMMC compliance block a SolarWinds-style attack? - (FCW)
  12. Parsing Biden’s Cybersecurity Order (secblvd)
  13. Senate Homeland Security and Governmental Affairs Hearing on Cybersecurity (UPI)
  14. Plurilock Issues Statement Following U.S. Executive Order to Increase Cybersecurity Defenses
  15. President Biden’s Recent Cybersecurity Executive Order Will Increase Compliance Obligations on the Private Sector (Lexology)
  16. President Biden’s Cybersecurity Order Takes Security Seriously (Lowndes - JDSupra)
  17. SolarWinds CEO says hackers may have struck months earlier than thought (Reuters)
  18. #RSAC: SolarWinds CEO Provides New Details into Attack and Response (The Cyber Security News)
  19. #RSAC: SolarWinds CEO Provides new details on attack and response (Jioforme)
  20. SolarWinds: The Detailed Account of the Incident Response (RSA)
  21. SolarWinds CEO says hackers may have struck months earlier than thought (Nasdaq)
  22. SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern
  23. SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019 (The Record by Recorded Future)
  24. SolarWinds CEO says hackers may have struck months earlier ...
  25. CEO: SolarWinds Attack Dates Back to at Least January 2019 (PCMag)
  26. How CISA limited the impact of the SolarWinds attack (FRN)
  27. Biden EO Has Teeth, But May Prove Difficult to Implement (secblvd)

Published 2021-05-18

  1. Biden calls for $22 billion in cyber security funding (IT PRO)
  2. SolarWinds CEO says hackers may have struck in January 2019, months earlier than thought (Reuters)
  3. Microsoft Corporation (NASDAQ:MSFT), Solarwinds, Inc. (NYSE:SWI) - Biden Administration Prioritizes Cybersecurity Funding Following Multiple Hacks (Benzinga)
  4. Biden administration eyes cybersecurity funding after hacks
  5. #RSAC: Anne Neuberger Sets Out Biden Administration’s Plan to Modernize US Cyber-defenses (Infosecurity Magazine)
  6. Legislation to secure critical systems against cyberattacks moves forward in the House (hill)
  7. Gibson Dunn (President Biden Issues Executive Order to Enhance U.S. Cybersecurity in the Wake of Major Cyber Incidents)
  8. False Claims Act is a Weapon against Breaches and Whistlenlowers
  9. Nearly 40 defense companies were impacted in SolarWinds breach (FedScoop)
  10. CISA Issues Guidance on Evicting Adversaries from Networks Following SolarWinds Attacks
  11. Biden Proposes Billions for Cybersecurity After Wave of Attacks (Regina Leader Post)
  12. CISA’s EINSTEIN had a chance to be great, but it’s more than good enough (FRN)
  13. Cyber Defense Isn't a Niche Issue Anymore (Bloomberg)
  14. Russian spy chief denies SVR was behind Solarwinds cyber ...

Published 2021-05-17

  1. CISA releases Eviction Guidance for SolarWinds, Microsoft O365 compromises
  2. Biden administration eyes cybersecurity funding after attacks | The Mighty 790 KFGO (KFGO)
  3. Cybersecurity for All: President Biden Issues Sweeping Cybersecurity Executive Order (Holland & Knight LLP - JDSupra)
  4. Zero trust moves from vision to reality - (GCN)
  5. Can NTSB-style oversight work for cybersecurity? - (FCW)
  6. CISA: Disconnect Internet for 3-5 Days to Evict SolarWinds Hackers From Network (SecurityWeek.Com)
  7. Russia Sanctioned For Role In SolarWinds Supply Chain Attack - Technology (United States)
  8. CISA releases Eviction Guidance for SolarWinds Orion, Microsoft Office365 users (Industrial Cyber)
  9. Biden Administration Issues Cybersecurity Executive Order
  10. Voyager 1 discovers faint plasma 'hum' in interstellar space (Space)
  11. Biden's cyber order lays foundation for securing government - (Defense Systems)
  12. CISA Eviction Guide for SolarWinds, Microsoft O365 Compromises
  13. How Hackers Infiltrated U.S. Government Servers Through A Texas (Based Company)

Published 2021-05-16

  1. SolarWinds breach exposes hybrid multicloud security weaknesses (Public News)
  2. 1 - Unpacking the SolarWinds Breach: Now What? | Infrastructure Anywhere: A Podcast Series from CPP Associates | Podcasts on Audible (Audible.com)
  3. Subscribe to read (FT)
  4. SolarWinds breach exposes hybrid multicloud security weaknesses (DNyuz)
  5. The SolarWinds and Zero Trust Conversation You've Been Waiting For | The Well Aware Security Show | Podcasts on Audible (Audible.com)
  6. President Biden pens Executive Order to boost US cybersecurity
  7. SolarWinds breach exposes hybrid multicloud security weaknesses (VentureBeat)
  8. National Cyber Defense Is a "Wicked" Problem: Why the Colonial Pipeline Ransomware Attack and the SolarWinds Hack Were All but Inevitable
  9. Biden issues order to strengthen nationwide cyber defenses

Published 2021-05-14

  1. Hackers targeted SolarWinds faster than previously known (Florida News Times)
  2. Congress to Speed up Efforts on Pushing out Hack Reporting Law (KMJ-AF1)
  3. UK and US confirm Russian responsibility for SolarWinds attack - Industry (update.com)
  4. Why the Colonial Pipeline Ransomware Attack and the SolarWinds Hack Were All but Inevitable (California News Times)
  5. Security News in Review: Biden Administration Aims to Disrupt Ransomware Gangs (secblvd)
  6. In EO, federal security provides impetus for far reaching cyber implications
  7. Former head of U.S. cybersecurity Christopher Krebs on “The Takeout” - 5/14/2021 (CBS News)
  8. President Biden outlines new software policy following recent cyberattacks (TechRadar)
  9. Cybersecurity: Why the new White House executive order is a major turning point (Fortune)
  10. Cybersecurity Executive Order: Can automation fix the nation’s misconfiguration problem? (secblvd)
  11. White House cybersecurity order lands with a plea for private sector help (Utility Dive)
  12. Biden signs executive order to bolster US cyber security following pipeline attack
  13. Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise: Risk decisions for Leaders
  14. Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)
  15. CISA Publishes Eviction Guidance for Networks Affected by SolarWinds and AD/M365 Compromise (CISA)
  16. Opinion: Agencies Need More Reliable Authentication To De-Weaponize Stolen Data During SolarWinds Breach (Potomac Officers Club)
  17. Responding With Strength To The SolarWinds Attack - Technology (United States)
  18. Former CISA chief says Biden order on cybersecurity is "dramatic game change" (CBS News)
  19. iTWire (New cyber rules will be judged by their efficacy: Tenable chief)

Published 2021-05-13

  1. US sanctions 10 Pakistani individuals and companies for meddling in 2020 presidential election - World (Business Recorder)
  2. Biden's Cybersecurity Order Likely To Reach Beyond Gov't (Law360)
  3. Linux and open-source communities rise to Biden's cybersecurity challenge (ZDNet)
  4. Microsoft Could Get $150 Million in US Cyber Spending Despite Recent Hacks (English Bulletin)
  5. Lawmakers introduce bill to protect critical infrastructure against cyberattacks (hill)
  6. Biden signs executive order to modernize cyberdefenses
  7. Biden Takes Executive Action to Strengthen National Cybersecurity, Secure Supply Chains
  8. Joe Biden Signs Executive Order to Boost Cybersecurity
  9. Biden Order Aims To Tighten Software Security Practices - (Redmondmag.com)
  10. Cyber EO lays a foundation for securing government - (GCN)
  11. Supply Chain Cybersecurity Risks: What the SolarWinds Breach Should Teach Us (BTB Security)
  12. The politics and policy of SolarWinds (CSO Online)
  13. President Biden signs cybersecurity executive order (SD Times)
  14. Biden's Cybersecurity Order Benefits CrowdStrike, Dragos: Experts
  15. Biden Says Gov't To Disrupt Pipeline Ransomware Hackers (Law360)
  16. Executive Order on Improving the Nation's Cybersecurity (The White House)
  17. Cybersecurity Execs Weigh In On Biden Executive Order (SDxCentral)
  18. Biden Signs Executive Order On Cybersecurity In Wake Of Pipeline Hack (WXXI News)
  19. Cyber Response Bill Advances in Senate (Nextgov)
  20. Rapid7 says attacker accessed its source code in Codecov supply chain hack
  21. Education CISO Discusses Zero Trust, Automation Going Hand-in (Hand – MeriTalk)
  22. Senator Proposes Cyber 'Academy' to Attract More to National Service (Military.com)
  23. Biden's Cybersecurity Executive Order: 4 Key Takeaways
  24. Everything You Need to Know about the New Executive Order on Cybersecurity (Lawfare)
  25. Bahamas must ‘step up game’ on cyber security (The Tribune)
  26. Biden says Colonial Pipeline hackers based in Russia, but not government-backed (hill)
  27. President Biden signs executive order to strengthen U.S. cybersecurity defenses | 2021-05-13 (Security Magazine)
  28. Cybersecurity executive order or fire drill? (FRN)
  29. Microsoft's new security feature locks hackers out with GPS (ZDNet)
  30. SolarWinds Hacking Claim a 'False Flag' by US Intelligence Seeking More Funding, Moscow Says (Sputnik)

Published 2021-05-12

  1. Biden Executive Order on Cybersecurity Calls for Enhanced Software Supply Chain Security (secblvd)
  2. Biden Executive Order Mandates MFA, Zero Trust Model and Standardized Incident Reporting
  3. Joe Biden signs executive order to beef up federal cyber defenses following pipeline hack - ABC11 Raleigh (Durham)
  4. Biden signs cybersecurity executive order, though rules wouldn't (WENY News)
  5. Biden Signs Executive Order to Bolster Federal Government’s Cybersecurity (nyt)
  6. Biden’s Cyber Strategy Must De-weaponize Civilian Data (Nextgov)
  7. Biden cybersecurity order tackles software risks in energy, other sectors following Colonial hack (Utility Dive)
  8. Biden's Executive Order Will Not Stop Cyber Attacks (LinkedIn)
  9. Biden Executive Order Follows Recent Cyberattacks : NPR
  10. Biden signs executive order aimed at boosting cybersecurity
  11. Biden signs security (focused executive order meant to accelerate breach reporting, boost software standards)
  12. Biden signs cybersecurity executive order in the wake of pipeline shutdown
  13. Biden cybersecurity order mandates new rules for govt ...
  14. Biden Signs Cybersecurity Executive Order Following Colonial Pipeline Hack : NPR
  15. Biden signs executive order to improve federal cybersecurity (hill)
  16. How Biden's new executive order plans to prevent another SolarWinds attack (The Record by Recorded Future)
  17. Biden signs order to improve federal cybersecurity
  18. Biden signs cybersecurity executive order after ransomware attack on fuel pipeline (CBS 42)
  19. Biden orders federal cyber upgrade after barrage of hacks (POLITICO)
  20. Biden Orders IT Gov't Contractors To Report Data Breaches (Law360)
  21. Biden issues executive order following mounting cyberattacks (Axios)
  22. Biden signs executive order aiming to prevent future cybersecurity disasters (Verge)
  23. Biden cyber executive order reignites push to cloud, zero trust
  24. Biden signs order to beef up federal cyber defenses (LV Sun)
  25. FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks (The White House)
  26. House lawmakers roll out bill to invest $500 million in state and local cybersecurity (hill)
  27. Biden signs much-anticipated cybersecurity executive order - (FCW)
  28. Biden Signs Order to Boost Cybersecurity After Pipeline Hack (Bloomberg)
  29. Biden signs executive order to strengthen cybersecurity after Colonial Pipeline hack
  30. Moscow Cuts U.S. Embassy Staff Marking Latest Decline In U.S. (Russia Relationship)
  31. Dark Reading | Security (Protect The Business)
  32. Mark Warner calls for mandatory reporting of hacks after Colonial Pipeline attack
  33. Russia must do more to tackle cyber criminals operating from within its borders, says UK (ZDNet)
  34. Supply chain penetration: Here’s how you can protect yourself (HT Tech)
  35. CISA to pilot secure cloud instance in response to SolarWinds attack (FRN)
  36. Biden Signs Executive Order to Bolster Federal Government’s Cybersecurity (nyt)

Published 2021-05-11

  1. SolarWinds CEO describes overhauled Orion build system after that 'very small, unique' security breach • The Register (SecuritNEWS)
  2. Statemtnt of Ryan A Higgins, CISO Dept Commerce reporting to DHS
  3. SolarWinds CEO describes overhauled Orion build system after that ‘very small, unique’ security breach (IT Security News)
  4. Federal SolarWinds Recovery : FedNet
  5. Lawmakers eye tightening law to get more details on cyberattacks (Roll Call)
  6. RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment (secblvd)
  7. Senate committee holds hearing on cybersecurity after massive SolarWinds hack (The Global Herald)
  8. Senators Cite Colonial Pipeline Hack in Calling for Cyber Response and Recovery Fund (Nextgov)
  9. Senators Want FISMA Changes on Cyberattack Reporting (MeriTalk)
  10. Senators discuss federal cybersecurity following SolarWinds hack (WYTV)
  11. SolarWinds CEO describes overhauled Orion build system after that 'very small, unique' security breach (Register)
  12. SolarWinds Opened the Door for Cybersecurity Culture Overhaul at DHS
  13. Watch live: Acting CISA director testifies on cybersecurity following SolarWinds hack (hill)
  14. Mandatory Breach Notification Requirements Are Coming For Government Contractors - Technology (United States)

Published 2021-05-10

  1. Russia targeting these 11 vulnerabilities, US, UK cyber agencies
  2. State (Sponsored Cyberattacks Aren’t Going Away — Here’s How To Defend Your Organization)
  3. The Cybersecurity 202: Biden's new CISA director will confront a host of complex challenges (wapo)
  4. SolarWinds Shares More Information on Cyberattack Impact, Initial Access Vector (SecurityWeek.Com)
  5. NIST and CISA Release Guidelines for Organizations and Vendors To Defend Against Software Supply Chain Attacks (CPO Magazine)
  6. SolarWinds Says Russian Group Likely Took Data During Cyber-Attack (HITBSecNews)
  7. Hackers accessed SolarWinds' Office 365 since early 2019 - Security - Channel Meets (CRN Australia)
  8. DHS, DOC to Testify Tuesday at SolarWinds Hearing

Published 2021-05-09

  1. Biden Plans Order to Strengthen U.S. Cyberattack Defenses (nyt)
  2. SolarWinds Says Hackers Probably Stole Data from Email Accounts — GigaLaw

Published 2021-05-08

  1. U.S., U.K. Reveal Code Flaws Abused by SolarWinds Hackers

Published 2021-05-07

  1. Lawmakers push for increased cybersecurity funds in annual appropriations (hill)
  2. SolarWinds Believes Russian Group Took Data During Cyber-Attack (Bloomberg)
  3. Joint advisory: Further TTPs associated with SVR cyber actors (NCSC.GOV.UK)
  4. An Investigative Update of the Cyberattack (Orange Matter)
  5. SolarWinds: Hackers Accessed Our Office 365 Since Early 2019
  6. US-UK Gov Warning: SolarWinds Attackers Add Open-Source PenTest Tool to Arsenal (SecuritNEWS)

Published 2021-05-06

  1. US spy agencies review software suppliers' ties to Russia following SolarWinds hack
  2. Fact Sheet: Russian SVR Activities Related to SolarWinds Compromise
  3. US spy agencies review software suppliers' ties to Russia following SolarWinds hack (CyberScoop)

Published 2021-05-05

  1. 14 Alternatives To SolarWinds Network Bandwidth Analyzer, Pros, Cons & Questions (Hackers Pad)
  2. Further TTPs associated with SVR cyber actors
  3. NSA: Connecting OT to the net can lead to "indefensible levels of risk"
  4. CISA used new subpoena power to contact US companies vulnerable to hacking
  5. NYDFS recommends critical new practices to reduce supply chain risk in wake of SolarWinds attack (Lexology)
  6. CISA has a better understanding of critical software post (SolarWinds hack)

Published 2021-05-03

  1. Stopping the Next SolarWinds Requires Doing ...
  2. Administration drafting EO to help U.S. Gov’t secure digital supply chain

Published 2021-04-30

  1. Defending Against Software Supply Chain Attacks
  2. A Tale of Two Hacks: From SolarWinds to Microsoft Exchange (tpost)
  3. NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses (Alston & Bird - JDSupra)
  4. CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached
  5. Survey Finds Broad Concern Over Third (Party App ...)
  6. Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack (Georgia Public Broadcasting)
  7. NYDFS Issues Report on SolarWinds (Robinson+Cole Data Privacy + Security Insider - JDSupra)
  8. Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack Morning Edition podcast
  9. The Ticking Time Bomb in Every Company's Code
  10. Stop Malicious Cyber Activity Against Connected Operational Technology
  11. US Cuts Visa Services in Moscow Embassy as Russia Squeezes Embassy (Bloomberg)
  12. Warner says Senate committee working on bill to require mandatory reporting for cyber threats (FRN)
  13. ‘Accelerate change or lose’: Applying Gen. Brown’s action orders to cyberspace education and training
  14. More US agencies potentially hacked, this time with Pulse Secure exploits (ars)

Published 2021-04-29

  1. Biden prepping cybersecurity executive order in response to SolarWinds attack
  2. NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses (Alston & Bird Privacy, Cyber & Data Strategy Blog)
  3. Biden Order Will Require New Cybersecurity Standards In Response To SolarWinds Attack (88.5 WFDD)
  4. NYDFS Issues Report on SolarWinds Response and Recommends Critical Cybersecurity Measures (Practical Law)
  5. Microsoft weighs revamping flaw disclosures after suspected leak (Pittsburgh Post-Gazette)
  6. Hunting Hackers: Reducing the Time to Discovery (CSO Online)
  7. Top US military intelligence official says Russian military pose (WENY News)
  8. New York State Department of Financial Services Releases Report on SolarWinds Cyber Espionage Attack
  9. SolarWinds : Biden Administration Issues New Sanctions On Russia In Connection With SolarWinds And Election Interference Efforts (MarketScreener)

Published 2021-04-28

  1. DOD Zero Trust Reference Architecture
  2. Security News in Review: Emotet Uninstalled Worldwide; Babuk “Goes Dark” (secblvd)
  3. APT actors increasingly turn to exploits to launch attacks (TahawulTech.com)
  4. Tips on Enhancing Supply Chain Security (DataBreachToday)
  5. NSA: OT Security Guidance in Wake of SolarWinds Attack
  6. Sidechannel Interview with Alex Stamos and Chris Krebs by Kim Zetter - Zero Day (Free Listening on SoundCloud)
  7. Supply Chain Security Hinges on Zero Trust, Partnerships: A MeriTV Discussion (MeriTalk)
  8. NIST, CISA Share Software Supply Chain Attack Defense Guidance
  9. Biden Order Will Require New Cybersecurity Standards In Response To SolarWinds Attack (Public Radio Tulsa)
  10. Biden Order Will Require New Cybersecurity Standards In Response To SolarWinds Attack (VPM)
  11. Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack (Flipboard)
  12. CISA & NIST Publish Recommendations for IT Admins to Defend Against the Next ‘SolarWinds’ Event (HOTforSecurity)
  13. New York: NYDFS issues report on investigation of SolarWinds cyberattack | News post (DataGuidance)
  14. Lawmakers introduce legislation to create civilian reserve program to fight hackers (hill)
  15. SolarWinds Supply Chain Attack: How to Protect Your Business
  16. With sanctions, let’s offer Russia incentives, too (The Seattle Times)
  17. US poised to impose anti-Russian sanctions over cyberattacks, election meddling — media - World (TASS)
  18. In Wake of Recent Breaches, FAA Wants to Up Cybersecurity of National Airspace System (Nextgov)
  19. GCHQ calls for more UK investment in cybersecurity. US Senate considering information (sharing bill. CISA and NIST offer supply chain security guidance.)
  20. New York Warns of Supply Chain Attack Dangers in Recent SolarWinds Report
  21. Another top VPN is reportedly being used to spread the SolarWinds hack

Published 2021-04-27

  1. Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack (WFSU News)
  2. The Cybersecurity 202: Lawmakers want to create a reserve corps of cybersecurity experts to respond to the next SolarWinds (R Street)
  3. SolarWinds, Microsoft Hacks Prompt Focus on Zero-Trust Security | News (CACM)
  4. What Is Steganography? (Built In)
  5. Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (The Open Security)
  6. Dark Reading | Security (Protect The Business)
  7. The Cybersecurity 202: Lawmakers want to create a reserve corps of cybersecurity experts to respond to the next SolarWinds (wapo)
  8. APT actors increasingly turn to exploits to launch attacks (ITProPortal)
  9. Report: As result of SolarWinds breach, U.S. military concerned about updating software platforms (Israel Defense)
  10. Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (All Tech News)
  11. Senate Intelligence panel working on legislation around mandatory cyber breach notification (hill)
  12. Anatomy of the SolarWinds Hack: Who What Where When How
  13. An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)
  14. Cybersecurity roundup: U.S. agencies warn of Russian hacks, Australian hospitals struggle to get back online (Healthcare IT News)
  15. House Solarium Commission Members Press for More CISA Funding (Nextgov)
  16. ‘Mandatory’ Cyber Info Sharing Bill Coming, Says Senate Intel Chair Warner « Breaking Defense (Defense industry news, analysis and commentary)
  17. Abusing Replication: Stealing AD FS Secrets Over the Network (fireeye)
  18. Hackers are targeting Microsoft authentication servers
  19. Lawmakers Seek to Expand CISA's Role (GovInfoSecurity)
  20. New York State Department of Financial Services Issues Report On The Solarwinds Supply Chain Attack - Report Finds That DFS-regulated Companies Responded Quickly to the Attack (Report Identifies Key Cybersecurity Measures to Reduce Supply Chain Risk)
  21. Well (known VPN used to steal credentials on SolarWinds servers)

Published 2021-04-26

  1. Russia accelerates its de-dollarization policy, chooses to settle exports in euro over dollar (Kitco News)
  2. SolarWinds, Microsoft hacks prompt focus on zero-trust security (Samachar Central)
  3. The FireEye/SolarWinds cyber attack | Ivanti Insights | Podcasts on Audible (Audible.com)
  4. A Contrarian View on SolarWinds (SANS Institute)
  5. Supply Chain Compromise (CISA)
  6. SolarWinds, Microsoft hacks prompt focus on zero (trust security)
  7. SolarWinds, Microsoft Hack Quick Focus on Zero Trust Security (India News Republic)
  8. SolarWinds hack analysis reveals 56% boost in command server footprint (ZDNet)
  9. Before SolarWinds, US officials say SVR began stealthily targeting cloud services in 2018
  10. Lawmakers call for increasing the budget of key federal cybersecurity agency (hill)
  11. New bill would task CISA with infrastructure risk assessments - (FCW)
  12. Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)
  13. Major US breaches, SolarWinds, prompts focus on zero trust model
  14. Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders (CISA)
  15. 'Cock.li' Admin Says He's Not Surprised Russian Intelligence Uses His Site
  16. SolarWinds, Microsoft Hacks Prompt Focus on Zero-Trust Security (WSJ)
  17. SolarWinds hack and security - What is a software bill of materials? (JAXenter)
  18. CISA warns of theft of credentials via SolarWinds and PulseSecure VPN
  19. Report: Russia 'likely' kept access to US networks after SolarWinds hack (Çukute)

Published 2021-04-25

  1. http.title:solarwinds http.favicon.hash:-1776962843 (Shodan Search)
  2. CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)
  3. Report: Russia 'likely' kept access to US networks after SolarWinds hack (My Droll)
  4. Report: Russia likely retained access to US network after SolarWinds hack (News Chant USA)
  5. Report: Russia 'likely' kept access to US networks after SolarWinds hack (Engadget)
  6. Report: Russia 'likely' kept access to US networks after SolarWinds hack
  7. Report: Russia 'likely' kept access to US networks after SolarWinds hack
  8. CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)
  9. Two sources close to the SolarWinds breach investigation say Russian intelligence agency SVR hackers are likely still maintaining access to U.S. networks (CNN) (Inverse Zone)
  10. Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)
  11. SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)
  12. SolarWinds executive explains their ‘security by design’ concept (TahawulTech.com)

Published 2021-04-24

  1. Exclusive: Sources familiar with the investigation of SolarWinds breach say hackers from Russia's SVR intelligence agency likely still maintain access to US networks (CNN) (Last Bulletin)
  2. Top White House cyber official says action taken so far not enough to deter further Russia cyberattacks (CNNPolitics)
  3. Top White House cyber official says action taken so far not enou (WENY News)

Published 2021-04-23

  1. Federal CISO DeRusha Cites SolarWinds Response as Promising ‘Use Case’ (MeriTalk)
  2. SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)
  3. SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation - SWI (bizwire)
  4. SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation (SWI)
  5. Senators introduce legislation to protect critical infrastructure against attack (hill)
  6. Supernova Attack Leveraged SolarWinds, Pulse Secure
  7. SolarWinds hacking campaign puts Microsoft in the hot seat (WFTV)
  8. SolarWinds hacking campaign puts Microsoft in the hot seat
  9. Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)
  10. Analysts Uncover More Servers Used in SolarWinds Attack
  11. Supernova Attack Leveraged SolarWinds, Pulse Secure
  12. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)
  13. APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network
  14. When a Ripple Becomes a Wave: Cyberattack Fallout (secblvd)
  15. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (Times News Express)
  16. The SolarWinds Attack: The Story Behind The Hack » RJR Empires

Published 2021-04-22

  1. New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
  2. Researchers Find Additional Infrastructure Used By SolarWinds Hackers
  3. New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
  4. Supernova Malware Actors Masqueraded as Remote ...
  5. Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)
  6. CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)
  7. CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)
  8. New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
  9. The Cybersecurity 202: Biden's pick for White House cyber director wants to see better relationship building with the private sector (wapo)
  10. Researchers shed more light on APT29 activity during SolarWinds attacks (Fuentitech)
  11. U.S. Announces Sweeping New Sanctions Targeting Russia (Cozen O'Connor - JDSupra)
  12. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
  13. HAFNIUM Exploits Live On (secblvd)
  14. SolarWinds Hack Imparted Lessons to Work Across Silos and Not ‘Victim Blame,’ Says Federal CISO (Homeland Security Today)
  15. USA: Would CMMC have prevented SolarWinds? | Insights (DataGuidance)
  16. Russian Cyber Threat Defense – Now and Looking Forward (secblvd)
  17. cyber.dhs.gov - Emergency Directive 21 (03: pulse secure)
  18. Cisco CEO Chuck Robbins: Moving To The Cloud Alone Isn’t A Security Cure (All)
  19. US agencies assess Pulse Secure VPN exploitation. New Sunburst infestation found. Facebook shuts down Paletinian spy groups.
  20. Why indict foreign cyber operators? IoT security regulation in the UK. Anti (ransomware measures and surveillance limitations in the US.)
  21. Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds
  22. Analysts Estimate SolarWinds (SWI) to Report a Decline in Earnings: What to Look Out for
  23. Cybersecurity expert: If you use SolarWinds, they got you (POWERGRID International)
  24. SolarWinds juggles stakeholders involved in response, recovery to level out business (Cybersecurity Dive)
  25. Ex-NSA top lawyer: Here's how to block next SolarWinds mega hack (The Jerusalem Post)
  26. Researchers shed more light on APT29 activity during SolarWinds attack
  27. CISA Identifies SUPERNOVA Malware During Incident Response (CISA)
  28. U.S. takes steps to protect electric system from cyberattacks (Chattanooga Times Free Press)
  29. Ex-Sen. Saxby Chambliss lobbying for SolarWinds (LegiStorm)
  30. Biden Administration Announces Expansion Of Sanctions Against Russia And Signals Potential Additional Restrictions Following SolarWinds Cyber-Attack - International Law (United States)
  31. New cyber (hardening mandates may be coming for defense firms)
  32. Democracy in The Daily: Russia against the West (The Tufts Daily)
  33. House Passes State Department Cybersecurity Legislation (KMJ-AF1)
  34. Research Uncovers New Command Servers Used in SolarWinds Campaign (Zero Day)
  35. SolarWinds: Advancing the Story (RiskIQ Community Edition)
  36. SolarWinds: Illuminating the Hidden Patterns That Advance the Story (RiskIQ)

Published 2021-04-21

  1. SolarWinds security chief: ‘We ran a pretty good shop’ (The Record by Recorded Future)
  2. Russia Sanctioned For Role In SolarWinds Supply Chain Attack (Alston & Bird Privacy, Cyber & Data Strategy Blog)
  3. Former SolarWinds CEO Kevin Thompson to be the new CEO of Tricentis, a Mountain View software test company (Silicon Valley Business Journal)
  4. In Tit-For (Tat Move, Russia Expels 10 U.S. Embassy Workers In Moscow)
  5. SUNBURST: Reflections to Secure By (secblvd)
  6. New cyber (hardening mandates may be coming for defense firms)
  7. Russia Sanctioned For Role In SolarWinds Supply Chain Attack (Alston & Bird - JDSupra)
  8. United States sanctions six Russian companies for aiding Russia's cyber (attacks against the US)
  9. Nakasone deflects senators' invitations to seek domestic spying powers - (Defense Systems)
  10. SolarWinds : New US Sanctions Targeting Russia's "Harmful Foreign Activities," Including Restrictions On Dealings In Russian Sovereign Debt (MarketScreener)

Published 2021-04-20

  1. More SolarWinds command and control hacking servers found - Security (iTnews)
  2. Biden administration sanctions Russia over 2020 election interference, SolarWinds hack (FoxBiz)
  3. The Danger of Treating SolarWinds as a Russia Cyber Attack
  4. House passes legislation to elevate cybersecurity at the State Department (hill)
  5. Russia’s Positive Technologies responds to US Treasury sanctions. US Government stands down its SolarWinds and Microsoft Exchange task forces. FCC security priorities charted.
  6. UK and US call out Russia for SolarWinds compromise
  7. The SolarWinds Attack: The Story Behind The Hack (Delaware First Media)
  8. DISA and JFHQ-DODIN's Orchestrated Response to SolarWinds (SIGNAL Magazine)
  9. White House Winds Down SolarWinds, Exchange Cyber Teams « Breaking Defense (Defense industry news, analysis and commentary)
  10. Biden Administration Ratchets Up Russia Sanctions (Michael Volkov - JDSupra)
  11. 5 signs a trucking company has been hacked (Commercial Carrier Journal)
  12. White House stands down SolarWinds, Microsoft Exchange cyber response groups - (GCN)
  13. Biden Administration Imposes Sanctions on Russia for SolarWinds (Schneier)
  14. Feds Find More Malware Tied to SolarWinds Supply Chain Compromise
  15. From the attack on Alexei Navalny to SolarWinds hack, every Russian move under scrutiny as NATO Allies support US action plan on Russia's 'destabilising activities' (IBTimes India)
  16. A new direction in response to cyberespionage? Co (opting criminal gangs as instruments of state policy.)
  17. SolarWinds (NYSE:SWI) Upgraded at Zacks Investment Research (MarketBeat)
  18. Exploring three more serious flaws in SolarWinds Orion products (TechNative)
  19. The SolarWinds Attack: The Story Behind The Hack : NPR

Published 2021-04-19

  1. White House Scales Back Response to SolarWinds & ...
  2. White House 'Stands Down' SolarWinds, Exchange Response Groups
  3. SolarWinds hacking campaign puts Microsoft in the hot seat
  4. The Biden Administration has officially responded to the SolarWinds attack! by Nick Espinosa | Security Fanatics (Free Listening on SoundCloud)
  5. The SolarWinds Breach and CMMC - What’s the Impact? (Pivot Point Security)
  6. UK, US say Russian hackers carried out SolarWinds attack
  7. Supply chain risk: Addressing a multitude of single points of failure - (FCW)
  8. Statement by Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger on SolarWinds and Microsoft Exchange Incidents (The White House)
  9. Cyberattacks and Security Breach Disclosures: U.S. Federal Law Coming? (MSSP Alert)
  10. Investigation announced for Long (Term Investors in shares)
  11. US Senator Mark Warner calls for urgent transatlantic cooperation on cybersecurity (POLITICO)
  12. President Biden Signs New Executive Order Escalating US Sanctions Against Russia (WilmerHale - JDSupra)
  13. Malware Wants to Phone Home. Trinity Cyber Doesn’t Try to Block It
  14. Great Power Cyber Party (War on the Rocks)
  15. SolarWinds affair. Russia expels US, Polish diplomats in counterretaliation. Codecov compromise. Big data gangs.
  16. Positive Technologies denies involvement in SolarWinds attack (TechRadar)
  17. What Hack? Top SolarWinds Executives Made $65 Million Last Year
  18. SolarWinds: A Catalyst for Change & a Cry for ...
  19. Russia sanctioned over SolarWinds, election interference -- even as cyber espionage continues - (GCN)
  20. White House stands down groups tackling SolarWinds, Microsoft Exchange - (FCW)
  21. Poland supports allies' response to aggressive politics of Russia (The First News)
  22. Increasing Demand of Database Monitoring Software Market 2027 (Datadog,Solarwinds,PRTG Network Monitor – The Courier)
  23. SolarWinds execs earned US$65M in 2020 despite hack - Security (CRN Australia)
  24. Australia: Cyber insurance adoption rates see steady increases

Published 2021-04-18

  1. SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?
  2. Samir on Twitter: "if you see an instance of dwDrvInst.exe (unsigned by Solarwinds) running with cmdline like "smartcard -install" that could be a sign of successful RCE exploitation of CVE-2019 (3980 https://t.co/FyZvQ2IYVj https://t.co/8OIarbbqeQ" / Twit)
  3. Company officials, victims, experts, and intel officials discuss the SolarWinds hack, which successfully compromised ~100 companies and a dozen govt. agencies (Dina Temple-Raston/NPR) (The Global Valley)
  4. U.S. sanctions Russian government, security company for SolarWinds violations, election interference (Eminetra New Zealand)
  5. United States imposes sanctions on Russia for SolarWinds Cyber Attack
  6. US imposes sanctions on Russia over cyber (attacks)
  7. Biden agencies could find key lawmakers in accord on hack-attack alerts (Newsday)
  8. Russia expels 10 US diplomats as part of retaliation for sanctions

Published 2021-04-17

  1. CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
  2. Sun starts to set on SolarWinds attack as White House scales back efforts (Windows Central)
  3. Russia Will Expel 10 Diplomats In Response To US Sanctions (Law360)
  4. Utility Regulator Says SolarWinds Backdoor Was Downloaded by 1/4 of Electric Utilities on the North American Power Grid (CPO Magazine)
  5. solarwinds stock price chart (Unese.campusquotient.org)
  6. SolarWinds hacking campaign puts Microsoft in hot seat (News, Sports, Jobs - Tribune Chronicle)
  7. Some White House Officials Reportedly Asked Biden Not to Tie New Sanctions to SolarWinds Hack (Sputnik)
  8. In Punishing Russia for SolarWinds, Biden Upends U.S. Convention on Cyber Espionage
  9. SolarWinds : Russia Russia Russia! The Biden Administration Imposes Tough Sanctions On Russia (MarketScreener)
  10. OODA Loop (Cyber Retaliation Needs to Be Decisive, Swift, and Meaningful)
  11. Macron says international community must draw “clear red lines” with Russia (Sandhills Express)
  12. The Story of the SolarWinds Hack (Hacker News)
  13. Russia announces expulsion of 10 U.S. diplomats and ban some U.S. officials (Sandhills Express)
  14. SolarWinds hacking campaign puts Microsoft in the hot seat (ABC News)
  15. NSA: 5 Security Bugs Under Active Nation-State Cyberattack (tpost)
  16. SolarWinds : Russia Russia Russia! The Biden Administration Imposes Tough Sanctions On Russia (MarketScreener)
  17. In Punishing Russia for SolarWinds, Biden Upends U.S. Convention on Cyber Espionage (WSJ)
  18. US Institutes Sanctions Against Russia Over SolarWinds Hack
  19. SolarWinds hacking campaign puts Microsoft in the hot seat (StarTribune)
  20. In Punishing Russia for SolarWinds, Biden Upends U.S. Convention on Cyber Espionage (ADVFN)

Published 2021-04-16

  1. How SolarWinds cyber-attack forced US to sanction Russia - CRN (India)
  2. Sanctioned Firm Accused of Helping Russian Intelligence Was Part of Microsoft’s Early Vuln Access Program — MAPP (Zero Day)
  3. SolarWinds cyberattack: How SolarWinds cyberattack forced US to sanction Russia, Telecom News, ET Telecom
  4. Swinburne University confirms over 5,000 individuals affected in data breach (Bestgamingpro)
  5. Solarwinds, Inc. (NYSE:SWI) - White House Holds Russia's SVR Responsible For SolarWinds Cyber Hack: Reuters (Benzinga)
  6. Biden Administration Issues Russian Sanctions in Response to SolarWinds
  7. Russian SVR blamed for SolarWinds supply chain compromise, cyber espionage action (Industrial Cyber)
  8. Biden's CISA Cybersecurity Budget Proposal: $2.1B (MSSP Alert)
  9. Russia Retaliates Against Biden's New Sanctions, Expelling 10 U.S. Diplomats (KENW)
  10. It was Russia wot did it: SolarWinds hack was done by Kremlin’s APT29 crew, say UK and US (Cyber Security Review)
  11. US attributes SolarWinds campaign to Russia's SVR and calls out Russian disinformation shops. New APT34 activity.
  12. Russia: UK exposes Russian involvement in SolarWinds cyber compromise (UK Government) (CompanyNewsHQ)
  13. Russia to expel 10 US diplomats in 'tit-for-tat response' to Biden sanctions | National (pdclarion.com)
  14. 6 out of 11 EU agencies running Solarwinds Orion software were hackedSecurity Affairs
  15. Russian SVR Behind the SolarWinds Hack, According to U.S. Government
  16. Russia sanctions eight US officials and expels diplomats in reta - Erie News Now (WICU and WSEE in Erie, PA)
  17. Russia objects to US sanctions; US gets UK, EU support. Vaccine cold chain remains a target. Iran says Natanz back in business.
  18. US Pulls Back Curtain on Russian Cyber Operations
  19. Australian Government Blames Russia For SolarWinds Cyber Attack
  20. Holding Russia To Account (U.S. Embassy in Georgia)
  21. Russia blocks key Biden Cabinet officials from entering in retaliation for sanctions (hill)
  22. VirusTotal Community profile for CYBERCOM_Malware_Alert (VirusTotal)
  23. SolarWinds compromise attributed to Russian state actor (Beehive.govt.nz)
  24. Sanctioned Russian IT firm was partner with Microsoft, IBM
  25. SolarWinds hacking campaign puts Microsoft in the hot seat
  26. SolarWinds cyber strike: Russia did it, say US and UK (Attivo Networks)
  27. Days after sanctions, House to vote again on Cyber Diplomacy Act - (FCW)
  28. U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks (secblvd)
  29. GOP lawmakers say something important missing from Biden’s Russia sanctions (Washington Examiner)
  30. Biden team’s tall task: Building cyber defenses against Russia, China (CSMonitor.com)
  31. Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (secblvd)
  32. US sanctions Russian government, security firms for SolarWinds breach, election interference (CSO Online)
  33. Experts On Russia Being Held Accountable For SolarWinds (Information Security Buzz)
  34. White House Blames Russian Foreign Intelligence for SolarWinds, Imposes Sanctions on Rival Nation (HOTforSecurity)
  35. Snort Blog: Snort rule update for April 15, 2021
  36. NATO - News: North Atlantic Council Statement following the announcement by the United States of actions with regard to Russia, 15-Apr. (2021)
  37. Foreign Intelligence Service of the Russian Federation
  38. SolarWinds hack affected six EU agencies (The Record by Recorded Future)
  39. US imposes new sanctions on Russia, expels 10 diplomats : The Tribune India
  40. Himes: Biden didn’t show Putin “strong hand,” says cyber offensive is needed (CTInsider.com)
  41. H-ISAC Supply (Chain Insights Aim to Prevent Next SolarWinds Cyberattack)
  42. Russia to expel 10 US diplomats in 'tit-for-tat response' to Biden sanctions | National (keysnews.com)
  43. How Russia Used SolarWinds To Hack Microsoft, Intel, Pentagon, Other Networks : NPR
  44. SolarWinds: Accountability, Attribution, and Advancing the Ball
  45. SolarWinds cyber strike: Russia did it, say US and UK
  46. Biden’s Russia Strike Marks Shift in U.S. Cybersecurity Strategy
  47. The Biden Administration Just Accused A $1 Billion Russian Cybersecurity Company Of Recruiting Spies
  48. Biden says sanctions against Russia are proportionate response: 'Now is the time to de-escalate' | US & World News (azfamily.com)
  49. US blames Russia spies for SolarWinds hack | The Canberra Times (Canberra, ACT)
  50. Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (Krebs on Security)
  51. More Countries Officially Blame Russia for SolarWinds Attack (SecurityWeek.Com)
  52. White House: Russians Behind SolarWinds and 5 More Technology Attacks
  53. Britain and United States accuse Russia of ‘Solar Winds’ cyber attack
  54. US expels Russian diplomats, imposes sanctions for hacking
  55. US sanctions six tech firms for supporting Russian intelligence services
  56. White House formally blames Russian intelligence service SVR for SolarWinds hack (The Record by Recorded Future)
  57. UK and US call out Russia for SolarWinds compromise | National Cyber Security Centre (Official Press Release)
  58. Poland Expels Three Russian Diplomats In 'Solidarity' With U.S.
  59. US names 6 Russian tech firms aiding govt hackers - Security (CRN Australia)
  60. White House Names, Blames, Sanctions Russian Govt for Cyber, Election Assaults (MeriTalk)
  61. Britain, United States accuse Russia of ‘Solar Winds’ cyber attack (Evening Standard)
  62. How SolarWinds cyber (attack forced US to sanction Russia)
  63. NATO to improve cyber defense in bid to boost alliance resilience
  64. Russia's SVR Spy Agency Calls U.S. Hack Allegations 'Nonsense': Ifax | Top News (US News)
  65. Russian SVR Targets U.S. and Allied Networks
  66. Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks (Homeland Security Today)
  67. US White House blames Russia’s foreign intelligence for cyberattack on SolarWinds software - World (TASS)
  68. West Virginia Sen. Joe Manchin stresses importance of improving cybersecurity practices | WDVM25 & DCW50 (Washington, DC)
  69. Russia 'most acute threat' to national security, UK gov’t says
  70. Deutsche Welle: US expels Russian diplomats and issues sanctions over SolarWinds hacking attack (KyivPost - Ukraine's Global Voice)
  71. SolarWinds compromise attributed to Russian state actor (Mirage News)
  72. iTWire (US alleges Russia behind SolarWinds compromise, imposes curbs on six firms)

Published 2021-04-15

  1. Britain blames Putin's spies for massive SolarWinds cyber attack (Daily Mail Online)
  2. It was Russia wot did it: SolarWinds hack was done by Kremlin's APT29 crew, say UK and US (Register)
  3. CISA and CNMF Analysis of SolarWinds (related Malware)
  4. White House blames Russian spy agency SVR for SolarWinds hack: statement (95 KQDS)
  5. Attribution of cyber incident to Russia (Australian Minister for Foreign Affairs, Minister for Women)
  6. US Sanctions Russia Over SolarWinds Attack, Election Meddling
  7. US government strikes back at Kremlin for SolarWinds hack campaign (ars)
  8. US Issues Russian SVR Warning (Infosecurity Magazine)
  9. Russia Expels 10 U.S. Diplomats in Limited Sanctions Response (Bloomberg)
  10. SolarWinds Execs Earned $65M In 2020 Despite Huge Hack
  11. Biden says he warned Putin he could have gone further on sweeping Russia sanctions (ABC7 San Francisco)
  12. Biden imposes new sanctions on Russia | Tn Exchange (newspressnow.com)
  13. White House Hints at ‘Hallmark’ of Expected Cybersecurity Order (MeriTalk)
  14. Biden blames and sanctions Russia for the massive SolarWinds hack (Vox)
  15. Opinion (Biden is finally pivoting foreign policy to bigger threats - The Washington Post)
  16. Furious Dominic Raab & US slam 'malicious' Russian 'CosyBear' hack attack which 'undermines democracy'
  17. Statement on Solar Winds Orion cyberattacks - Ministry of Foreign Affairs Republic of Poland (Gov.pl website)
  18. Figuring out SolarWinds hack as US sanctions Russia (Macau Business)
  19. SolarWinds Sanctions Far From Last Word On Russian Hacks (Law360)
  20. US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
  21. SolarWinds: Russian intelligence behind major cyber attack, Raab reveals as US expels diplomats (The Independent)
  22. EU’s Borrell voices solidarity with US in SolarWinds hack (wapo)
  23. US imposes sanctions on Moscow, expels Russian diplomats (News24)
  24. Background Press Call by Senior Administration Officials on Russia (The White House)
  25. US Sanctions on Russia Rewrite Cyberespionage's Rules (WIRED)
  26. White House blames Russia's SVR agency for SolarWinds breachl (Seeking Alpha)
  27. US pins SolarWinds cyberattack on Russian intelligence agency (Washington Examiner)
  28. US Gov sanctions Russia and expels 10 diplomats over SolarWinds hackSecurity Affairs
  29. Biden imposes new sanctions on Russia | National and World (dailylocal.com)
  30. Rubio: Biden Order on Russia a 'Legality' to Allow Action on SolarWinds (Newsmax.com)
  31. FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government (The White House)
  32. US institutes new Russia sanctions in response to SolarWinds hack (Sports Grind Entertainment)
  33. US expels 10 Russian diplomats, imposes new sanctions in response to election interference and cyber hacks : The Tribune India
  34. Biden Sanctions Russia, Restricts Buying New Debt After Hacking
  35. Biden Sanctions Dozens Of Russians Over Hacking, Elections (Law360)
  36. US expels 10 Russian diplomats, sanctions others for hack with Triangle connection (WRAL TechWire)
  37. Australia blames Russia for SolarWinds attack (InnovationAus)
  38. MAR-10327841-1.v1 – SUNSHUTTLE (CISA)
  39. US Cyber Command, DHS (CISA release Russian malware samples tied to SolarWinds compromise > U.S. Cyber Command > News)
  40. SolarWinds Fallout: Are the Feds to Blame? (EE Times)
  41. US Formally Attributes SolarWinds Attack to Russian ...
  42. If 25% of US utilities downloaded the malicious SolarWinds software, could the grid go down Ukraine-style? (Power Engineering)
  43. Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks > National Security Agency Central Security Service > Article View
  44. U.S. Sanctions Russia Over SolarWinds Cyberattack, Election Interference (MSSP Alert)
  45. Risch Addresses SolarWinds Sanctions, Underscores Cyberthreats from State Actors at Intelligence Hearing - Press Releases (James E Risch, U.S. Senator for Idaho)
  46. Biden Boots 10 Russian Diplomats After SolarWinds Mega (Hack)
  47. US government strikes back at Kremlin for SolarWinds hack campaign (ars)
  48. US expels Russian diplomats and issues sanctions over SolarWinds hacking attack | News | DW (15.04.2021)
  49. Cybercriminals get bolder as impact from SolarWinds and ransomware grows (SiliconANGLE)
  50. White House blames Russian spy agency SVR for SolarWinds hack: statement (Reuters)
  51. SOLARWINDS INVESTIGATION INITIATED BY FORMER LOUISIANA ATTORNEY GENERAL: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation (SWI)
  52. Biden imposes new sanctions on Russia over SolarWinds hack, election interference (trib)
  53. US expels Russian diplomats, imposes new sanctions over SolarWinds hack, election interference
  54. Sanctioning Russia for SolarWinds: What Normative Line Did Russia Cross? (Lawfare)
  55. US hits Russia with sanctions following SolarWinds cyberattack (TechRadar)
  56. Biden administration imposes new sanctions against Russia, expels 10 diplomats
  57. U.S. Agencies: Russian SolarWinds Hackers Leveraging Five Older Vulnerabilities (My TechDecisions)
  58. EU's Borrell voices solidarity with US in SolarWinds hack
  59. Lesson From SolarWinds: Cyberattacks Have a Lingering Impact (IndustryWeek)
  60. White House sanctions Russia over SolarWinds campaign, election interference - (FCW)
  61. Russia Solarwinds hack sanctions announced (wtsp.com)

Published 2021-04-14

  1. US expels Russian diplomats, imposes sanctions for hacking
  2. Official: Biden administration set to announce new sanctions against Russia for SolarWinds hack, election interference | Govt. & Politics (swvatoday.com)
  3. U.S. set to sanction Russia over SolarWinds hack, election interference: reports (MarketWatch)
  4. Pentagon believes it escaped unscathed from SolarWinds, Microsoft hacks (FRN)
  5. NERC finding 25% of utilities exposed to SolarWinds hack indicates growing ICS vulnerabilities, analysts say (Utility Dive)
  6. Biden's sanctions against Russia demands diplomats leave tomorrow - Raw Story (Celebrating 17 Years of Independent Journalism)
  7. US is expected to sanction Russia and expel Russian officials in response to hacks and election interference | (kctv5.com)
  8. Biden announces sweeping new sanctions against Russia (CBS News)
  9. Official: Biden administration set to announce new sanctions against Russia for SolarWinds hack, election interference | National News (newsadvance.com)
  10. Biden to sanction Russian authorities for massive SolarWinds hack (Biden administration - Eminetra)
  11. U.S. set to slap new sanctions on Russian officials as soon as Thursday -sources (The Star Phoenix)
  12. Biden: U.S. 'could have gone further' in sanctions on Russia
  13. Biden’s decision: How hard to punch back at Putin's hackers (POLITICO)
  14. US spy chiefs to warn of threats from SolarWinds to North Korea (Maju Saham)
  15. Hillicon Valley: Intel leaders push for breach notification law | Coinbase goes public (hill)
  16. Misuse of X.509 Certificates & Keys Involved in SolarWinds Attack
  17. Biden to Name Morgan Stanley’s Easterly as CISA Head
  18. Senators Push for Changes in Wake of SolarWinds Attack
  19. Where VCs Are Putting Their Money As Cybersecurity Funding Hits Record High (Crunchbase News)
  20. Cyber Cartels Are Committing Modern Bank Heists (Barron's)
  21. Protecting The Integrity Of The Software Factory
  22. SolarWinds says dealing with hack fallout cost at least US$18 million - Security (CRN Australia)
  23. Sunburst Hack Costs SolarWinds At Least $18M (CFO)
  24. ‎Digital Detectives: Occam’s Razor — A SolarWinds Perspective for Law Firms on Apple Podcasts
  25. NERC Says 375 Electricity Providers Installed the Laced SolarWinds Update (TechNadu)
  26. SolarWinds spends $18 mn in 3 months after cyber attack (InfotechLead)
  27. SolarWinds says dealing with hack fallout cost at least US$18m, Technology (THE BUSINESS TIMES)
  28. SolarWinds says hack fallout cost at least $23.5 million - Security (iTnews)

Published 2021-04-13

  1. Fireeyye - [Report] M (Trends 2021)
  2. FireEye Mandiant M (Trends 2021 report)
  3. Annual FireEye Mandiant M (Trends Report Reveals Global Statistics and Insights From Hundreds of Diverse Intrusions)
  4. U.S. Poised to Impose Russia Sanctions Over Election, SolarWinds (Bloomberg)
  5. SolarWinds says dealing with hack fallout cost at least $18 million (The Hindu)
  6. U.S. spy chiefs warn of ‘unparalleled’ China threat in return to Congress | The Mighty 790 KFGO (KFGO)
  7. White House Names National Cyber Director, CISA Chief (FedTech Magazine)
  8. Hundreds of electric utilities downloaded SolarWinds backdoor, regulator says (CyberScoop)
  9. Biden Warns Putin Over Hacking But Proposes Summit in a Call (2)
  10. STRATEGIC THREAT INTELLIGENCE: PREPARING FOR THE NEXT “SOLARWINDS” EVENT
  11. SolarWinds says dealing with hack fallout cost at least $18 million | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
  12. IC warns that U.S. adversaries are ramping up cyber attacks - (FCW)
  13. Experts see 'unprecedented' increase in hackers targeting electric grid (hill)
  14. SolarWinds says dealing with hack fallout cost at least $18 million | 1450 AM 99.7 FM WHTC (Holland)
  15. U.S. intelligence community details destructive cyber capabilities, growing influence threats
  16. TIA, CTIA, NAB press Biden to let industry lead on telecom security (FierceTelecom)
  17. White House announces CISA, national cyber directors (Utility Dive)
  18. Former DHS Leader Shares Details on SolarWinds Attack
  19. Biden Warns Putin Over Hacking But Proposes Summit in a Call (Bloomberg)
  20. What You Need to Know about the Cyber (Espionage Attack Linked to Russia)

Published 2021-04-12

  1. Satya Nadella: SolarWinds Hack Underscores Need For ‘Moving To The Cloud’
  2. Biden names 2 ex (NSA officials for senior cyber positions)
  3. ‘They knew I was running late to meetings’: Former DHS chief on reports that SolarWinds hackers targeted his emails (The Record by Recorded Future)
  4. Spy Chiefs to Warn of Threats From SolarWinds to North Korea (Bloomberg)
  5. Ex-DHS chief confirms suspected Russian hackers targeted his email account (CyberScoop)
  6. SolarWinds and Cozy Bears: How Russian Hackers Compromised the U.S. Government and How We Can Reduce the Chances of It Happening Again (Ricochet)
  7. SolarWinds and Microsoft Exchange: Hacks Wrapped in a Cybersecurity Dilemma Inside a Cyberspace Crisis (Georgetown Journal of International Affairs)
  8. The Anatomy of the SolarWinds Attack: A CyberArk Labs Perspective
  9. Biden names 2 ex (NSA officials for senior cyber positions)
  10. Former DHS Secretary Details SolarWinds Hackers’ Access to His Email (Nextgov)
  11. Biden will name cybersecurity agency head after Russian hackers accessed government accounts (Daily Mail Online)
  12. Biden's cybersecurity dream team takes shape
  13. Biden Needs To Respond To Russia Hacking (Technology Times)
  14. City of Tampa among 18,000 targets of SolarWinds hack; exposing government data, personal info - Tampa, Florida (Eminetra)

Published 2021-04-11

  1. Fed Chairman Jerome Powell: The 2021 60 Minutes Interview (CBS News)
  2. Biden Seeks to Boost CISA's Budget by $110 Million

Published 2021-04-10

  1. SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers (The Cyber Post)

Published 2021-04-09

  1. Satya Nadella: SolarWinds Hack Underscores Need For ‘Moving To The Cloud’
  2. SOLARWINDS INVESTIGATION INITIATED BY FORMER LOUISIANA ATTORNEY GENERAL: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation - SWI (NY Press News)
  3. The U.S. Government Needs to Overhaul Cybersecurity. Here’s How. (secblvd)
  4. SolarWinds Cyberattack: Lessons Learned
  5. Biden Looks To Up Cybersecurity Spending With Budget Plan (Law360)
  6. SolarWinds Pingdom vs. Rigor Monitoring & Optimization vs. germainAPM Comparison
  7. Biden Needs to Respond to Russian Hacking
  8. White House asks for additional $110 million in CISA funding to address cyber threats (CyberScoop)
  9. What the Titans of Industry Reveal about SolarWinds Attack (secblvd)
  10. White House preps new requirements for industrial control system security - (GCN)
  11. Biden Needs to Get Serious About Russian Hacking (Bloomberg)
  12. CISA Launches New Threat Detection Dashboard
  13. Biden FY22 Budget Request Seeks $500M for TMF, $750M ‘Reserve’ for IT Fixes (MeriTalk)
  14. Cyber Cases May Offer Clues to SEC ESG Enforcement
  15. Renewed Concerns Raised on Agency Cybersecurity
  16. Biden budget request calls for major investments in cybersecurity, emerging technologies (hill)
  17. The U.S. Government Needs to Overhaul Cybersecurity. Here’s How. (Lawfare)
  18. Investors Could Be Concerned With SolarWinds' (NYSE:SWI) Returns On Capital (Simply Wall St News)
  19. Releases · cisagov/Sparrow (GitHub)
  20. DHS CISA Shares SolarWinds Post (Threat Compromise Activity Tool)
  21. The SolarWinds hack timeline: Who knew what, and when?

Published 2021-04-08

  1. Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments (CISA)
  2. Biden Eyes Russia Retaliation After Meddling, Hacking Review (Bloomberg)
  3. Biden weighs retaliation against Russia for SolarWinds, election interference (WKRC)
  4. Federal watchdog investigating State Department cybersecurity pr (WENY News)
  5. Russia prepares US sanctions due to Alexei Navalny jailing, Solarwinds hack and election meddling (Internewscast)
  6. Russia's top diplomat: US policy toward Moscow is 'dumb' (hill)
  7. Biden weighs retaliation against Russia for SolarWinds, election interference (KOMO)
  8. Top Biden cyber official: SolarWinds breach could turn from spying to destruction 'in a moment' (Democratic Underground)
  9. SolarWinds bolsters cybersecurity in wake of hack (Business Insurance)
  10. US May Expel Russian Diplomats, Impose New Sanctions: Media - Other Media news (Tasnim News Agency)
  11. Biden administration sets the stage for retaliation against Russia over SolarWinds, election interference: report (Business Insider India)
  12. Why the U.S. Shouldn’t Play Games With Cyberwarfare as Its Power Declines
  13. Lavrov says US policy towards Russia is 'dumb,' ineffective (StarTribune)
  14. Russia prepares US sanctions due to Alexei Navalny jailing, Solarwinds hack and election meddling (Daily Mail Online)
  15. Top Biden cyber official: SolarWinds breach could turn from spying to destruction 'in a moment'
  16. 4 things you can do to minimize cyberattacks on supply and value chains (Help Net Security)

Published 2021-04-07

  1. Biden administration sets the stage for retaliation against Russia over SolarWinds, election interference: report
  2. Long (Term SolarWinds Investors Who Have Held Their Stock Continuously Since September 2019 Encouraged To Contact Kehoe Law Firm, P.C.)
  3. Nation-state cyber attacks could lead to cyber conflict (TechRepublic)
  4. Long (Term SolarWinds Investors Who Have Held Their Stock Continuously Since September 2019 Encouraged To Contact Kehoe Law Firm, P.C.)
  5. SolarWinds Pingdom vs. RapidSpike vs. SpyCloud Comparison
  6. Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past (CSO Online)
  7. The Need for Zero Trust Workload Protection (secblvd)
  8. SolarWinds TechPod: Secure by Design (Securing the Supply Chain)
  9. After A Major Hack, U.S. Looks To Fix A Cyber 'Blind Spot' (Georgia Public Broadcasting)
  10. Should cyberwar be met with physical force? Moral philosophy can help us decide
  11. Supply‑chain attacks: When trust goes wrong, try hope? (WeLiveSecurity)
  12. Biden Eyes Russia Retaliation for SolarWinds, Election Meddling: Report
  13. Senators Press for Details on SolarWinds Hack (Manufacturing Business Technology)
  14. Long (Term SolarWinds Investors Who Have Held Their Stock Continuously Since September 2019 Encouraged To Contact Kehoe Law Firm, P.C.)
  15. Debate: How Should the US Respond to the SolarWinds Breach? (Russia Matters)

Published 2021-04-06

  1. Security Advisory (SolarWinds)
  2. Viewpoint: Preventing the next SolarWinds breach calls for rapid training and education (Baltimore Business Journal)
  3. Senators press for more on SolarWinds hack after AP report
  4. Why Didn't Government Detect SolarWinds Attack?
  5. Former CISA chief cautions on push for national cyber director - (Defense Systems)
  6. Senators seek details on Einstein's performance and limitations - (FCW)
  7. Senators press for more details on scope of SolarWinds hack (MarketWatch)
  8. Senators press for more on SolarWinds hack after AP report | Govt-and-politics (tulsaworld.com)
  9. Senators press for more on SolarWinds hack after AP report
  10. The SolarWinds hack timeline: Who knew what, and when? (Reseller News)
  11. IG: Cybersecurity Weaknesses Persist in US Energy Dept.
  12. Top Homeland Security Senators Want Details on Agencies Hit in SolarWinds, Microsoft Intrusions (Nextgov)
  13. Senators want federal government to take accountability for SolarWinds hack (Washington Times)
  14. Minority Media | Homeland Security & Governmental Affairs Committee (Homeland Security & Governmental Affairs Committee)

Published 2021-04-05

  1. The SolarWinds hack timeline: Who knew what, and when? (CSO Online)
  2. European Institutions Were Targeted in a Cyber-Attack Last Week (BNN Bloomberg)
  3. Examining the SolarWinds/Holiday Bear Hack (Columbia SIPA)
  4. Russia Suspected of Stealing Thousands of State Department Emails (Homeland Security Today)
  5. Supply Chain Hackers Strike Hard at Government Entities
  6. President Biden’s new executive order could oblige software vendors to tell Uncle Sam about security breaches (The Daily Swig)
  7. Supply chain attacks: what we know about the SolarWinds ‘Sunburst’ exploit, and why it still matters (Check Point Software)
  8. Carriers growing increasingly skittish after major cyber incidents (Insurance Business)

Published 2021-04-03

  1. Russian hackers stole thousands of emails from US State Department: Report

Published 2021-04-02

  1. DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack (Nextgov)

Published 2021-04-01

  1. Ep 31 - SolarWinds Hack | Modern Day Apocrypha | Podcasts on Audible (Audible.com)
  2. After hack, officials draw attention to supply chain threats
  3. US looks to keep critical sectors safe from cyberattacks | Election Hq (fox5vegas.com)
  4. Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach
  5. Russian SolarWinds hackers were so ‘sophisticated’ that they even targeted DHS cybersecurity experts (Alternet.org)
  6. More Surveillance Isn’t the Answer to the SolarWinds Hack (EIN Presswire)
  7. After hack, officials draw attention to supply chain threats - U.S. (Stripes)
  8. Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach (CNNPolitics)
  9. DHS Secretary Outlines Biden Administration’s Cybersecurity Vision (Infosecurity Magazine)
  10. The Cybersecurity 202: DHS head seeks to quickly solve some major cybersecurity problems (wapo)
  11. Hunting the hunters: How Russian hackers targeted US cyber first (KAKE)
  12. SolarWinds Hackers Accessed US Department of Homeland Security (DHS) officials
  13. DHS Secretary Previews Six ‘Sprints’ to Improve Federal Cybersecurity (MeriTalk)
  14. Homeland Security Orders Cyber ‘Sprints’ as Part of U.S. Plan Against Hacks
  15. SolarWinds Hack Obtained Emails of Top U.S. Department of Homeland Security Officials (FISM TV)
  16. Senators Ready to Give NSA More Domestic Power Over SolarWinds Hack (News From Antiwar.com)
  17. SolarWinds breach severity perception increasing over time (IT Security News)
  18. Biden's cyber executive order to include new rules for federal agencies, contractors
  19. Analysts expect the worst if Biden doesn't turn his focus toward protecting the grid (WCTI)
  20. NSA Director Says More Domestic Surveillance Might Stop Foreign Hacking; Fails To Explain Why NSA Isn't Stopping Much Foreign Hacking (Techdirt)
  21. Russian FM says relations with West have 'hit the bottom' :: WRAL.com
  22. CISA Orders More Microsoft Exchange Checks in Hunt for Undetected Compromises (MeriTalk)
  23. Cyber Daily: After SolarWinds, Lawmakers Want Companies to Come Clean About Hacks (State Department Emails Stolen)
  24. SolarWinds Hack Demonstrates Need for Cloud Security
  25. SolarWinds Hack Shows Why We Need a National Cyber Director
  26. After SolarWinds, Lawmakers Want Companies to Come Clean About Cyberattacks
  27. USA to publish detailed analysis of SolarWinds hacking tools
  28. SolarWinds breach severity perception increasing over time (Help Net Security)
  29. Top DHS Officials’ E-Mails Compromised in SolarWinds Hack, (Saudi Press)

Published 2021-03-31

  1. As SolarWinds Announces More Patches, Analysts Offer Advice
  2. cyber.dhs.gov - Emergency Directive 21 (02)
  3. Mind the Gap: How the NSA might use SolarWinds campaign to do warrantless spying (Zero Day)
  4. Russian hackers have once again been accused of carrying out cyber (attacks on the United States)
  5. The Fortune 500 Companies That Want To Be Hacked (The Tennessee Tribune)
  6. Blackberry Jarvis
  7. Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies (CyberScoop)
  8. When do cyber ops constitute "threats to use force?" Continuity in US cyber response. Questions about disclosure rules.
  9. U.S. Launches Cyber ‘Sprints’ in the Wake of Nation-State Hacks (Bloomberg)
  10. Revelations About Securing Hybrid Cloud Environments Post-SolarWinds (secblvd)
  11. SolarWinds Attack Has Growing, Worsening Impact on Cybersecurity Pros
  12. Cybersecurity, browser security, SolarWinds (Homeland Security Newswire)
  13. SolarWinds hacker sneaks into Trump's top executive email (Texas News Today)
  14. SolarWinds surprise: Department of Homeland Security emails leaked?
  15. Russians suspected of 'stealing thousands of State Department emails' in latest hack targeting US (Daily Mail Online)
  16. SolarWinds Hack Affected Emails Of Homeland Security Leaders (Potomac Officers Club)
  17. US to publish details on suspected Russian hacking tools used in SolarWinds espionage
  18. Punitive Response to SolarWinds Would Be Misplaced, But Cyber Deterrence Still Matters (Russia Matters)
  19. SolarWinds highlights "alarming" cyberattack trend (Insurance Business)
  20. Email accounts of DHS members were compromised in the SolarWinds hackSecurity Affairs
  21. SolarWinds hacker accessed Homeland Security email (Texas News Today)
  22. Russia suspected of stealing thousands of State Department emails
  23. Officials say executive order with 'a dozen' actions forthcoming after SolarWinds, Microsoft breaches (hill)
  24. Hillicon Valley: Officials say cyber executive order with 'a dozen' actions forthcoming | Epic Games submits Apple complaint to UK watchdog | Facebook's chief revenue officer to leave company (hill)
  25. Oklahoma CISO says pandemic accelerated zero (trust implementation)
  26. SolarWinds Attack Makes Us Distrust The Software We Buy (NewsOpener)
  27. Zero Trust Security Is Essential for Neutralizing Supply Chain Attacks (TechBullion)
  28. Expected breach disclosure mandates will test government-industry cooperation - (FCW)
  29. News Briefs | (bedfordgazette.com)
  30. What Would Happen If States Started Looking at Cyber Operations as a “Threat” to Use Force? (Lawfare)
  31. SolarWinds attack makes us distrust the software we buy (TechRepublic)
  32. How SolarWinds Is Recovering and Sharing What It Has Learned Over The Last Three Months (My TechDecisions)
  33. Atlantic Council: SolarWinds, Microsoft Hacks Reveal ‘Strategic Failure’ (MeriTalk)
  34. SolarWinds cyberhack gained access to then-acting DHS chief's emails: Sources (ABC News)
  35. Lessons of the SolarWinds hack
  36. What We Know (and Don't Know) So Far About the ...

Published 2021-03-30

  1. Infosec Community Increasingly Concerned about SolarWinds Breach, Four Months In
  2. N-able Reveals Sales Hit From SolarWinds Hack Amid Spin (Off)
  3. ZDI-21-373 (Zero Day Initiative)
  4. Department of Homeland Security email accounts exposed in SolarWinds hack (Cyber Security Review)
  5. AP report: SolarWinds hack obtained emails of top DHS officials (Techzine Europe)
  6. SolarWinds Hackers Said to Have Accessed Emails of Top US Security Officials (NewsDeal)
  7. Head of Homeland Security had his email hacked in SolarWinds attack (IT PRO)
  8. SolarWinds Attackers Accessed DHS Emails, Report (tpost)
  9. SolarWinds Breach Exposed 'Climate Change' Level of Threat to U.S. Cybersecurity: Experts (The Crime Report)

Published 2021-03-3

  1. SolarWinds Hackers Obtained Emails of Top US Department of Homeland Security Officials (Cyberintel Magazine)

Published 2021-03-29

  1. In wake of giant software hacks, defenders & dev teams must fix AppSec
  2. AP sources: SolarWinds hack got emails of top DHS officials
  3. Broken trust: Lessons from Sunburst (Atlantic Council)
  4. DHS Secretary Outlines 60 (Day Cybersecurity Recovery Plan)
  5. SolarWinds cyberhack gained access to then (acting DHS chief’s emails: Sources – Illinois News Now)
  6. The Emails of the Department of Homeland Security exposed 
  7. Russian hackers stole thousands of State Department emails, reports claim (The Independent)
  8. Companies Must Report Hacks to U.S. Within Days in Draft Order (Bloomberg)
  9. SolarWinds hack obtained emails of top U.S. Department of Homeland Security officials: AP (Reuters)
  10. Solarwinds, Inc. (NYSE:SWI), (CRWD) - SolarWinds Hackers Breached Homeland Security Officials Emails: Report (Benzinga)
  11. Head of Homeland Security had his email hacked in SolarWinds attack (IT PRO)
  12. Putin calls on nations across world to create new ‘legally binding’ global cyberspace treaty, as hack attack row with US escalates — RT Russia & Former Soviet Union
  13. NIST Seeks Small Business to Help Develop Cybersecurity Standards (Nextgov)
  14. Cybersecurity Needs a New Alert System (WSJ)
  15. Unencrypted | What is SolarWinds? Are updates still safe? (THE DEVIL STRIP)
  16. NSA Opens Door to Domestic Internet Spying, Privacy Advocates Say
  17. SolarWinds Hackers Breached Homeland Security Officials Emails: Report
  18. NSA Opens Door to Domestic Internet Spying, Privacy Advocates Say
  19. SolarWinds hack: US weighs ‘seen and unseen’ responses to major cyber attack (Hindustan Times)
  20. White House Weighs ‘Seen and Unseen’ Responses to Major Hack (Bloomberg)
  21. AP sources: SolarWinds hack got emails of top DHS officials | Govt-and-politics (tulsaworld.com)
  22. In wake of giant software hacks, defenders & dev teams must fix AppSec
  23. Associated Press: SolarWinds hack got emails of top DHS officials (KyivPost - Ukraine's Global Voice)
  24. 'Small number' of DHS email accounts accessed during SolarWinds breach (FedScoop)
  25. CISA Builds Out Defensive Tools for Security Teams
  26. Biden faces few great options for SolarWinds, Exchange retaliation (POLITICO)
  27. SolarWinds: Who’s to Blame? Going Beyond the Cloud (Credit Union Times)
  28. SolarWinds Patches Four New Vulnerabilities in Their Orion Platform
  29. Lawmakers Press Biden to Nominate Federal Cybersecurity Leader Now (MSSP Alert)
  30. The Lawfare Podcast: The Generals vs. the Armed Services Committee with No Bull (Lawfare)
  31. (ISC)2 Survey Finds Cybersecurity Professionals Have Increasing Level of Concern About SolarWinds Incident
  32. SolarWinds hack obtained emails of top US Department of Homeland Security officials (AP)
  33. US Vows Consequences for Russian Actions
  34. AP Sources: SolarWinds Hack Got Emails of Top DHS Officials (NBC10 Philadelphia)
  35. AP sources: SolarWinds hack got emails of top DHS officials (StarTribune)
  36. Software vendors would have to disclose breaches to US - Security (CRN Australia)

Published 2021-03-28

  1. NIST SP 800 (172 release couldn’t come at a better time)
  2. AP sources: SolarWinds hack got emails of top DHS officials (ConchoValleyHomepage.com)
  3. AP sources: SolarWinds hack got emails of top DHS officials (WTMJ)
  4. iTWire (SolarWinds speaks out, and software dev can never be the same again)
  5. Biden Cyber Director Nominee Delayed Amid Turf Battle (News Talk WBAP-AM)
  6. Biden's National Cyber Director Nominee Delayed Amid Turf Battle (Newsmax.com)

Published 2021-03-27

  1. Opinion (The United States has a major hole in its cyberdefense. Here’s how to fix it. - The Washington Post)
  2. Cybersecurity Board Reform Blows Into Place For SolarWinds
  3. Cybersecurity Board Reform Blows Into Place For SolarWinds

Published 2021-03-26

  1. Boards still aren’t taking cybersecurity seriously, warns new NCSC boss. That means everyone is at risk (Bestgamingpro)
  2. Raindrop Loader delivers Cobalt Strike; SolarWinds - AlienVault (Open Threat Exchange)
  3. SolarWinds Orion Update Fixes New Holes (ISSSource)
  4. SolarWinds experimenting with new software builds … (Jioforme)
  5. SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation (SWI)
  6. White House to Require Software Firms to Disclose Breaches to Government Customers
  7. SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation - SWI (bizwire)
  8. SolarWinds Experimenting With New Software Build ...
  9. New, critical vulnerability could give attackers access SolarWinds systems (PG-Intel)
  10. SolarWinds Orion Platform < 2020.2.5 Multiple Vulnerabilities (Tenable®)
  11. SolarWinds hack: the mystery of one of the biggest cyberattacks ever (CyberNews)
  12. SolarWinds Experimenting With New Software Build ... (Go Decrypt)
  13. Shareholder Alert: Robbins LLP Reminds Shareholders it is Investigating SolarWinds Corporation (SWI) (bizwire)
  14. Solarwinds Orion Platform Has New Code Execution Flaws
  15. New, critical vulnerability could give attackers access SolarWinds systems
  16. New, critical vulnerability discovered that could let attackers gain entry to SolarWinds systems (The Cyber Security News)
  17. SolarWinds, cyberattacks (Homeland Security Newswire)
  18. Time for cyber teams, not stovepipes: Telos' CEO tells Wall Street - (Washington Technology)
  19. Shareholder Alert: Robbins LLP Reminds Shareholders it is Investigating SolarWinds Corporation (SWI)
  20. SolarWinds CEO: Here’s What We’re Doing to Prevent Another Attack (SDxCentral)
  21. Mimecast’s Forensic Investigation Found That SolarWinds Hackers Copied Limited Number of Source Code Repositories (CPO Magazine)
  22. Solarwinds Orion Platform updates fix two remote code execution issuesSecurity Affairs

Published 2021-03-25

  1. Microsoft Safety Scanner Download - Windows security (Microsoft Docs)
  2. Hearing | Hearings (United States Commitee on Armed Services)
  3. New, critical vulnerability discovered that could let attackers gain entry to SolarWinds systems (TerabitWeb Blog)
  4. Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft (Reuters)
  5. Agency Dealing With US Nuclear Reserves Hacked In SolarWinds Hack
  6. NSA Chief Says Recent Hacks Expose Limits of U.S. Cyber Protections (WSJ)
  7. U.S. military launched over 2 dozen cyber operations before 2020 election (Axios)
  8. Nakasone Warns Adversaries Hack Unseen In US « Breaking Defense (Defense industry news, analysis and commentary)
  9. Senators Offer to Let NSA Hunt Cyber Actors Inside the US (Defense One)
  10. Exec Order Could Force Software Vendors to Disclose ...
  11. SolarWinds patches critical code execution bug in Orion Platform
  12. Biden reportedly planning an executive order on cybersecurity breach notifications (SiliconANGLE)
  13. Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft (Reuters)
  14. Software vendors would have to disclose breaches to U.S. government users under new order (The Hindu)
  15. What Lessons Should We Learn From The Suspected Russian Hack Of SolarWinds And Other U.S. Agencies And Companies?
  16. What was so striking to Microsoft’s president about SolarWinds and Exchange Server attacks? (CyberNews)
  17. Another serious RCE flaw found on the SolarWinds Orion platform (Jioforme)
  18. Another Critical RCE Flaw Discovered in SolarWinds Orion Platform (Times News Express)
  19. Another Critical RCE Flaw Discovered in SolarWinds Orion Platform
  20. Biden Urged To Name National Cyber Czar Amid Breaches (Law360)
  21. Why 2021 Is the Year for Zero Trust Security
  22. Senators urge Energy chief to prioritize cybersecurity amid growing threats (hill)
  23. General says attacks by foreign hackers are 'clarion call' (StarTribune)
  24. Bragar Eagel & Squire is Investigating Certain Officers and Directors of Zoom and SolarWinds Corporation on Behalf of Long (Term Stockholders and Encourages Investors to Contact the Firm)
  25. SolarWinds Attack Illustrates Evolving Russian Cyber Tactics
  26. Biden executive order would force software vendors to disclose breaches (Seeking Alpha)
  27. Fed Breach Disclosure Rule Planned After SolarWinds Hack: Report
  28. How the heck did US Intelligence miss SolarWinds AND Microsoft Exchange!? by Nick Espinosa (Security Fanatics)
  29. EXCLUSIVE (Software vendors would have to disclose breaches ...)
  30. Why the modern CISO should plan for greater Cybersecurity Regulations in the Biden Era (scmedia)
  31. NSA director says U.S. has a ‘blind spot’ for detecting attacks like SolarWinds, Microsoft Exchange (The Record by Recorded Future)
  32. New “CISO View” Survey on Zero Trust Highlights Credential Theft Trends for New Types of Identities (Odessa American: Business)
  33. Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft (Reuters)
  34. How an advanced architecture can dramatically mitigate massive data breaches - (GCN)
  35. The Cybersecurity 202: NSA director says intelligence has a big blind spot: domestic Internet activity (wapo)
  36. Impatient lawmakers press Biden for cyber director nominee - (FCW)
  37. Robert W. Baird Stick to Their Hold Rating for SolarWinds Corporation By Investing.com
  38. New Code Execution Flaws In Solarwinds Orion Platform (SecurityWeek.Com)

Published 2021-03-23

  1. 'Trust no one' becomes cyber mantra after massive hacking attacks (The Japan Times)
  2. US Response to SolarWinds Cyber Penetrations: A Good Defense Is the Best Offense (Russia Matters)
  3. King: Mandatory breach disclosure bill coming soon - (Defense Systems)
  4. ‘Accelerate change or lose’: Applying Gen. Brown’s action orders to cyberspace education and training
  5. Where's the accountability for Solarwinds? - (Defense Systems)
  6. Acting CISA Director Considers List Of SolarWinds Victims To Be Complete (Potomac Officers Club)
  7. Swiss cybersecurity firm says it accessed servers of SolarWinds hacking group (The Bharat Express News)
  8. CHIRP Tool to Detect SolarWinds Malicious Activity
  9. Discussions About Mandated Cyber Incident Reporting Resurface After Nation-State Hacks (My TechDecisions)
  10. NYSE: SWI Investors should contact the Shareholders Foundation in connection with the Lawsuit against SolarWinds Corporation
  11. Exchange Server updates. SolarWinds victim list "solidified." AFCEA and Shell disclose third (party breaches. MangaDex down.)
  12. Biden ‘Will Cyberattack Putin’ (Because SolarWinds) (secblvd)
  13. SolarWinds compromise leaves Senate questioning agency cyber defenses (Utility Dive)
  14. SolarWinds Attackers Manipulated OAuth App Certificates
  15. Swiss Cyber Security Firm Says It Accessed Servers of a SolarWinds Hacking Group

Published 2021-03-22

  1. The cybersecurity problem we should really worry about (hill)
  2. Swiss Firm Says It Accessed SolarWinds Attackers' Servers
  3. Swiss Cybersecurity Firm says it Accessed Servers of a SolarWinds Hacker
  4. Mimecast: SolarWinds Attackers Stole Source Code - Micro Focus Community (2864117)
  5. House Lawmakers Ask Agencies to Provide More Details on SolarWinds Hack
  6. Recent attacks may drive government’s zero trust adoption - (GCN)
  7. The ‘Frankencloud’ model is our biggest security risk (TechCrunch)
  8. The cybersecurity problem we should really worry about (hill)
  9. Swiss firm accesses servers of hacking group linked to SolarWinds breach, Tech News News & Top Stories (The Straits Times)
  10. Researchers discover threat actors with links to SolarWinds hack (IT PRO)
  11. Swiss firm says it has accessed servers of a SolarWinds hacker that attacked 4,700 targets, Tech News News & Top Stories (The Straits Times)
  12. US plans 'aggressive' cyber offensive against Russia in retaliation for SolarWinds attack
  13. SilverFish: Swiss researchers identify threat actor with links to SolarWinds hack
  14. US government calls for better information sharing in wake of SolarWinds, Exchange attacks (CSO Online)
  15. CISA head: Group of SolarWinds victims is 'solidified' - (FCW)
  16. Does Microsoft share blame for the SolarWinds hack? (Computerworld)
  17. Three Vulnerabilities Exposed During SolarWinds Attack & How It Could Have Been Prevented (CPO Magazine)

Published 2021-03-21

  1. SolarWinds remains 'rare story in software,' says Jefferies SWI (The Fly)
  2. CISA releases CHIRP, a tool to detect SolarWinds malicious activity (TerabitWeb Blog)
  3. CISA releases CHIRP, a tool to detect SolarWinds malicious activitySecurity Affairs

Published 2021-03-20

  1. Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker

Published 2021-03-19

  1. SolarWinds-Linked Attackers Target Microsoft 365 ... (PG-Intel)
  2. Government Monitoring Won't Stop the Next SolarWinds Campaign, Experts Say (Zero Day)
  3. Biden under growing pressure to nominate cyber czar (hill)
  4. Using CHIRP to Detect Post-Compromise Threat Activity in On-Premises Environments (CISA)
  5. SolarWinds explainer
  6. What SolarWinds Taught Us About Third Party Risk Management (SANS Institute)
  7. Swiss Cybersecurity Firm Reveals Vital Details of Solarwinds Hackers (KoDDoS Blog)
  8. Did you get burned by the SolarWinds attack?US Releases Tools for Post-Infringement Detection (Texas News Today)
  9. [Security Weekly] Mimecast Source Code Stolen by Hackers Exploiting SolarWinds Sunburst Backdoor (Penta Security Systems Inc.)
  10. The Cybersecurity 202: Wyden calls for 'time out' in government cybersecurity contracting (wapo)
  11. DHS CISA Shares Incident Response Tool for On (Prem Threat Activity)
  12. U.S. cyber agency releases tool to help SolarWinds Orion defenders (IT World Canada News)
  13. Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker (Bloomberg)
  14. SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (Cyber Security Review)
  15. Solarwinds Orion Attack
  16. Here's what Chinese and Russian hackers are doing in Americans' emails
  17. Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool (CISA)
  18. CISA Releases New Tool To Scan For SolarWinds Compromise Activity (My TechDecisions)
  19. Agency hacks could accelerate push to zero trust security model - (FCW)
  20. White House reviewing National Cyber Director role as Congress presses for governmentwide leadership (FRN)
  21. Interview: Sai Venkataraman, Co-Founder and CEO, SecurityAdvisor (Infosecurity Magazine)
  22. GitHub (cisagov/CHIRP: A forensic collection tool written in Python.)
  23. Burnt by SolarWinds attack? US releases tool for post-compromise detection (ZDNet)
  24. Congress gives four agencies 10 days to report on SolarWinds damage (FRN)

Published 2021-03-18

  1. SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (ZDNet)
  2. SolarWinds hackers gain access to Mimecast production grid environment (PG-Intel)
  3. SolarWinds hackers stole source code from email security firm Mimecast
  4. Has Your Organization Been Breached By Solar Winds Malware?
  5. Bipartisan lawmakers push Biden's Cabinet for answers on fallout from SolarWinds hack (Washington Times)
  6. Mimecast's source code stolen in SolarWinds breach
  7. Mimecast releases report on SolarWinds security incident investigation | 2021-03-18 (Security Magazine)
  8. US advised not to criticize Russian & Chinese cyberattacks given its history of doing the same
  9. NSA, Homeland Security Push Service to Mitigate Cyber-Attacks (Bloomberg)
  10. HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Invites SolarWinds (SWI) Investors with Significant Losses to Contact Firm Before March 5, 2021 Deadline, SEC Investigating Company
  11. SolarWinds hackers stole Mimecast source code
  12. Source code for Mimecast stolen for SolarWinds breach (Texas News Today)
  13. SolarWinds attackers stole Mimecast source code (IT Security Guru)
  14. SecurityScorecard snags $180M Series E to measure a company’s security risk (TechCrunch)
  15. "The SolarWinds Hack - What we know & what to look for next" -- An MTUG Webinar - Mar 18, 2021 - LA Metropolitan Chamber of Commerce | Lewiston, ME - LA Metropolitan Chamber of Commerce (Lewiston, ME)
  16. The Cybersecurity 202: Senate panel delves into SolarWinds hack (wapo)
  17. Mimecast reveals source code theft in SolarWinds hack (ZDNet)
  18. Patch Management in the Post-SolarWinds Era (secblvd)

Published 2021-03-17

  1. The SolarWinds Senate hearing: 5 key takeaways for security admins (CSO Online)
  2. SolarWinds (Linked Attackers Target Microsoft 365 ...)
  3. SolarWinds compromise leaves Senate questioning agency cyber defenses (Cybersecurity Dive)
  4. Solarwinds stock forecast
  5. Senator Hassan Presses Top Administration Officials on Strengthening Cybersecurity Across All Levels of Government Following SolarWinds & Microsoft Exchange Breaches (U.S. Senator Maggie Hassan of New Hampshire)
  6. ‎The Lawfare Podcast: Dmitri Alperovitch on SolarWinds and Microsoft Exchange on Apple Podcasts
  7. Senate Security Leaders Eye FISMA Revamp, SolarWinds Accountability
  8. SilverFish Group Threat Actor Report
  9. Why the SolarWinds Attack Easily Slipped by All EDR/EPP Solutions (secblvd)
  10. iTWire (Ohio senator lashes govt over accountability for SolarWinds attack)
  11. House Energy Committee Requests SolarWinds Update from Agencies
  12. TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise (Homeland Security Today)
  13. Feds aren't well prepared to spot SolarWinds-style hacks at agencies, CISA official says (CyberScoop)
  14. The Case for 'Zero Trust' Approach After SolarWinds Attack
  15. Fed CISO DeRusha Calls New Funding ‘Down Payment’ on Security Improvements (MeriTalk)
  16. Senators press for federal agency accountability over SolarWinds - (FCW)
  17. Can the Biden Administration Get Russia Policy Right? (Russia Matters)
  18. Mimecast Says SolarWinds Hackers Stole Source Code (SecurityWeek.Com)
  19. Mimecast dumps SolarWinds after hackers breached its network (The Cyber Security News)
  20. Mimecast Discovers That Solarwinds Hackers Stole Some of Their Source Code (TheDigitalHacker)
  21. Mimecast dumps SolarWinds after hackers breached its network (IT PRO)
  22. Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code
  23. SolarWinds hackers gain access to Mimecast production grid environment
  24. Mimecast Says SolarWinds Attackers Accessed its ...
  25. SolarWinds Attackers Accessed Mimecast Source Code (Decipher)
  26. Mimecast confirms hackers behind SolarWinds supply chain attack accessed limited amount of customer information (The Daily Swig)
  27. Mimecast: SolarWinds Attackers Stole Source Code (tpost)
  28. Mimecast Update: SolarWinds Hackers Stole Source Code
  29. Mimecast Ax SolarWinds Orion for Cisco NetFlow After Hack - CRN (OLTNEWS)
  30. Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code
  31. SolarWinds hackers stole some of Mimecast source code (RedPacket Security)
  32. Russia's Efforts At Information Warfare Against The West Continue : NPR
  33. Lawmakers press federal agencies on scope of SolarWinds attack (hill)
  34. Hearings to examine the SolarWinds supply chain attack, focusing on the Federal perspective. | Congress.gov (Library of Congress)
  35. Suspected Chinese hackers used SolarWinds bug to spy on US payroll agency (sources)
  36. Bipartisan Group of Lawmakers Request Information on SolarWinds Cyber Attack (Democrats, Energy and Commerce Committee)
  37. Why America will never be safe from cyberattacks
  38. Officials urge Biden to appoint cyber leaders after SolarWinds, Microsoft hacks (hill)
  39. New York Regulator Issues Cyber Insurance Guidelines (Newmeyer Dillion - JDSupra)
  40. What 2020 taught us about the need for deception technology (scmedia)
  41. Russia's Efforts At Information Warfare Against The West Continue : NPR
  42. Mayorkas Addresses Cyber Hacks at House Hearing (MeriTalk)
  43. Mimecast dumps SolarWinds Orion for Cisco NetFlow after hack - Software (CRN Australia)
  44. House lawmakers seek answers on SolarWinds from agency chiefs - (FCW)

Published 2021-03-16

  1. HAFNIUM targeting Exchange Servers with 0-day exploits (Microsoft Security Blog)
  2. For US cyber defense, helpful hackers are only half the battle (hill)
  3. Mimecast Axes SolarWinds Orion For Cisco NetFlow After Hack
  4. Security Vendors Understate Risks in Senate Hearing on SolarWinds
  5. 3 ways agencies can restore cybersecurity trust - (GCN)
  6. Microsoft could be set for a US government windfall (TechRadar)
  7. White House considers cybersecurity ratings to boost visibility - (GCN)

Published 2021-03-15

  1. US government to respond to SolarWinds hackers in weeks - Security (iTnews)
  2. SolarWinds Attacks Recovery Effort Could Take U.S. Government 18 Months
  3. Exchange Hacks: How Will the Biden Administration Respond?
  4. US Should Create New 3-Pronged Approach To Cybersecurity (Law360)
  5. Top SolarWinds Alternatives (eSecurityPlanet)
  6. The Obama administration had a plan to stop cyberattacks like SolarWinds—and blew it.
  7. Biden Administration to Respond to SolarWinds Hackers in Weeks, Not Months
  8. Michael Dell: Public Cloud Isn’t More Secure Than On (Premise)
  9. Cybersecurity Officials Call for Network Visibility, Software Assurance After Russian Hack (FedTech Magazine)
  10. SolarWinds Attacks Recovery Effort Could Take U.S. Government 18 Months (secblvd)
  11. Microsoft Pitches Cybersecurity To U.S., (Campaigns & Elections)
  12. The US must adopt Software Bill of Materials to thwart cyberattacks (hill)
  13. Capitol Hill angry over Microsoft’s security upcharge (POLITICO)
  14. US government to respond to SolarWinds hackers in weeks
  15. Google, Microsoft Feud Over Antitrust, Hacking Issues (Silicon UK)

Published 2021-03-14

  1. White House Weighs New Cybersecurity Approach After Failure to Detect Hacks (nyt)
  2. An update on the SolarWinds hack and data breach (CBS News)
  3. An update on the SolarWinds hack and data bre... (CBS News)
  4. Infamous Solarwinds attack started with just two simple mistakes (ABC News)
  5. "In Weeks, Not Months," Will the US Government Respond to Solarwinds Hackers Said a Senior Official (TheDigitalHacker)
  6. SolarWinds, SUNBURST, and supply chain security.

Published 2021-03-13

  1. U.S. government to respond to SolarWinds hackers in weeks: Senior Official (.:: CHASLES CORP. ::.)
  2. SolarWinds and Microsoft hacks spark debate over western retaliation (World News Curatory)
  3. Why ‘blaming the intern’ won’t save startups from cybersecurity liability – TechCrunch (Bestgamingpro)
  4. US moves closer to retaliation over hacking as cyber woes grow | World (Malay Mail)
  5. U.S. government to respond to SolarWinds hackers in weeks: senior official — Agenparl
  6. Why ‘blaming the intern’ won’t save startups from cybersecurity liability (TechCrunch)

Published 2021-03-12

  1. U.S. government to respond to SolarWinds hackers in weeks: senior official | Article [AMP] (Reuters)
  2. Despite hacks, Biden admin not planning to step up government surveillance (Hindustan Times)
  3. US government to respond to SolarWinds hackers in weeks: Senior official (CNA)
  4. SolarWinds NYC Carpenters Complaint (DocumentCloud)
  5. US moves closer to retaliation over hacking as cyber woes grow
  6. Despite hacks, US not seeking widened domestic surveillance (FRN)
  7. SolarWinds Case 1:21-cv-00002-RP -- Motion to Consolidate Class Actions (DocumentCloud)
  8. Cisco Talos Intelligence Group (Comprehensive Threat Intelligence: Talos Takes Ep. #44: A roundtable discussion on SolarWinds)
  9. SolarWinds lawsuits merge as stockholders begin documenting financial losses (TerabitWeb Blog)
  10. U.S. government to respond to SolarWinds hackers in weeks: senior official (Reuters)
  11. US to Respond to SolarWinds Hackers in Weeks: Senior Official (KMJ-AF1)
  12. SolarWinds stockholders begin documenting financial losses
  13. Biden administration mulls software security grades after SolarWinds
  14. Post-SolarWinds, IT departments increase vendor scrutiny (CIO Dive)
  15. SolarWinds Investors Get Lead Plaintiff in Server Hack Risk Case
  16. Biden administration to respond in weeks to SolarWinds hackers-senior official (The Star Phoenix)
  17. How Should the U.S. Respond to the SolarWinds and Microsoft Exchange Hacks?  (Lawfare)
  18. U.S. government to respond to SolarWinds hackers in weeks: senior official
  19. Retaliation Options: US Cyber Responses To SolarWinds, Exchange Hacks « Breaking Defense (Defense industry news, analysis and commentary)
  20. Biden administration to respond in weeks to SolarWinds hackers-senior official | The Mighty 790 KFGO (KFGO)
  21. The Cybersecurity 202: Democrats' new infrastructure bill highlights cybersecurity concerns (wapo)
  22. Our ongoing commitment to supporting journalism
  23. Google accuses Microsoft of using 'naked corporate opportunism' to distract from SolarWinds hack (Windows Central)
  24. Here's What To Make Of SolarWinds' (NYSE:SWI) Returns On Capital
  25. There’s a vexing mystery surrounding the 0-day attacks on Exchange servers (ars)

Published 2021-03-11

  1. (190) Roundtable: What we've learned (and what we still don't know) about SolarWinds (YouTube)
  2. SolarWinds and Microsoft hacks spark debate over western retaliation
  3. Microsoft Probing Whether Leak Played Role in Suspected Chinese Hack (WSJ)
  4. SolarWinds (NYSE:SWI) Takes On Some Risk With Its Use Of Debt (Simply Wall St News)
  5. Amundi expects no U.S. sanctions on Russia sovereign debt (Reuters)
  6. Why 'Layered Security' Should Be Your New Mantra
  7. SolarWinds CEO blames intern for cyber attack (Lexology)
  8. Evolving Cybersecurity Takes More Than Money
  9. SolarWinds Co. (NYSE:SWI) Receives Consensus Rating of "Hold" from Brokerages (MarketBeat)
  10. Marco to Hold Webinar on SolarWinds Orion Attack
  11. Windows Exchange, Senate's SolarWinds Hack Hearing & NSA’s Zero Trust Recommendations (TFiR: Interviews, News & Analysis by Swapnil Bhartiya)
  12. SolarWinds data breach was warning sign to FINRA, cybersecurity chief says | Secondary Sources | National (Westlaw Today)
  13. The Impact of the SolarWinds Breach on Cybersecurity
  14. Windows Exchange, Senate SolarWinds Hack Hearing & NSA’s Zero Trust Recommendations by TFIR: Open Source & Emerging Technologies (Free Listening on SoundCloud)
  15. There is Still More to SolarWinds Attack (Cyware Alerts - Hacker News)
  16. Why embedded devices are the dangerous blind spot in the SolarWinds attack  (hill)
  17. SolarWinds attack and Executive Order on America's Supply Chain illuminate gaps in supply chain risk management, spur innovative solutions by Fortress Information Security
  18. Opinion: A 'Cyber Pearl Harbor' Looms for America Amid Widespread Digital Complacency (Times of San Diego)
  19. Relief Package Includes Less for Cybersecurity
  20. Hacked Firms Face ‘Frankenstein’ of State (Based Cyber Notification Laws)
  21. After SolarWinds, Companies Turn to Insurers, Not Feds, for Protection
  22. SolarWinds And Microsoft Exchange Attacks: Lay Down The Cyber Law
  23. Be on the Lookout: Impact of SolarWinds Orion Compromise on

Published 2021-03-10

  1. What the Quad Must Learn From the SolarWinds Hack (The National Interest)
  2. Patching, with special attention to Hafnium and the rest. Responding to the SolarWinds incident. Hactivists don’t like cameras. Dragnet in the Low Countries.
  3. Gary Davis on Twitter: "Lawmakers blame #SolarWinds hack on ‘collective failure’ to prioritize #cybersecurity https://t.co/IIXbsitaBr" / Twitter
  4. White House Cyber Group Discusses How to Stop Another SolarWinds
  5. The SolarWinds Cyber-Attack – The Devastation and Wreckage (Michael Volkov - JDSupra)
  6. FireEye CEO: Reckless Microsoft hack unusual for China | (leadertelegram.com)
  7. Russian hack targeting US government places SolarWinds financial model in the cross hairs (KPIC)
  8. FireEye CEO: Reckless Microsoft hack odd for China
  9. PodcastOne: In the wake of the SolarWinds breach, lawmakers turned to industry for recommendations
  10. Nevada CIO says state’s IT is 8 years behind others’ (StateScoop)
  11. Cyber Command: ‘No evidence’ that SolarWinds attackers compromised DoD networks (The Record by Recorded Future)
  12. Chinese hackers presumably behind SolarWinds hack new evidence revealed (Secure Blink)
  13. Security researchers discover Supernova web shell activity linked to Chinese hackers | 2021-03-10 (Security Magazine)
  14. Congress's latest hacking investigation should model its most recent (hill)
  15. Bill Would Eliminate Immunity for Foreign Hackers (Nextgov)
  16. Chinese threat actor exploited SolarWinds vulnerability. Second (stage backdoor possibly linked to SolarWinds compromise. Dependency confusion updates.)
  17. Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)
  18. DHS CISA Shares Remediation, Risk Guidance for SolarWinds Compromise
  19. US 'planning all (out cyberwar on Russia in retaliation for SolarWinds hack' and may take action in next three weeks)
  20. Kremlin and other Russian official websites down; experts doubt US involvement, World News (wionews.com)
  21. SolarWinds Unlikely to Be an Isolated Event as Attackers Become More Sophisticated (Infosecurity Magazine)
  22. Chinese suspected of two attacks on internet (facing SolarWinds server)
  23. CISA: ‘Identity is everything’ for cyber defense post-SolarWinds (FRN)
  24. NCP (National Checklist Program Repository)

Published 2021-03-09

  1. How SolarWinds’ Approach to Cybersecurity Made It Vulnerable to an Attack (TTI)
  2. The SolarWinds Hack Hits Home (DevPro Journal)
  3. Why the SolarWinds Hack Is a Wake-Up Call (CoFR)
  4. FireEye and Microsoft Uncover More Malware Strains Used in SolarWinds Hack (Toolbox Security)
  5. Air Force Only Service to Develop Cybersecurity Requirements for Weapon Systems Contracts, GAO Says (Nextgov)
  6. SolarWinds Aftermath Threat Hunting Survey Yields Mixed News
  7. ‎World Wide Technology (TEC37: 26. Security – Would Zero Trust Have Prevented the SolarWinds Breach? on Apple Podcasts)
  8. SolarWinds, cyberattacks (Homeland Security Newswire)
  9. Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
  10. Guidance on Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)
  11. Researchers Describe a Second, Separate SolarWinds Attack
  12. Bill Would Allow Americans to Sue Foreign Hackers
  13. The SolarWinds Hack Gets Worse, But Offers A Tiny Bit Of Amusement (PC Perspective)
  14. Was SolarWinds a Different Type of Cyber Espionage? (Lawfare)
  15. Russia Warns Against U.S. Retaliation for SolarWinds Amid Fears of Cyberwar | World Report (US News)
  16. More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
  17. Registration
  18. NYSE: SWI Shareholder Notice: Lawsuit against SolarWinds Corporation Announced by Shareholders Foundation | 2021-03-09 | Press Releases (Stockhouse)
  19. New survey examines the impact of SolarWinds breach on cybersecurity | 2021-03-08 (Security Magazine)
  20. Episode 124: Solarwinds recap (Cyber24)
  21. Biden challenged by early cyber threats (hill)
  22. Kremlin: Report On Planned U.S. Cyberstrikes On Russia 'Alarming'
  23. How the SolarWinds attack may affect your organization's cybersecurity (TechRepublic)
  24. Kremlin calls NYT report on planned U.S. cyberstrikes on Russia 'alarming' (Reuters)
  25. Beazley on the implications of the Solar Winds hacking incident (Insurance Business)
  26. US plans mix of 'seen and unseen' actions against Russia over SolarWinds attacks
  27. SolarWinds Sunburst backdoor supply chain attack: Why it still matters | Security (ITP.net)
  28. SolarWinds Hack (CEPA)
  29. Understanding Third (Party Hacks, Learning from SolarWinds Hack)

Published 2021-03-08

  1. SolarWinds just keeps getting worse: New strain of backdoor malware found in probe (Register)
  2. Security Policies Do Matter, but Really Only So Much
  3. SolarWinds attack and Executive Order on America's Supply Chain illuminate gaps in supply chain risk management, spur innovative solutions by Fortress Information Security
  4. [Update] SolarWinds Hack Finds Possible Link to China, Say Researchers-- Supernova Malware Detected (Tech Times)
  5. More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
  6. Hackers hiding Supernova malware in SolarWinds Orion linked to China
  7. Chinese hackers targeted SolarWinds customers in parallel with Russian op (ars)
  8. Microsoft: Microsoft failed to shore up defenses that could have limited SolarWinds hack (U.S. senator, Telecom News, ET Telecom)
  9. China (linked hackers exploited SolarWinds software in 2020 breach, researchers say)
  10. The SolarWinds attack and best practices for code (signing)
  11. What to Do About Cybersecurity (Law, Policy -- and IT?)
  12. Is it time to adopt an ‘assumed breach’ cyber policy? (BIC Magazine)
  13. Latest target for hackers: A popular file-transfer program (WRAL TechWire)
  14. Biden Plans Cyber Attacks Against Russia For SolarWinds Hack, Ignores Chinese Involvement (National File)
  15. U.S. cyberattacks against Russia may be underway in reprisal for SolarWinds hack, experts say (Just The News)
  16. Will the US Government Recognize SolarWinds as a Cyber Inflection Point? (Data Core Systems)
  17. ‘Retaliation’ for Russia's SolarWinds Spying Isn't the Answer (WIRED)
  18. US plans 'a mix of actions' against Russia over SolarWinds cyberattack (Engadget - News WWC)
  19. Hacked Companies Caught in Maze of Notification Requirements
  20. Proposal Would Let Foreign Gov'ts Be Sued For Cyberattacks (Law360)
  21. Gen. Paul Nakasone on CYBERCOM’s Response to SolarWinds Breach, ‘Defend Forward’ Concept
  22. New Cyber Insurance Risk Framework Provides Best Practices for the Insurance Industry (Bradley Arant Boult Cummings LLP - JDSupra)
  23. EXCLUSIVE: I am Groot - POLITICO: one-on (wine with lead house cyber chair)
  24. Hearings On The SolarWinds Hack And Possible Policy Responses (MarketScreener)
  25. Casting a wide intrusion net: Dozens burned with single hack | (leadertelegram.com)
  26. White House juggling response to Microsoft, SolarWinds hacks
  27. Hearings On The SolarWinds Hack And Possible Policy Responses - Technology (United States)
  28. Microsoft adopted ‘aggressive’ strategy for sharing SolarWinds Attack intel (Urgent Comms)
  29. Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks (ZDNet)
  30. Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
  31. Cybersecurity in 2021: Stopping the madness (CSO Online)
  32. Researchers Identify More Malware Used By SolarWinds Hack Group
  33. Server Management Software Market Segmentation 2021, by Key Players: Datadog, SolarWinds MSP, ManageEngine, Microsoft, BMC Software, Central Solutions etc. (Breakout Live)
  34. Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
  35. GoldMax, GoldFinder, and Sibot, are the 3 new Malwares Used by SolarWinds Hackers (IT Security News)

Published 2021-03-07

  1. Preparing for Retaliation Against Russia, U.S. Confronts Hacking by China (nyt)
  2. Shareholder Alert: Pawar Law Group Announces A Securities Class Action Lawsuit Against Solarwinds Corporation (SWI)
  3. SolarWinds Password Fail, Chinese Hacking Exchange, Google to stop Tracking Cookies
  4. Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management be Held Accountable for Investors Losses? Contact Johnson Fistel (NeighborWebSJ)
  5. Microsoft: We’ve found three more pieces of malware used by the SolarWinds attackers (Bestgamingpro)
  6. Casting a wide intrusion net: Dozens burned with single hack (StarTribune)

Published 2021-03-06

  1. Casting a wide intrusion net: Dozens burned with single hack
  2. SolarWinds : Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management be Held Accountable for Investors Losses? Contact Johnson Fistel (MarketScreener)
  3. Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management Be Held Accountable For Investors Losses? Contact Johnson Fistel SWI
  4. Did you acquire SolarWinds (SWI) before October 18, 2018? Should management be held responsible for investor losses? Contact Johnson Fistel (OLTNEWS)
  5. DIB Take Note: SolarWinds Hack and DHS CISA Emergency Directive on Cyber Vulnerabilities Point to the Need to be Prepared for APTs (Stinson - Government Contracting Matters - JDSupra)
  6. Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet - PressboltNews)
  7. Microsoft Adopted an 'Aggressive' Strategy for Sharing SolarWinds Attack Intel (News AKMI)
  8. China’s and Russia’s spying sprees will take years to unpack (ars)
  9. Microsoft Reveals 3 New Malware Variants Relating to SolarWinds Cyberattack
  10. GoldMax, GoldFinder, and Sibot, 3 new malware used by SolarWinds attackers (IT Security News)
  11. Second (stage backdoor possibly linked to Solorigate campaign. Hafnium exploits Exchange Server vulnerabilities.)

Published 2021-03-05

  1. Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims (WIRED)
  2. Move over, SolarWinds: 30,000 orgs’ email hacked via Microsoft Exchange Server flaws (Verge)
  3. This Week In SolarWinds, with a key unexpected lesson (The Business of Tech)
  4. SolarWinds SUNBURST Backdoor DGA and Infected Domain Analysis (Cybersecurity Insiders)
  5. Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management be Held Accountable for Investors Losses? Contact Johnson Fistel
  6. U.S. Weapons Programs Lack 'Key' Cybersecurity Measures (tpost)
  7. Second (stage backdoor in SolarWinds compromise victim. Exchange Server exploitation. RedEcho as staging. Leaky clouds.)
  8. SWI DEADLINE ALERT: ROSEN, TOP RANKED IVNESTOR COUNSEL, Encourages SolarWinds Corporation Investors with Large Losses to Secure Counsel Before Important Deadline Today in Securities Class Action (SWI)
  9. SolarWinds Orion Security Breach: Cyberattack Timeline and Hacking Incident Details (ChannelE2E)
  10. Microsoft shares details on three new malware strains used in SolarWinds hack
  11. Researchers Find 3 New Malware Strains Used by SolarWinds Hackers (WP Guy News)
  12. CMMC Project Update: Rule Comments and the Impending Split (ClearanceJobs)
  13. Protect, Detect, and Respond to Supply Chain Cyber Attacks (e.g. Solarwinds) Using Splunk Enterprise Managed Security Services - (Redmondmag.com)
  14. The Klein Law Firm Reminds Investors of Class Actions on Behalf of Shareholders of SWI, VLDR and REGI
  15. Three New Malware Strains Linked to SolarWinds Hackers (TerabitWeb Blog)
  16. SolarWinds: "IT's Pearl Harbor." (InsiderPro)
  17. Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
  18. Microsoft Adopted an 'Aggressive' Strategy for ...
  19. Microsoft discovers more malware used by SolarWinds attacker while FireEye finds new backdoor (IT World Canada News)
  20. Microsoft Drops 'Solorigate' for 'Nobelium' in Ongoing SolarWinds Attack Investigations - (Redmondmag.com)
  21. Atense Says Its Computer Vaccine Will Prevent Future “SolarWinds” Hacking Events - Press Release (Digital Journal)
  22. Lawsuits Filed Against SWI, XOM and ATNX (Jakubowitz Law Pursues Shareholders Claims)
  23. The Cybersecurity 202: Companies are doing a terrible job of reporting cybersecurity risks to investors, a new study says (wapo)
  24. Risky business: 3 timeless approaches to reduce security risk in 2021 (Help Net Security)
  25. It’s Time for a Cybersecurity Quid Pro Quo (Nextgov)
  26. Microsoft Corporation (NASDAQ:MSFT), Solarwinds, Inc. (NYSE:SWI) - Microsoft's Emergency Security Patch After Cyber Attack Attracts White House Monitoring: Reuters (Benzinga)
  27. SWI ALERT: The Klein Law Firm Announces a Lead Plaintiff Deadline of March 5, 2021 in the Class Action Filed on Behalf of SolarWinds Corporation Limited Shareholders
  28. After SolarWinds breach, White House preps executive order on software security (CyberScoop)
  29. SolarWinds, SUNBURST, and the Latest in Supply Chain Security, Compromises, & Breach Litigation | Events  ( Crowell & Moring LLP)

Published 2021-03-04

  1. FireEye finds new malware likely linked to SolarWinds hackers - AlienVault (Open Threat Exchange)
  2. New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (Mandiant)
  3. Microsoft reveals GoldMax, Sibot and GoldFinder new malware strains used by SolarWinds hackers (Cyber Security Review)
  4. FINAL DEADLINE TOMORROW: The Schall Law Firm Announces the Filing of a Class Action Lawsuit Against SolarWinds Corporation and Encourages Investors with Losses to Contact the Firm
  5. Cyber Attacks: Tech’s natural disasters (Gadget)
  6. CYBERCOM Plays ‘Key Role’ As SolarWinds Unfolds: Gen. Nakasone « Breaking Defense (Defense industry news, analysis and commentary)
  7. SWI FILING DEADLINE TOMORROW: Bernstein Liebhard LLP Reminds Investors of the Deadline to File a Lead Plaintiff Motion in a Securities Class Action Lawsuit Against SolarWinds Corporation
  8. DIB Take Note: SolarWinds Hack and DHS CISA Emergency Directive on Cyber Vulnerabilities Point to the Need to be Prepared for APTs (Lexology)
  9. SWI Deadline: Bronstein, Gewirtz & Grossman, LLC Reminds SolarWinds Corporation Shareholders of Class Action and Lead Plaintiff Deadline: March 5, 2021
  10. Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet)
  11. SolarWinds Deadline Alert
  12. Microsoft, FireEye Uncover More Malware Used in the ...
  13. What’s the message about Cloud Contracts since AWS declined to testify to the Senate about SolarWinds? | Blogs | Internet, IT & e-Discovery Blog (Foley & Lardner LLP)
  14. Lessons from the SolarWinds Breach (BeyondTrust)
  15. Biden makes cybersecurity ‘top priority’ in national security guidance (FRN)
  16. SolarWinds : Announcing ‘Cyber Insurance Risk Framework,' NY DFS Joins OFAC In Discouraging Carriers From Making Ransomware Payments (MarketScreener)
  17. Citigroup Begins Coverage on SolarWinds (NYSE:SWI) (MarketBeat)
  18. China’s and Russia’s Spying Sprees Will Take Years to Unpack (WIRED)
  19. The March IronNet Threat Intelligence Brief (secblvd)
  20. Researchers Disclose More Malware Used in SolarWinds Attack
  21. SolarWinds hack a wake-up call to the tech sector (GZERO Media)
  22. Lesson From SolarWinds Attack: It's Time to Beef Up IAM
  23. SolarWinds blames at least some of its poor cybersecurity on an intern and a bad password.
  24. Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers (tpost)
  25. Congressional Hearings on SolarWinds Hack
  26. The danger in calling the SolarWinds breach an ‘act of war’
  27. New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (fireeye)

Published 2021-03-03

  1. Is Solarwinds safe? - General Software Forum (Spiceworks)
  2. DEADLINE ALERT for SWI, QS, TCDA: Law Offices of Howard G. Smith Reminds Investors of Class Actions on Behalf of Shareholders
  3. SolarWinds Incident May Bring Data Breach Notification Rules
  4. SolarWinds Senate Hearing: Moving Forward It’s All About Zero Trust
  5. Still more questions than answers on SolarWinds attack - (Defense Systems)
  6. Blinken vows renewed focus on emerging tech after hack (hill)
  7. Microsoft opens CodeQL queries to public after SolarWinds hack
  8. CISA Official Calls for Update of Identity Management Guidance in Wake of SolarWinds Compromise (Nextgov)
  9. SolarWinds Senate Hearing: Moving Forward It’s All About Zero Trust (secblvd)
  10. How SolarWinds Busted Up Our Assumptions About Code ...
  11. SolarWinds CEO Blames Intern for GitHub Password Fiasco (Toolbox Security)
  12. Microsoft: SolarWinds Attack Highlights Growing Sophistication of Nation-State Actors (Infosecurity Magazine)
  13. Okta CEO: After SolarWinds hack, leaders must think about 4 points
  14. CLASS ACTION UPDATE for SWI, JFU and CLOV: Levi & Korsinsky, LLP Reminds Investors of Class Actions on Behalf of Shareholders
  15. Cloud Vs On (premise Debate Flares Up In The Wake Of Solarwinds Attack)
  16. SolarWinds Hacking Damage Could Take up to 18 Months to Recover (Tech Times)
  17. FBI Director Suggests Multi-Pronged Response to SolarWinds Hack (News Talk WBAP-AM)
  18. Will the SolarWinds hack make us tighten security in the tech industry?
  19. Netenrich and Industry Leaders Discuss the Rise in Third Party Attacks Post (SolarWinds and Techniques to Maximize Security Effectiveness)

Published 2021-03-02

  1. What happened at SolarWinds? - sunburst in action! (Stinet)
  2. Best practices for Securing Office 365 against pervasive cloud collaboration risks (secblvd)
  3. SolarWinds Says SEC, DOJ, State AGs Probing Cyberhack (Law360)
  4. A Briefing on the SolarWinds Threat (ACT-IAC)
  5. Cybersecurity Journalist says SolarWinds Hack is a “Harbinger” of Threats to Come — Fraud Conference News
  6. Cybersecurity and IT top GAO’s High Risk List, yet again
  7. SolarWinds executives blame intern for leaked password (Cloud7 News)
  8. SolarWinds Says It’s Cooperating with Probes by SEC, Justice (Bloomberg)
  9. SolarWinds Attack Prompts Calls for Companies to Disclose Hacks (Bloomberg)
  10. Recovering from the SolarWinds hack could take 18 months (Worldwide Tweets)
  11. How to prevent data leaks
  12. SolarWinds Says It’s Cooperating with Probes by SEC, Justice
  13. U.S. Matches EU, U.K. Sanctions on Russia for Navalny Attack (Bloomberg)
  14. SolarWinds blaming intern is symptom of "security failures"
  15. The Gross Law Firm Announces Class Actions on Behalf of Shareholders of SWI, FUBO and MPLN
  16. The Law Offices of Frank R. Cruz Reminds Investors of Looming Deadline in the Class Action Lawsuit Against SolarWinds Corporation (SWI) (bizwire)
  17. SolarWinds (A Supply Chain Compromise)
  18. Biden Administration Sanctions Russia Over Kremlin Critic Alexei Navalny’s Poisoning (WSJ)
  19. Hacking group targets organizations via Microsoft server software -researcher | WKZO | Everything Kalamazoo (590 AM · 106.9 FM)
  20. Extreme : SolarWinds – A Supply Chain Compromise (MarketScreener)
  21. The Law Offices of Frank R. Cruz Reminds Investors of Looming Deadline in the Class Action Lawsuit Against SolarWinds Corporation (SWI)
  22. Expert Reaction On Solarwinds Blames Intern For Weak Passwords (Information Security Buzz)
  23. SolarWinds reports $3.5 million in expenses from supply (chain attack)
  24. AWS Used By Bad Guys: SolarWinds Hackers Used Elastic Compute Cloud (CTOvision.com)
  25. SolarWinds Corporation Investors: Last Days to Participate Actively in the Class Action Lawsuit; Portnoy Law Firm
  26. SolarWinds executives blame intern for 'solarwinds123' password lapse
  27. SolarWinds: Intern leaked passwords on GitHub (secblvd)
  28. Wray hints at federal response to SolarWinds hack (hill)
  29. SolarWinds, Cyber ‘Regression,’ CDM Loom Large in GAO High (Risk Update – MeriTalk)
  30. HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Invites SolarWinds (SWI) Investors with Significant Losses to Contact Firm Before March 5, 2021 Deadline, SEC Investigating Company
  31. SolarWinds is being investigated by the Securities and Exchange Commission, filing shows (MarketWatch)

Published 2021-03-01

  1. SolarWinds attack – What is Known and How to Stay Protected (Check Point Software)
  2. Recovering from the SolarWinds hack could take 18 months (MIT Technology Review)
  3. Breached software firm SolarWinds faces SEC inquiry after insider stock sales (Flipboard)
  4. Solarwinds Form 10-K filing 2020-12 (31)
  5. Document
  6. NYSE:SWI Shareholder Notice: Deadline on March 5, 2021 in Lawsuit Against SolarWinds Corporation - Press Release (Digital Journal)
  7. Comment: Mystery — and fear — mounts over SolarWinds hack (HeraldNet.com)
  8. SolarWinds (Morgan Stanley Technology, Media and Telecom Conference)
  9. Cloud (based dev teams must shift security left to avoid fate of SolarWinds)
  10. SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020 (TI Forense)
  11. SolarWinds Cyberattack Prompts Calls for Aggressive Countermeasures | The Well News (Pragmatic, Governance, Fiscally Responsible, News & Analysis)
  12. How SolarWinds is turning the Orion breach into competitive advantage (Weirdware)
  13. SolarWinds Orion Web Performance Monitor (WPM) Remote Detection (Tenable®)
  14. Sai Huda’s best-selling book Next Level Cybersecurity reveals signals missed in world’s largest hacks such as SolarWinds (EIN Presswire)
  15. NTIA Software Component Transparency (National Telecommunications and Information Administration)
  16. Cyber risks loom over Covid-prompted corporate IT shifts (POLITICO)
  17. SHAREHOLDER ALERT: Pawar Law Group Announces a Securities Class Action Lawsuit Against SolarWinds Corporation (SWI)
  18. The SolarWinds Body Count Now Includes NASA and the FAA (WIRED)
  19. National Security Risks of Late-Stage Capitalism (secblvd)
  20. If the Walls Fall: Federal Agencies Must Layer Cyber Defenses to Ensure Data Protection (MeriTalk)
  21. SolarWinds: Look Beyond The Hack (NYSE:SWI) (Seeking Alpha)
  22. What the SolarWinds Attacks Mean for Cloud Data Protection - (Redmondmag.com)
  23. SolarWinds: Undervalued Despite The ORION Hack (NYSE:SWI) (Seeking Alpha)
  24. Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains
  25. Massive SolarWinds Hack Prompts Up to $25 Million in New Expenses
  26. After SolarWinds debacle, the U.S. needs to keep software makers from being hurt by cost (cutting owners)
  27. Incident Response to SolarWinds Orion Software Compromise for SMEs
  28. SolarWinds security fiasco may have started with simple password blunders (ZDNet)
  29. SolarWinds faces an SEC inquiry following insider stock sales that took place before Russian hack (wapo)
  30. SolarWinds to spend up to US$25M on security following attack - Software (CRN Australia)
  31. iTWire (Microsoft chief's claims on cloud security result in sharp rejoinder)

Published 2021-02-28

  1. Jake Williams on Twitter: "I've been thinking a LOT about Brad Smith's testimony this week about #SolariGate. He repeatedly implies that if organizations "just" adopt a cloud first model, they won't experience these sorts of attacks. I called that reckles
  2. FireEye cyber CEO: American internet users will be targeted in next war
  3. ‘The Marriage Pact’ and the risks we take with data (Charlotte Observer)
  4. Buy Palo Alto Networks (PANW) On Weakness; Unlocking Value Of Cloud Business (Seeking Alpha)
  5. Hackers seized on the pandemic. Some states are fighting back | National (bakersfield.com)
  6. Hearing on Hack Prompts Call for Review of Government’s Cloud Procurement (Nextgov)
  7. Former SolarWinds CEO Blames Intern for Password Security Breach
  8. Congress has new appetite for breach law following SolarWinds hack - Security (iTnews)
  9. Solarwinds Class Action Reminder
  10. SolarWinds hack pits Microsoft against Dell, IBM over how companies store data
  11. SHAREHOLDER ALERT: SWI QS CLOV: The Law Offices of Vincent Wong Reminds Investors of Important Class Action Deadlines
  12. Solarwinds blamed intern for weak password ( experts have doubts)
  13. SolarWinds Officers Blame Intern for ‘solarwinds123’ Password (The Times Hub)

Published 2021-02-27

  1. Vinoth Kumar on Twitter: "https://t.co/H18DCF44El is an intern service according to the Solarwinds ceo so an intern who worked for only for 3 months(2017) had an access to the FTP server and credential was not rotated after he left. So so
  2. cybersecurity: Tech executives face round two of Congressional grilling over SolarWinds breach, Telecom News, ET Telecom
  3. Senate Intelligence Hearing on SolarWinds Hacking (C-SPAN.org)
  4. iTWire (John Capobianco)
  5. RABET (V Pilot Update and SolarWinds Mitigations)
  6. The SolarWinds Body Count Now Includes NASA and the FAA (Tech Exec)
  7. SolarWinds Officials Blame Intern for ‘solarwinds123’ Password
  8. Accusation: Microsoft failed with security in the SolarWinds hack (Born's Tech and Windows World)
  9. Solarwinds blamed intern for weak password – experts have doubts (FR24 News English)
  10. Jeff Elder on Twitter: "SolarWinds leaders told Congress the password "solarwinds123" was a quickly fixed intern's error. Records show it was a publicly accessible software (update server with password visible for two years. A company email from 2019 notes)
  11. Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak (WKSM-FM)
  12. Jeff Elder on Twitter: "SolarWinds leaders told Congress today the password "solarwinds123" was a mistake by an intern. An email from the company in 2019 links the issue to "publicly accessible" data and "exposed credentials." https://t.co/UTfYWYNTFP" / T
  13. Microsoft president criticizes Amazon and Google's public response to SolarWinds hack (Washington Times)
  14. SolarWinds Hack Pits Microsoft Against Dell, IBM Over How Companies Store Data (WSJ)
  15. Kamala Harris To Prioritize Cybersecurity And Global Health In Foreign Policy Platform (MITechNews)
  16. Microsoft’s Brad Smith Drags AWS, Google Over SolarWinds Response
  17. Former SolarWinds CEO Blames Intern for “solarwinds123” Password Leak (FR24 News English)
  18. Critical VMware vSphere Vulnerability Is a Must (Patch)
  19. Tech executives testify in Solorigate hearing. Accellion breach updates. Silver Sparrow targets Macs.
  20. SolarWinds’ security practices questioned by lawmakers following cyber attack
  21. The SolarWinds Body Count Now Includes NASA and the FAA (WIRED)

Published 2021-02-26

  1. Lawmakers blame SolarWinds hack on 'collective failure' to prioritize cybersecurity
  2. CyberSec Chey on Twitter: "Former SolarWinds CEO ("We had no password rules, didn't audit accounts, and were basically crap at security but, hey, that's why I got the big bucks!"" / Twitter)
  3. Microsoft slams Amazon's AWS over Solarwinds silence (MSPoweruser)
  4. Former SolarWinds CEO blames intern for "solarwinds123" password leak (CNNPolitics)
  5. Former SolarWinds CEO blames the intern for the “solarwinds123” password leak (Security – 6Park News En)
  6. Experts Call for Increased Cyber Info Sharing in Wake of SolarWinds Breach (MeriTalk)
  7. Congress has new appetite for breach law following SolarWinds hack: lawmaker | Business Information & News | FE (Westlaw Today)
  8. At House SolarWinds hearing, bipartisan lawmakers announce breach disclosure bill (TerabitWeb Blog)
  9. Oversight and Homeland Security Committees Discussed Next Steps for Government and Private Tech Following SolarWinds Breach (House Committee on Homeland Security)
  10. SolarWinds' Former CEO Blames Intern for 'solarwinds123' Password Leak (Slashdot)
  11. MSFT Stock - Microsoft makes CodeQL queries public post SolarWinds attack (Fintech Zoom - World Finance)
  12. Former SolarWinds CEO blames intern for 'solarwinds123' password leak | (foxcarolina.com)
  13. RABET-V Pilot Update and SolarWinds Mitigations (NASS)
  14. Microsoft makes CodeQL queries public post SolarWinds attack
  15. Here's Why I Continue to Be on the Zscaler Bandwagon (RealMoney)
  16. Cyber Week in Review: February 26, 2021 (CoFR)
  17. Microsoft releases open (source CodeQL queries to assess Solorigate compromiseSecurity Affairs)
  18. Over 18,000 companies attacked - Microsoft slams Google & Amazon for hiding information (Gizchina.com)
  19. SolarWinds Executives Blame Intern for Leaking Password 'solarwinds123', Leading to Largest Security Breach in The US (Tech Times)
  20. Former NSA and Cyber Command Chief Keith Alexander on SolarWinds, Cyberwar, and China (The Record by Recorded Future)
  21. US may announce new sanctions on Russia within weeks - White House press secretary - World (TASS)
  22. U.S. Government Cybersecurity Vulnerabilities Flow Down to Private Companies and Federal Court Litigants (New York Law Journal)
  23. Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers (ZDNet)
  24. File Integrity Monitoring Market Current and Future Demand 2027 (Solarwinds, Alienvault, Logrhythm, Trustwave, Manageengine, Trend Micro, and more – NY Market Reports)
  25. Basic cybersecurity standards must start with procurements, experts say
  26. Risk & Repeat: Inside the SolarWinds Senate hearing
  27. WEBINAR: How to avoid being the next SolarWinds security incident Tickets, Thu, Mar 4, 2021 at 10:00 AM (Eventbrite)
  28. Miller-Meeks says ‘SolarWinds’ hack a wake up call for all (Sioux County Radio)
  29. SolarWinds hack calls for data breach laws, cyber funding, lawmaker told | Secondary Sources | National (Westlaw Today)
  30. The SolarWinds Hack and Its Hidden Impacts on Small & Medium Size Enterprises (Fairfax County EDA)
  31. Katko Opening Statement at Hearing on SolarWinds Cyber Campaign - Committee on Homeland Security (Republicans)
  32. Microsoft could've prevented some SolarWinds damage (IT Security Guru)
  33. CrowdStrike Exec Points to Active Directory 'Structural Problems' in Senate Solorigate Hearing - (Redmondmag.com)
  34. SHAREHOLDER ALERT: Levi & Korsinsky, LLP Notifies Shareholders of SolarWinds Corporation of a Class Action Lawsuit and a Lead Plaintiff Deadline of March 5, 2021 (SWI)
  35. The anatomy of the SolarWinds attack chain (ITWeb)
  36. Congress has new appetite for breach law following SolarWinds hack -lawmaker (The Star Phoenix)
  37. Hillicon Valley: Second SolarWinds hack hearing | TikTok to settle privacy lawsuit | Facebook apologizes for removing lawmaker post (hill)
  38. Miller-Meeks says 'SolarWinds' hack a wake up call for all (Radio Iowa)
  39. Fallout From the SolarWinds Hack (Bloomberg)
  40. SolarWinds Plans Cybersecurity Investment After Supply Chain Compromise (ExecutiveBiz)
  41. Watch live: Congressional hearing on SolarWinds breach (hill)
  42. It’s Not Such a Breeze: Assessing Your Service Providers After SolarWinds (New York Law Journal)
  43. Microsoft shares tool to hunt for compromise in SolarWinds breach (CyberScoop)
  44. Solarwinds Corporation (SWI) Q4 2020 Earnings Call Transcript (The Motley Fool)
  45. Microsoft Releases Queries for SolarWinds Attack Detection

Published 2021-02-25

  1. Former SolarWinds CEO blames intern for "solarwinds123" password leak (CNNPolitics)
  2. SolarWinds Update: Russian Threat-Actor Re (Used Components from Other)
  3. Here's the Big Problem With Too Much Trust
  4. AWS: SolarWinds hackers used our elastic compute cloud - Security (CRN Australia)
  5. SOLARWINDS SHAREHOLDER ALERT BY FORMER LOUISIANA ATTORNEY GENERAL: Kahn Swick & Foti, LLC Reminds Investors with Losses in Excess of $100,000 of Lead Plaintiff Deadline in Class Action Lawsuits Against SolarWinds Corporation (SWI)
  6. Lawmakers angered over Amazon’s lack of public disclosure on SolarWinds hack (MarketWatch)
  7. Assessing Fallout from the SolarWinds Breach (eWEEK)
  8. Haeggquist & Eck, LLP Is Investigating Claims Against SolarWinds Corporation’s Directors and Officers for Breach of Fiduciary Duty (bizwire)
  9. Microsoft failed to shore up defenses that could have limited SolarWinds hack: U.S. senator | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
  10. US senator claims Microsoft failed to fix cloud holes before SolarWinds hack - Security (iTnews)
  11. The SolarWinds of Change are Blowing in the Need for Tech Collaboration (Law.com)
  12. Microsoft Releases Free Tool for Hunting SolarWinds ...
  13. Watch: Risk Advisory Services: SolarWinds Cyber Attack and its Impact on your Cybersecurity Insurance
  14. The Top Free Tools for Sysadmins in 2021
  15. Executive Order Focuses on Supply Chain Risk Management
  16. Huawei backs supply chain security standards in wake of SolarWinds breach (hill)
  17. Our Dire Need for a National Cybersecurity Agency
  18. IDX Introduces Cybersecurity Healthcheck to Identify Security...
  19. White House Releases Executive Order on America's Software Supply Chains (secblvd)
  20. Haeggquist & Eck, LLP Is Investigating Claims Against SolarWinds Corporation’s Directors and Officers for Breach of Fiduciary Duty
  21. Cloud Email Security Software Market to Witness Astonishing Growth With Vital Key Players | Proofpoint, SpamTitan, Barracuda, SolarWinds – KSU (Sentinel)
  22. Bloomberg
  23. SWI SHAREHOLDER FILING DEADLINE: Bernstein Liebhard LLP Reminds Investors of the Deadline to File a Lead Plaintiff Motion in a Securities Class Action Lawsuit Against SolarWinds Corporation (GuruFocus.com)
  24. Ex-NSA chief: No idea how badly SolarWinds hack harmed security (The Jerusalem Post)
  25. Microsoft Releases Free Tool for Hunting SolarWinds ...
  26. Tech exec to Congress: Supply chain hack took 1,000 engineers - (Defense Systems)
  27. US Senators, tech execs recommend hack reporting requirement, Technology (THE BUSINESS TIMES)
  28. 10 Security Quotes: Microsoft, CrowdStrike, SolarWinds, and FireEye Talk to Congress
  29. CIA nominee: Cyber threats are 'ever greater risk' for U.S. society - (FCW)
  30. SolarWinds Revenue, Earnings After Security Breach (MSSP Alert)
  31. Cyber Diplomacy Act aims to elevate America's global cybersecurity standing (CSO Online)
  32. Cyber (pandemic: The most notable cyber attacks of 2020)
  33. Krebs Lays Out CISA Bite-Back at Health (Sector Hackers – MeriTalk)
  34. AWS: SolarWinds Hackers Used Our Elastic Compute Cloud
  35. U.S. and EU prepare new rounds of sanctions against Russia (MarketWatch)
  36. Microsoft shares CodeQL queries to scan code for SolarWinds (like implants)
  37. SolarWinds To Spend Up To $25M On Security Following Attack
  38. CrowdStrike Slams Microsoft Over SolarWinds Hack (Unified Networking)
  39. Detecting and Responding to SolarWinds Infrastructure Attack with Cisco Secure Analytics (Cisco Blogs)
  40. SolarWinds: 4Q Earnings Snapshot | Business News (scnow.com)
  41. The Klein Law Firm Reminds Investors of Class Actions on Behalf of Shareholders of SWI, FUBO and EBIX
  42. Website Monitoring Software Market 2021 Precise Outlook – SolarWinds, AlertBot (InfoGenius), Zoho, LogicMonitor, New Relic, SmartBear, Nagios, Freshworks, Monitis (FLA News)
  43. File Integrity Monitoring Market to Watch: Solarwinds, Alienvault, Logrhythm, Trustwave, Manageengine, Trend Micro (NY Market Reports)
  44. [PDF] Global Data Archiving Software Market 2021 (SolarWinds MSP, TitanHQ, CloudBerry Lab – The Courier)
  45. Open Text : After SolarWinds, worldwide governments can trust no one (MarketScreener)
  46. The Law Offices of Frank R. Cruz Announces the Filing of a Securities Class Action on Behalf of SolarWinds Corporation (SWI) Investors | State (montereycountyweekly.com)
  47. SolarWinds (SWI) Q4 Earnings and Revenues Beat Estimates (Nasdaq)
  48. SolarWinds Announces Fourth Quarter 2020 Results (bizwire)
  49. SolarWinds: 4Q Earnings Snapshot (Lexington Herald Leader)
  50. SolarWinds Profit Forecast Trails Estimates After Hack (Bloomberg)
  51. How to Avoid Falling Victim to a SolarWinds (Style ...)
  52. Amazon com : Lack of Public Disclosure on SolarWinds Hack Angers Lawmakers (MarketScreener)
  53. SolarWinds Corp. to Host Earnings Call
  54. CrowdStrike: After The SolarWinds Breach, This Is Your Best Cybersecurity Stock (CRWD) (Seeking Alpha)
  55. Amazon’s Lack of Public Disclosure on SolarWinds Hack Angers Lawmakers (WSJ)
  56. SolarWinds Announces Fourth Quarter 2020 Results
  57. SolarWinds stock rallies after profit, revenue rise above expectations (MarketWatch)
  58. The massive Solarwinds attack is still shrouded in mystery
  59. SolarWinds: 4Q Earnings Snapshot
  60. King: SolarWinds Hack Highlights Need for Increased Deterrence of Cyberattacks
  61. SolarWinds Corp. to Host Earnings Call
  62. SolarWinds (SolarWinds Announces Fourth Quarter 2020 Results)
  63. Data Archiving Software Market 2025 Global Industry Trends and Forecast: SolarWinds MSP, TitanHQ, CloudBerry Lab, DocuXplorer Software, Jatheon Technologies, GFI Software, ShareArchiver, Relay Communications, Professional Advantage, MessageSolution (NY)
  64. More Money Won’t Prevent the Next SolarWinds - But Better Detection Strategies Will (secblvd)
  65. Katko Calls on Administration to Fully Leverage CISA Capabilities in SolarWinds Response - Committee on Homeland Security (Republicans)
  66. Cloud Monitoring Market 2025 Global Industry Trends and Forecast: CA Technologies, Solarwinds, Dynatrace, Idera, Sevone, Cloudyn, Zenoss, Datadog, Kaseya, Logicmonitor, Opsview (NY Market Reports)
  67. SolarWinds Orion Network Performance Monitor Installed (Windows) (Tenable®)
  68. Hillicon Valley: Biden signs order on chips | Hearing on media misinformation | Facebook's deal with Australia | CIA nominee on SolarWinds (hill)
  69. IPAM Software Market to See Huge Growth by 2025 (Infoblox, SolarWinds Worldwide, Cisco Systems – NY Market Reports)
  70. Tech firms say there's little doubt Russia behind major hack (LV Sun)
  71. AWS linked to SolarWinds hack - Security (CRN Australia)
  72. White House plans executive action in response to massive breach - (Defense Systems)
  73. DEADLINE ALERT: Bragar Eagel & Squire, P.C. Reminds Investors That a Class Action Lawsuit Has Been Filed Against SolarWinds Corporation and Encourages Investors to Contact the Firm (Benzinga)
  74. First Blackbaud, then SolarWinds. Supply chain cyber (attacks are proliferating – how secure is your business?)
  75. SolarWinds hackers targeted NASA, Federal Aviation Administration networks
  76. ‎16 Minutes News by a16z on Apple Podcasts
  77. SolarWinds Hackers Targeted Cloud Services as a Key Objective  (AI Trends)

Published 2021-02-24

  1. Microsoft: SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack: U.S. Senate hearing, Telecom News, ET Telecom
  2. Senator Collins Questions Technology Leaders on SolarWinds Hack That Compromised Data Across Multiple Federal Agencies (Senator Susan Collins)
  3. More Money Won’t Prevent the Next SolarWinds (But Better Detection Strategies Will)
  4. DOJ could start looking closer at cybersecurity fraud on government technology providers (FRN)
  5. Microsoft president asks Congress to force private (sector orgs to publicly admit when they've been hacked • The Register)
  6. DEADLINE ALERT: Bragar Eagel & Squire, P.C. Reminds Investors That a Class Action Lawsuit Has Been Filed Against SolarWinds Corporation and Encourages Investors to Contact the Firm (bizwire)
  7. Biden administration prepares to impose sanctions on Russia over Navalny poisoning, SolarWinds hack (english.lokmat.com)
  8. At least 1,000 engineers worked on supply chain hack, tech exec says - (GCN)
  9. Guest post: Kurt Sanger on “The ‘SolarWinds’ Hack and the Need to Reframe U.S. Cybersecurity Information Sharing” (Lawfire)
  10. Infosec expert says mandatory cyber incident reporting is worth considering in Canada (IT World Canada News)
  11. SolarWinds Corporation Investors: Last Days to Participate Activ (The Cowboy Channel)
  12. SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate
  13. Tech Talk: SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack: US Senate hearing
  14. SolarWinds Hack Leaves Entire Industry In Panic (Research Snipers)
  15. Early Edition: February 24, 2021 (Just Security)
  16. SolarWinds, Microsoft, and executives of more firms face Senate grilling (TechStory)
  17. CISA looks inward to stop future supply chain attacks - (Defense Systems)
  18. Biden signs executive order demanding supply chain security review (CyberScoop)
  19. Senate grills tech executives on SolarWinds hack (One America News Network)
  20. Tech Among Top Priorities for Biden’s CIA Director Pick (Nextgov)
  21. SolarWinds & Solorigate: What Happened, Why it Matters & What Happens Next (The Devolutions Blog)
  22. Amazon Defends Itself After Skipping SolarWinds Hearing
  23. Microsoft, FireEye, CrowdStrike, and SolarWinds Speak at US Senate Hearing Into Massive Cyberattack
  24. Senators, Tech Execs Recommend Hack Reporting Requirement (DCN)
  25. Marco Rubio on SolarWinds Hack: ‘Many Concerning Aspects to This Operation That Raise Significant Questions’ (Florida Daily)
  26. US to impose sanctions on Russia over Navalny poisoning, SolarWinds hack (Business Standard News)
  27. DDoS in hybrid war. Accellion compromise attributed. Initial access brokers. Agile C2 for botnets. US Senate’s SolarWinds hearing. US DHS cyber strategy. Shiny new phishbait.
  28. Google’s been lobbying for more scrutiny into Microsoft’s liability for SolarWinds hack » OnMSFT.com
  29. Sens. Mull Cyberattack Reporting Law At SolarWinds Hearing (Law360)
  30. SolarWinds attackers lurked for ‘several months’ in FireEye’s network (Urgent Comms)
  31. SolarWinds fallout sparks calls for mandatory incident reporting, repercussions after cyber attacks (FRN)
  32. The big takeaway from the Senate's SolarWinds hearing (Axios)
  33. SolarWinds hack was work of more than 1,000 engineers: Microsoft, World News (wionews.com)
  34. SWI Shareholder Alert: Bronstein, Gewirtz & Grossman, LLC Reminds SolarWinds Corporation Shareholders of Class Action and Encourages Shareholders to Contact the Firm
  35. FireEye CEO on how the SolarWinds hack was discovered (CNN Video)
  36. Partners: AWS Must Come Clean On Role In SolarWinds Hack
  37. Senate SolarWinds Hearing: 4 Key Issues Raised
  38. Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries
  39. Lawmakers urge notification law in wake of Russia SolarWinds hack
  40. 10 Boldest Statements From The SolarWinds Senate Hearing
  41. CrowdStrike Slams Microsoft Over SolarWinds Hack (Infosecurity Magazine)
  42. Massive SolarWinds Hack Prompts Calls for U.S. Law Requiring Cyber Breach Reporting
  43. More SolarWinds Hack Victims Yet to Be Publicly Identified, Tech Executives Say (WSJ)
  44. SolarWinds not the only company used to hack targets, tech execs say at hearing (CNET)
  45. SolarWinds Attackers Lurked for 'Several Months' in ...
  46. Ryuk Ransomware Gang, Cryptocurrency Fortunes & SolarWinds - InfoSec Round-Up Jan 17th | InfoSec Round-Up by Hut Six Security | Podcasts on Audible (Audible.com)
  47. ‎Malicious Life: Special: The SolarWinds Hack on Apple Podcasts
  48. Cyber Risk Management in the Wake of SolarWinds (USC Event Calendar)
  49. 'Russian' hackers targeted NASA as part of SolarWinds attack (MENAFN.COM)
  50. Senate Intelligence Committee Examines SolarWinds Hack (UPI)
  51. SolarWinds to Showcase Database Management Solutions at Microsoft Ignite 2021
  52. List of 1213 SolarWinds Employees - Find Emails & Phones - SignalHire (Page 6)
  53. Global Deep Packet Inspection And Processing Market Analysis, Size, Share, Growth, Trends And Forecast 2027 (IBM Corporation; Cisco; Juniper Networks, Inc.; Broadcom.; SolarWinds Worldwide, LLC.; VIAVI Solutions Inc.; NETSCOUT; LogRhythm, Inc.; Qosmos Te)
  54. The US Senate just grilled Microsoft and SolarWinds over last year's historic cyberattack. Here's what happened.
  55. SolarWinds cybersecurity breach: How it happened and Biden’s response (The Anchor)
  56. Hearings (Intelligence Committee)
  57. Tech firms say there's little doubt Russia behind major hack (StarTribune)
  58. SolarWinds hack worse than thought -Senate panel (Reuters)
  59. SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack - U.S. Senate hearing (Reuters)
  60. SolarWinds, Microsoft, FireEye, CrowdStrike executives face U.S. Senate grilling | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
  61. Tech firms say there's little doubt Russia behind major hack
  62. Capitol Hill’s busy day: Confirmation hearings, updates on the Russian hacking attack and more. (nyt)
  63. A digital strategy to defend the nation (Microsoft On the Issues)
  64. After Russian Cyberattack, Looking for Answers and Debating Retaliation (nyt)
  65. SolarWinds hack worse than thought (Senate panel)
  66. Google trying to put Microsoft on the spot at SolarWinds hearing
  67. SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack (U.S. Senate hearing)
  68. STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R) (SANS Institute)
  69. The US Senate is grilling Microsoft and SolarWinds over last year's historic cyberattack (Markets Insider)
  70. SolarWinds attack could have happened to anyone, CEO says - (GCN)

Published 2021-02-23

  1. Understanding the Results of the Audit of the DoD FY 2020 Financial Statements > Department of Defense Office of Inspector General > DoD OIG Reports
  2. Biden administration prepares to impose sanctions on Russia over Navalny poisoning and SolarWinds hack (CNNPolitics)
  3. Microsoft exec Brad Smith praises FireEye in SolarWinds hack testimony
  4. Committee on Homeland Security (Letter from John Katko)
  5. Essays: Why Was SolarWinds So Vulnerable to a Hack? (Schneier)
  6. Tech Executives Call for Improved Public (Private Coordination After SolarWinds Hack)
  7. Microsoft, FireEye push for breach reporting rules after SolarWinds hack (hill)
  8. SolarWinds Hack Bigger, More Dangerous than Previously Thought, Tech Execs Warn (VOA)
  9. Solarwinds hearing stresses breach disclosure mandates (scmedia)
  10. SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate | Technology (Guardian)
  11. Network Optimization Services Market 2021 to Global Forecast 2026 By Major Players – Solarwinds, Cisco Systems, Huawei, Nokia, ZTE, Infovista, Citrix, Fatpipe Networks, Netscout Systems, Silver Peak, Array Networks (The Bisouv Network)
  12. Sensitive Data Discovery Market 2020:Global Industry Size, Analysis, Growth Factors, Key Companies, Regional Outlook, Future Insights Till 2026 | IBM, Microsoft, Oracle, AWS, Proofpoint, Google, SolarWinds, – KSU (Sentinel)
  13. Network Monitoring Software Market Global Outlook 2021-2026: CA Technologies, GFI Software, IBM, Solarwinds, Auvik Networks, Manage Engine – KSU (Sentinel)
  14. SolarWinds Shareholder Alert
  15. The Compromise of SolarWinds Orion
  16. Today’s Headlines and Commentary (Lawfare)
  17. SolarWinds hack worse than thought (Senate panel)
  18. The Scale of the SolarWinds Breach Is Still Unclear, Executives Say (nyt)
  19. Executives testify SolarWinds hack was of unprecedented scale, scope (UPI)
  20. Palo Alto Networks Posts First $1 Billion Sales Quarter (DCN)
  21. Hillicon Valley: Companies urge action at SolarWinds hearing | Facebook lifts Australian news ban | Biden to take action against Russia in 'weeks' (hill)
  22. Broadband Breakfast: SolarWinds CEO Says Hack Shows Need for Information (Sharing Between Industry and Government)
  23. WATCH LIVE: Senate committee hears testimony on SolarWinds hack | WPBS (Serving Northern New York and Eastern Ontario)
  24. SolarWinds Hack: Vital Lessons for Integrators SoloarWinds Hack
  25. FireEye (NASDAQ:FEYE), (CRWD) - SolarWinds, Microsoft, FireEye, CrowdStrike To Testify In Senate In Russian Cyber Hack Case (Benzinga)
  26. CISA, DHS Bolster State and Local Cybersecurity Programs (Nextgov)
  27. U.S. Senators: AWS Infrastructure Used In SolarWinds Attack
  28. Paramount Defenses Opens Online Store to Empower Organizations Worldwide
  29. SolarWinds, Microsoft, FireEye, CrowdStrike Executives Face Senate Grilling
  30. US to sanction Russia for mass hack, Navalny poisoning
  31. SolarWinds, Microsoft, FireEye, CrowdStrike executives face U.S. Senate grilling (Nasdaq)
  32. Biden administration plans to sanction Russia for SolarWinds hacks, poisoning of opposition leader (The Boston Globe)
  33. SolarWinds, Microsoft, FireEye, CrowdStrike executives face Senate grilling (Reuters)
  34. Microsoft says it notified 60 customers of SolarWinds breach (U.S. Senate panel hearing)
  35. SolarWinds hackers targeted NASA, Federal Aviation Administration networks (TechCrunch)
  36. SolarWinds Hack Grabs Senate Spotlight With CEO in the Hot Seat (Bloomberg)
  37. Mayorkas Announces Initial Plans To Bolster U.S. Cyber Security; SolarWinds CEO Has Ideas Too (IIOT Connection)
  38. WTH is Russia doing cyberattacking the United States? David Sanger on the SolarWinds hack and the future of American cyber security | What the Hell Is Going On | Podcasts on Audible (Audible.com)
  39. Lawmakers grill SolarWinds CEO on devastating hack (WSM-FM1)
  40. The Anatomy of the SolarWinds Attack Chain
  41. Network security relies on careful scrutiny
  42. IBM CEO Says He Feels ‘Sorry’ For SolarWinds, Cybersecurity ‘Biggest Issue’ For Tech Industry
  43. House committees to hold February 26 hearing on 'SolarWinds' hack (Gadgets Now)
  44. SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack - U.S. Senate hearing (Reuters)
  45. After SolarWinds hack, the U.S. must prioritize cybersecurity (Idaho Business Review)
  46. MSP Software Provider Atera Raises $25M From K1 (ChannelE2E)
  47. The Anatomy of the SolarWinds Attack Chain (secblvd)
  48. Biden administration planning to sanction Russia for SolarWinds hacks (wapo)
  49. Have Insiders Been Selling SolarWinds Corporation (NYSE:SWI) Shares? (Simply Wall St News)
  50. Newscan: SolarWinds CEO recommends liability protections for sharing information about incidents (Urgent Comms)
  51. Best Practices for Strengthening Your Organization’s Overall Security Posture (Manufacturing Business Technology)
  52. Health care bore brunt of cyberattacks in 2020, study says (Roll Call)
  53. Network Optimization Services Market Evolving Technology and Growth Outlook 2020 to 2026 | Solarwinds, Cisco Systems, Huawei, Nokia, ZTE, Infovista, Citrix, Fatpipe Networks – KSU (Sentinel)
  54. SolarWinds to Showcase Database Management Solutions at Microsoft Ignite 2021
  55. Opinion (Why Was SolarWinds So Vulnerable to a Hack? - The New York Times)
  56. Patch Management Market Opportunities (Industry Report by SolarWinds, ConnectWise, Oracle, Chef Software, GFI Software, Automox, SysAid Technologies and ManageEngine – NY Market Reports)
  57. State (sponsored cyber attacks have corporates worried)
  58. What's Scarier Than the SolarWinds Breach? (secblvd)
  59. Website Monitoring Software Market 2020-2026 (SolarWinds, Zoho, SmartBear, LogicMonitor, New Relic, Freshworks, Datadog, Nagios – The Courier)
  60. Data Archiving Software Market to 2027 – SolarWinds MSP, TitanHQ, CloudBerry Lab and Others (NY Market Reports)
  61. US House committees to hold Feb 26 hearing on 'SolarWinds' hack (CNA)
  62. SolarWinds CEO to Testify at Second Hearing Friday; He Offers Details Now

Published 2021-02-22

  1. New York issues cyber insurance framework as ransomware, SolarWinds costs mount (TechCentral.ie)
  2. Cisco Application Policy Infrastructure Controller vs SolarWinds - Overview, H2H, and More (Slintel)
  3. Orion SDK - The Orion Platform (THWACK)
  4. SolarWinds N-central vs EuVantage (2021 Feature and Pricing Comparison)
  5. Investigation of SolarWinds Corporation (Robbins LLP)
  6. SHAREHOLDER ALERT: SWI PEN OTGLY: The Law Offices of Vincent Wong Reminds Investors of Important Class Action Deadlines
  7. US House Committees to Hold Hearing on SolarWinds Hack on 26 February (Sputnik)
  8. SolarWinds CEO: This could have happened to anyone - (FCW)
  9. SolarWinds Cyberattack Cleanup Costs: SWI Earnings, Senate & House Hearings May Provide Clues (MSSP Alert)
  10. Implications of SolarWinds Hack on Your Cyber Practices
  11. SolarWinds Deadline Alert
  12. VMware Marketplace: SolarWinds Content Pack
  13. Mayorkas Announces Initial Plans To Bolster U.S. Cyber Security; SolarWinds CEO Has Ideas Too
  14. The SolarWinds Breach Is a Wakeup Call to CISOs (InfoSystems)
  15. SolarWinds Cyber Attack: February 24 Webinar Will Address Lessons Learned
  16. Anatomy of the SolarWinds Attack: Five Types of Malware (Blumira)
  17. Biden speech pledges international cooperation on cyber - (Washington Technology)
  18. Shareholder Alert: Robbins LLP is Investigating SolarWinds Corporation (SWI) on Behalf of Shareholders (bizwire)
  19. Lessons Learned from a Cyberattack: A Conversation with SolarWinds (Part 1 of 2) (Center for Strategic and International Studies)
  20. Biden Wants International “Rules” to Combat Alleged Russian, Chinese Cyberattacks (MSSP Alert)
  21. Palo Alto Networks CEO: XDR Protected Us From SolarWinds Attack (SDxCentral)
  22. Senate Committee to Hear Testimony Surrounding Major SolarWinds Cybersecurity Breach on Cheddar
  23. Cyber Attacks on U.S. Need to Be Handled Differently, Says Sen. Warner (Bloomberg)
  24. Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report (tpost)
  25. SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings
  26. SolarWinds CEO Recommends Liability Protections for Sharing Information about Incidents  (Nextgov)
  27. N-able: The Path Forward for the Former SolarWinds MSP (ChannelE2E)
  28. Microsoft: SolarWinds Hackers Viewed, Downloaded Source Code for Azure, Intune, Exchange Components (My TechDecisions)
  29. U.S. House committees to hold Feb 26 hearing on 'SolarWinds' hack (Reuters)
  30. SolarWinds hearing announced by House committees (CNET)
  31. U.S. House committees to hold Feb 26 hearing on 'SolarWinds' hack (Reuters)
  32. SolarWinds hearings will test cybersecurity cooperation, experts say
  33. In the SolarWinds Hack Microsoft Lost The Source Code For 3 Products
  34. SolarWinds Announces Earnings Call Time Change: Fourth Quarter and Full Year 2020 Earnings Call to Occur on Thursday, February 25 at 7:30 AM CT
  35. Hiding in plain sight: What the SolarWinds attack revealed about efficacy (Urgent Comms)
  36. U.S. House committees to hold Feb 26 hearing on ‘SolarWinds’ hack | The Mighty 790 KFGO (KFGO)
  37. New York issues cyber insurance framework as ransomware, SolarWinds costs mount (CSO Online)

Published 2021-02-21

  1. SolarWinds Case 1:21-cv-00138-RP Order to consolidate class actions (DocumentCloud)
  2. White House security adviser says response to SolarWinds hack will come in weeks | WKZO | Everything Kalamazoo (590 AM · 106.9 FM)
  3. Top Biden Adviser Suggests Russia Could See U.S. Response To SolarWinds Hack Within 'Weeks'
  4. Biden official: SolarWinds attack response may come within weeks
  5. White House says it will hold those responsible for SolarWinds hack accountable within weeks (CNNPolitics)

Published 2021-02-20

  1. BREAKING ALERT: ROSEN, A LEADING AND LONGSTANDING LAW FIRM, Encourages SolarWinds Corporation Investors with Large Losses to Secure Counsel Before Important March 5 Deadline (SWI)
  2. Neuberger: Private (Sector Partnership ‘Core’ in Fixing Huge Hack, Building Better Defenses – Homeland Security Today)

Published 2021-02-19

  1. Microsoft: SolarWinds hackers studied Microsoft source code for authentication and email, Telecom News, ET Telecom
  2. Microsoft Conclusion on SolarWinds Hack 'Conflicts' with Other Messages
  3. US Senate Intelligence Committee To Hold Hearing On SolarWinds Hack February 23 - Notice (UrduPoint)
  4. Microsoft posts final update on Solarwinds attack, reveals which Microsoft product source code hackers were targeting (MSPoweruser)
  5. Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code (tpost)
  6. Microsoft suggest companies “adopt a zero trust mindset” as it closes SolarWinds internal investigation » OnMSFT.com
  7. Microsoft Concludes Its SolarWinds Investigation (Thurrott.com)
  8. SolarWinds cyberhack is a blow. The US must prioritize cybersecurity now | Columns (idahostatejournal.com)
  9. Suspected Russian hack fuels new US action on cybersecurity (ABC News)
  10. Massive breach fuels calls for US action on cybersecurity - U.S. (Stripes)
  11. 5 minutes with Michael Bahar - The aftermath of the SolarWinds Orion breach | 2021-02-19 (Security Magazine)
  12. Network Traffic Analyzer Industry- Exclusive Market Research Report (SolarWinds, Netscout and more. – NeighborWebSJ)
  13. Massive breach fuels calls for US action on cybersecurity (WAVY.com)

Published 2021-02-18

  1. Turning the page on Solorigate and opening the next chapter for the security community (MS Security)
  2. Microsoft wraps SolarWinds probe, nudges companies toward zero trust
  3. Apiiro Releases Industry’s First Solution That Detects and Prevents the Attack Used Against Solarwinds
  4. What financial services should learn from the SolarWinds cyber attack
  5. White House Prepping Multi-Part Executive Order on SolarWinds Hack (Defense One)
  6. Senate Intelligence panel to hold hearing on SolarWinds breach next week (hill)
  7. U.S. Senate panel to hold Feb 23 hearing on 'SolarWinds' hack (Reuters)
  8. Hiding in Plain Sight: What the SolarWinds Attack ...
  9. SolarWinds Hackers Stole Some Source Code for Microsoft Azure, Exchange, Intune
  10. SolarWinds hackers studied Microsoft source code for authentication and email (Reuters)
  11. Microsoft says SolarWinds hackers stole source code for 3 products (ars)
  12. SolarWinds (SWI) Earnings Expected to Grow: What to Know Ahead of Next Week's Release (Nasdaq)
  13. SHAREHOLDER ALERT: Pomerantz Law Firm Reminds Shareholders with Losses on their Investment in SolarWinds Corporation of Class Action Lawsuit and Up Coming Deadline (SWI)
  14. SHAREHOLDER ALERT: Levi & Korsinsky, LLP Notifies Shareholders of SolarWinds Corporation of a Class Action Lawsuit and a Lead Plaintiff Deadline of March 5, 2021 (SWI)
  15. Hillicon Valley: Congress prepares to hold hearing on SolarWinds breach, Big Tech content moderation | Tensions rise between Capitol Hill and Facebook, Google over news distribution (hill)
  16. U.S. Senate panel to hold Feb 23 hearing on 'SolarWinds' hack (Reuters)
  17. SolarWinds fallout has enterprise CISOs on edge
  18. SolarWinds attack hit 100 companies and took months of planning, says White House (ZDNet)
  19. Microsoft Internal Solorigate Investigation – Final Update (Microsoft Security Response Center)
  20. Microsoft says SolarWinds hackers downloaded some Azure, Exchange, and Intune source code (ZDNet)
  21. Digital Offense Capabilities Are Currently Net Negative for the Security Ecosystem
  22. Occam’s Razor — A SolarWinds Perspective for Law Firms (Legal Talk Network)
  23. The SolarWinds hackers could be in US government computers for a long time. Here’s our next move (Bulletin of the Atomic Scientists)
  24. White House now says 100 companies hit by SolarWinds hack, but more may be impacted (Verge)
  25. Norway’s 11179 billion NOK wealth fund affected by the SolarWinds hack (DN)

Published 2021-02-17

  1. CyberArk Labs: The Anatomy of the SolarWinds Attack (Techwire)
  2. SolarWinds Hacked From Inside U.S., 100+ Orgs Compromised
  3. Thread by @NatashaBertrand on Thread Reader App (Thread Reader App)
  4. Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)
  5. Biden to take 'executive action' to address SolarWinds breach (hill)
  6. The Solarwinds Hack Is A One Of A Kind And Not The Norm (Information Security Buzz)
  7. SolarWinds (style email compromise attacks go mainstream)
  8. SWI BREAKING ALERT: ROSEN, A TRUSTED AND LEADING LAW FIRM, Encourages SolarWinds Corporation Investors with Large Losses to Secure Counsel Before Important Deadline – SWI | Business (valdostadailytimes.com)
  9. The U.S. Needs a Cyber State of Distress to Withstand the Next SolarWinds (Lawfare)
  10. Suspected Russian Hackers Used U.S. Networks, Official Says (Bloomberg)
  11. Risk & Repeat: SolarWinds and the hacking back debate
  12. SolarWinds Shareholder Alert
  13. SolarWinds Investor Relations: Berger Montague Announces Expanded Class Period for Investigation of Alleged Securities Fraud Against SolarWinds Corporation (NYSE: SWI); Encourages Investors with Losses in Excess of $100,000 to Secure Counsel; Lead Plainti
  14. Press Briefing by Press Secretary Jen Psaki and Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger, February 17, 2021 (The White House)

Published 2021-02-16

  1. SolarWinds Hack and the Case of DNS Security (secblvd)
  2. SolarWinds: Microsoft Reveals New Details About Sophisticated Mega (Breach)
  3. The "largest and most sophisticated hack ever" - The Backstory with Matt Bevan - RN Breakfast (ABC Radio National)
  4. France Just Suffered A Very 'Solar Winds' (Like Cyberattack)
  5. SolarWinds: Microsoft Reveals New Details About Sophisticated Mega (Breach)
  6. CyberArk Virtual Event - (The Anatomy of the SolarWinds Attack)

Published 2021-02-15

  1. Microsoft: SolarWinds hack was 'largest and most sophisticated attack' ever: Microsoft president Brad Smith, Telecom News, ET Telecom
  2. Former top cybersecurity official on why U.S. intelligence missed Russia's SolarWinds hack
  3. Many SolarWinds Customers Failed to Secure Systems Following Hack (SecurityWeek.Com)
  4. Microsoft: SolarWinds attack took more than 1,000 engineers to create (ZDNet)
  5. France Ties Russia's Sandworm to a Multiyear Hacking Spree (WIRED)
  6. Microsoft says it found 1,000 (plus developers' fingerprints on the SolarWinds attack • The Register)
  7. Cybersecurity experts say U.S. needs to strike back after SolarWinds hack
  8. SolarWinds Hack Was 'Largest and Most Sophisticated Attack' Ever, Microsoft President Brad Smith Says (Technology News)

Published 2021-02-14

  1. SolarWinds hack was 'largest and most sophisticated attack' ever (Microsoft president)
  2. Cybersecurity experts say U.S. needs to strike back after SolarWinds hack (CBS News)
  3. SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments (CBS News)
  4. SolarWinds hack was 'largest and most sophisticated attack' ever: Microsoft president (Reuters)

Published 2021-02-12

  1. US Court system demands massive changes to court documents after SolarWinds hack (TechRepublic)
  2. Arctic Security (SolarWinds: Going beyond attribution - all in a day’s work for a Bicycle Repair Man)
  3. On SolarWinds, Supply Chains and Enterprise Networks

Published 2021-02-11

  1. The Hack Roundup: White House Says Neuberger Leading Federal Response (Nextgov)
  2. 7 Things We Know So Far About the SolarWinds Attacks
  3. Symantec Enterprise Podcasts
  4. White House Names SolarWinds Response Leader Amid Criticism (SecurityWeek.Com)
  5. SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover (tpost)
  6. Software supply chain attacks – everything you need to know (The Daily Swig)
  7. Zero Day Initiative — Three More Bugs in Orion’s Belt

Published 2021-02-10

  1. Experts Tell Lawmakers to Give CISA 'Operational' Federal Information Security Role (Nextgov)
  2. SOLARWINDS INVESTOR ALERT: Shareholder Lawsuit Filed
  3. White House Announces Senior Official Is Leading Inquiry Into SolarWinds Hacking (nyt)
  4. VirusTotal
  5. CISA, SolarWinds up interest in security scoring (scmedia)
  6. New cyber panel chair zeros in on election security, SolarWinds hack (hill)
  7. White House Names Cybersecurity Expert to Lead Response to SolarWinds Hack (WSJ)
  8. US Coast Guard orders maritime facilities to report SolarWinds breaches
  9. Supply chain security is actually worse than we think (ZDNet)

Published 2021-02-09

  1. Experts laud SolarWinds post-attack efforts, but why’d it take a massive cyber incident to make changes? (FRN)
  2. Essential Threat Intelligence: Importance of Fundamentals in Identifying IOCs (Webroot)
  3. Senators: U.S. response to huge SolarWinds hack has been 'disjointed and disorganized'
  4. Our systems weren’t the entry point for SolarWinds attackers, says Microsoft (Channel Daily News)
  5. SolarWinds Shines Spotlight on Supply Chain Risks (CSO Online)
  6. Senate Select Committee on Intelligence letter to DNI
  7. SolarWinds Recovery May Require Extreme Actions
  8. SolarWinds security to-do list post hack (Utility Dive)

Published 2021-02-08

  1. VirusTotal
  2. MAR-10318845-1.v1 - SUNBURST (CISA)
  3. After SolarWinds Attack, Courts Revert to Paper for Secrets
  4. The Right Response to SolarWinds (CoFR)
  5. SolarWinds Fallout: Practices to strengthen data protection - (GCN)
  6. A Key Step in Preventing a Future SolarWinds (Just Security)

Published 2021-02-07

  1. SolarWinds CEO: “SolarWinds Orion Development Program was Exploited by the Hackers” - E Hacking News (Latest Hacker News and IT Security News)
  2. SOLARWINDS UPDATE

Published 2021-02-05

  1. Secure by Design: Our Plan for a Safer SolarWinds and Customer Community (Orange Matter)
  2. Microsoft: No Evidence SolarWinds Was Hacked Via Office 365
  3. Multiple new flaws uncovered in SolarWinds software just weeks after high-profile supply chain attack (The Daily Swig)
  4. Microsoft warns of increasing OAuth Office 365 phishing attacks
  5. Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
  6. Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
  7. Multiple new SolarWinds vulnerabilities have been uncovered (TechRadar)
  8. SolarWinds fallout could last for years, as power industry secures vulnerable equipment: Dragos CEO (Utility Dive)

Published 2021-02-04

  1. SolarWinds chases multiple leads in breach investigation
  2. Alex Stamos Attributes SolarWinds Hack To Russian Intel Service
  3. SolarWinds CEO Confirms Office 365 Email ‘Compromise’ Played Role In Broad (Based Attack)
  4. Another SolarWinds Orion Hack (Schneier)

Published 2021-02-03

  1. The long tail of the SolarWinds breach (Axios)
  2. SolarWinds patches three newly discovered software vulnerabilities (ZDNet)
  3. Nearly One (Third of Attack Targets Weren’t Running SolarWinds)
  4. ‘Severe’ SolarWinds Vulnerabilities Allow Hackers To Take Over Servers
  5. Hackers had access to SolarWinds email system for months: report (hill)
  6. Chinese threat actor may have exploited SolarWinds. New SolarWinds vulnerabilities reported. Spyware in South Sudan. BEC gift card scams rise.
  7. More SolarWinds News (secblvd)
  8. FireEye stock falls as analysts debate effects of massive SolarWinds hack (MarketWatch)
  9. Second SolarWinds Attack Group Breaks into USDA Payroll — Report (tpost)
  10. More exploitable flaws found in SolarWinds software, says cybersecurity firm
  11. Continuing Our Journey to Becoming Secure by Design (Orange Matter)
  12. Findings From Our Ongoing Investigations (Orange Matter)
  13. Mimecast To Lay Off 80 Workers Weeks After Disclosing Hack
  14. More SolarWinds News (Schneier)
  15. Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities (Trustwave)
  16. 3 New Severe Security Vulnerabilities Found In SolarWinds Software

Published 2021-02-02

  1. Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources (Reuters)
  2. US payroll agency targeted by Chinese hackers: report (hill)
  3. Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says (WSJ)
  4. Kevin Mandia: Discovering SolarWinds Hack ‘Validates Our Intelligence and Expertise’
  5. The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack — ProPublica
  6. GitHub (cisagov/Sparrow: Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.)

Published 2021-02-01

  1. Audit of DoD Actions Taken to Protect DoD Information Network Resulting From the SolarWinds Orion Compromise
  2. This is How They Tell Me the World Ends
  3. The Next Cyberattack Is Already Under Way (The New Yorker)
  4. SolarWinds Hackers Cast a Wide Net (BankInfoSecurity)
  5. SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat (tpost)
  6. Azure-Sentinel/RareProcbyServiceAccount.yaml at master · Azure/Azure (Sentinel · GitHub)

Published 2021-01-31

  1. Russian hack brings changes, uncertainty to US court system

Published 2021-01-29

  1. Does SolarWinds change the rules in offensive cyber? Experts say no, but offer alternatives (scmedia)
  2. SolarWinds attack is not an outlier, but a moment of reckoning for security industry, says Microsoft exec (ZDNet)
  3. Manufacturing particularly at risk of Solorigate (linked breaches)
  4. Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say (WSJ)
  5. Security Advisory FAQ (SolarWinds)

Published 2021-01-28

  1. SolarWinds Hackers Hit Qualys, Other Cybersecurity Vendors (SDxCentral)
  2. CISA Warns of New Malware Threat to Vulnerable SolarWinds Orion Tech
  3. Most Tools Failed to Detect the SolarWinds Malware. Those That Did Failed Too (CoFR)
  4. Russia’s SolarWinds Attack and Software Security (Schneier)

Published 2021-01-27

  1. Tips to harden Active Directory against SolarWinds-type attacks (CSO Online)
  2. Fidelis Targeted By SolarWinds Hackers After Installing Orion
  3. Azure-Sentinel/MailPermissionsAddedToApplication.yaml at master · Azure/Azure (Sentinel · GitHub)

Published 2021-01-26

  1. Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access
  2. Adam Orton on Twitter: "@mikko @netresec @craiu Does "this was a lab machine" not pass anyone elses sniff test? Or just me?" / Twitter
  3. Ongoing Analysis of SolarWinds Impacts (Fidelis Cybersecurity)
  4. Important Security Update (Mimecast Blog)
  5. Four security vendors disclose SolarWinds-related incidents (ZDNet)

Published 2021-01-25

  1. 5 Security Vendors That Have Reported Cyberattacks Since December
  2. Twenty-three SUNBURST Targets Identified (NETRESEC Blog)
  3. SolarWinds Hacks: Virginia Regulator And $5 Billion Cybersecurity Firm Confirmed As Targets
  4. Hackers exploit U.S. Agency Supply Chain (IT Security Guru)
  5. White House Removes Spokeswoman at Agency Responding to SolarWinds Hack (WSJ)

Published 2021-01-24

  1. SolarWinds Corporation (NYSE: SWI)
  2. Validating the SolarWinds N-central “Dumpster Diver” Vulnerability | by Kyle Hanslovan (Huntress)

Published 2021-01-22

  1. New malware uncovered by experts examining SolarWinds strike Blog (Galaxkey)
  2. President Biden Orders SolarWinds Intelligence Assessment
  3. ConnectWise Control MSP Security Vulnerabilities Are ‘Severe:’ Bishop Fox

Published 2021-01-21

  1. Spared Direct Hit, Law Firms Could Still Face SolarWinds Cyber Fallout (Legaltech News)
  2. Here's How SolarWinds Hackers Stayed Undetected for Long Enough
  3. Takeaways for Microsoft cloud customers and partners after the SolarWinds breach (MSCloudNews)
  4. Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so long (ZDNet)
  5. Biden Orders Sweeping Assessment of Russian Hacking, Even While Renewing Nuclear Treaty (nyt)
  6. Biden administration to seek five-year extension on key nuclear arms treaty in first foray with Russia (wapo)
  7. Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor

Published 2021-01-20

  1. Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop (MS Security)
  2. Microsoft Releases New Info on SolarWinds Attack Chain
  3. SolarWinds Hackers Access Malwarebytes’ Office 365 Emails
  4. President Biden Announces American Rescue Plan (The White House)

Published 2021-01-19

  1. SolarWinds: 9 federal agencies and about 100 companies hit by SolarWinds hack: The White House, Telecom News, ET Telecom
  2. Defense nominee favors proactive cyber posture
  3. Incoming Biden administration looks to shake up US cybersecurity policy (The Daily Swig)
  4. After SolarWinds, the U.S. can trust no one (Fortune)
  5. SolarWinds Attack Underscores 'New Dimension' in ...
  6. Fourth malware strain discovered in SolarWinds incident (ZDNet)
  7. Injecting a Backdoor into SolarWinds Orion (Schneier)
  8. SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm
  9. Malwarebytes says SolarWinds hackers accessed its internal emails
  10. Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments - Malwarebytes Labs (Malwarebytes Labs)
  11. Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
  12. Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (fireeye)
  13. Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack
  14. A New SolarWinds Malware Strain Is Discovered
  15. The aftermath of the SolarWinds breach: Organizations need to be more vigilant (TechRepublic)
  16. Malwarebytes said it was hacked by the same group who breached SolarWinds (ZDNet)
  17. Azure-Sentinel/FirstAppOrServicePrincipalCredential.yaml at master · Azure/Azure (Sentinel · GitHub)

Published 2021-01-18

  1. Google Cloud: We do use some SolarWinds, but we weren't affected by mega hack (ZDNet)
  2. Raindrop: New Malware Discovered in SolarWinds Investigation (Symantec Blogs)

Published 2021-01-17

  1. GitHub - fireeye/Mandiant-Azure-AD (Investigator)
  2. Cyber Threat Intel Analysis and Expansion of SolarWinds Identified IoCs
  3. SolarWinds Deadline Alert

Published 2021-01-16

  1. A closer look at the SolarWinds hack (Cyprus Mail)
  2. American Public Reticent to Retaliate Against SolarWinds Hack (The National Interest)
  3. SolarWinds Update
  4. Cybersecurity Stocks that Lagged in 2020 Could Get Boost from SolarWinds Hack (RealMoney)
  5. Mimecast Cert Compromised to Target Inboxes in “Sophisticated” Attack (Infosecurity Magazine)
  6. Hackers abusing Mimecast certs to target Microsoft 365 users

Published 2021-01-15

  1. Cyber ‘Deterrence’: A Brexit Analogy (Lawfare)
  2. IOTW: As The SolarWinds Hack Investigation Continues, New Insights Reveal A New Suspect (Cyber Security Hub)
  3. The Cybersecurity 202: Sen. Mark Warner plans breach-notification debate in wake of SolarWinds hack (wapo)
  4. SolarWinds Supply Chain Hack: Investigation Update
  5. SOLARWINDS INVESTORS: March 5, 2021 Filing Deadline in Shareholder Class Action – Contact Lieff Cabraser (bizwire)
  6. SolarWinds fallout makes secure communications a critical first line of defense - (FCW)
  7. SWI INVESTOR FRAUD LAWSUIT: Hagens Berman Alerts SolarWinds (SWI) Investors to Securities Fraud Lawsuit and Encourages Investors with Losses to Contact Firm Now
  8. SolarWinds Says It’s Closer to Finding Source of Cyberattack
  9. SolarWinds Cyber-Attack Has Significant Implications for Developers and Contractors (Robinson+Cole Data Privacy + Security Insider - JDSupra)
  10. SolarWinds Close to Figuring Out How Cyberattack Occurred
  11. Understanding third-party hacks in the aftermath of the SolarWinds breach (Help Net Security)
  12. Some UW Campuses That Contract With SolarWinds IT Provider Exploited In National Cyberattack (Wisconsin Public Radio)
  13. Google’s approach to secure software development and supply chain risk management (Google Cloud Blog)
  14. Sunburst Malware Information (FireEye)
  15. DoJ confirms email accounts breached by SolarWinds hackers | Hacking (Guardian)

Published 2021-01-14

  1. Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender (MS Security)
  2. Published (Zero Day Initiative)
  3. Kaspersky experts connect SolarWinds attack with Kazuar backdoor
  4. The Cybersecurity 202: NSA cyber chief Anne Neuberger is heading to the Biden White House (wapo)
  5. SolarWinds Hack Forces Reckoning With Supply-Chain Security (WSJ)
  6. The Devil’s in the Details: SUNBURST Attribution
  7. From the Bronze Soldier to Solarwinds, tracking unfettered Kremlin disruption across 15 years  (Great Power)
  8. What the SolarWinds hack really tells us (TechBeacon)
  9. SolarWinds CEO: Company Might Not Be the Only Compromise (My TechDecisions)
  10. Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender (MS Security)
  11. ROSEN, RESPECTED INVESTOR COUNSEL, Reminds SolarWinds Corporation Investors of Important March 5 Deadline in First Filed Securities Class Action Commenced by the Firm; Encourages Investors with Losses in Excess of $100K to Contact the Firm (SWI)
  12. Cybersecurity Pioneer Cyemptive Technologies Cautions Entities About the Depth and Breadth of the Recent SolarWinds Cyber Incident; Provides First Reliable Solution to Address Such Invasive Attacks (bizwire)
  13. FireEye not ready to ascribe SolarWinds hack to Russia - (FCW)
  14. Microsoft’s Smith Talks ‘WarGames,’ SolarWinds Hack at CES (SDxCentral)
  15. SolarWinds Cyber (Attack Affects Developers and Contractors)
  16. CORRECTING and REPLACING Intact Technology, Inc. Develops an Alternative Solution to SolarWinds Orion (bizwire)
  17. SolarWinds Hack Could Cost Cyber Insurance Firms $90 Million
  18. SolarWinds defense: How to stop similar attacks (ZDNet)
  19. The SolarWinds Hack Was Huge. JPMorgan Is Defending the Stock. (Barron's)
  20. Cybersecurity firm identifies third SolarWinds hack malware strain (FoxBiz)
  21. Third-Party Risk Management (TPRM) Best Practices (View Webinar)
  22. Protect Against Supply Chain Cyber Attacks (SecureLink eBook)

Published 2021-01-13

  1. Preventing Supply Chain Attacks like SolarWinds (Linux Foundation)
  2. Mimecast breach investigators probe possible SolarWinds connection (CyberScoop)
  3. Brazen SolarWinds Hackers Offer Alleged Windows 10 Source Code For $600,000 (HotHardware)
  4. SHAREHOLDER ALERT: WeissLaw LLP Investigates SolarWinds Corporation
  5. SOLARWINDS INVESTOR ALERT: Class Action Lawsuit Filed
  6. Expect more SolarWinds victims, national security official says - (GCN)
  7. SWI INVESTORS ACT FAST: Hagens Berman Alerts SolarWinds (SWI) Investors to Securities Fraud Lawsuit and Encourages Investors with Losses to Contact Firm Now
  8. Microsoft President Brad Smith: SolarWinds Attack Violated ‘Norms And Rules’ Of Government Activities
  9. SolarWinds: Between The Clouds (secblvd)
  10. SolarWinds aftermath continues with SolarLeaks (Blueliv)
  11. SolarWinds aftermath continues with SolarLeaks (secblvd)
  12. Mimecast hit by “sophisticated threat actor”
  13. Hackers hijacked email security firm Mimecast to spy on customers (VentureBeat)
  14. Mimecast Says Attackers Stole Certificate, Targeted Customers' Email (Decipher)
  15. Mimecast Says Hackers Compromised Digital Certificate
  16. Mimecast shares tumble as company reports cyberthreat to some customers (Boston Business Journal)
  17. Miscreants Manipulate Mimecast Certificate -> Microsoft 365 Exchange Web Services: Welcome To The Pew Pew (secblvd)
  18. SolarWinds Attackers May Have Hit Mimecast, Driving ...
  19. Mimecast: Hackers Compromised A Digital Certificate (My TechDecisions)
  20. Mimecast compromised by a threat actor | 2021-01-13 (Security Magazine)
  21. SolarWinds Hack Followed Years of Warnings of Weak Cybersecurity (Bloomberg)
  22. Top SolarWinds risk assessment resources for Microsoft 365 and Azure (CSO Online)
  23. Sunspot malware scoured servers for SolarWinds builds to trojanize them

Published 2021-01-12

  1. Kaspersky Lab autopsies evidence on SolarWinds hack (Register)
  2. Three Steps to Ensure Your Supply Chain Isn’t Your Weak Link (Legaltech News)
  3. Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
  4. Email Security Firm Mimecast Says Hackers Hijacked Its Products to Spy on Customers | Technology News (US News)
  5. 5 Things To Know About The Mimecast Hack And Stock Drop
  6. Mimecast Certificate Hacked in Supply-Chain Attack (tpost)
  7. Hackers Compromise Mimecast Certificate For Microsoft Authentication
  8. Cisco Event Response: SolarWinds Orion Platform Software Attack
  9. SolarWinds Discloses Earlier Evidence of Hack (WSJ)
  10. SolarWinds Hackers’ Attack on Email Security Company Raises New Red Flags (WSJ)
  11. OODA Loop - If SolarWinds Is a Wake (Up Call, Who’s Really Listening?)
  12. UNC2452: What We Know So Far
  13. SolarWinds malware was sneaked out of the firm's Orion build environment 6 months before anyone realised it was there (report • The Register)
  14. Lessons from the SolarWinds Hack: Robust Cybersecurity Requires Leadership (Toka)
  15. Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
  16. Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes (tpost)
  17. Email security firm Mimecast says hackers hijacked its products to spy on customers (Reuters)
  18. Autocracy ascends the cracks of democracy  (Great Power)
  19. Austin's SolarWinds closer to understanding source of massive breach
  20. Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.
  21. Evanina: Number of known SolarWinds victims 'will continue to grow' - (FCW)
  22. SolarWinds Hackers' Attack on Email Security Company Raises New Red Flags (MarketScreener)
  23. Important Update from Mimecast (Mimecast Blog)
  24. Email security firm Mimecast says hackers hijacked its products to spy on customers (Reuters)
  25. The Hack Roundup: SolarWinds Shares Details on How Attackers Inserted Backdoor (Nextgov)
  26. SolarLeaks site claims to sell data stolen in SolarWinds attacks
  27. SolarWinds Says It Has Found Source of Massive Cyberattack (TheStreet)
  28. SolarWinds: What Hit Us Could Hit Others — Krebs on Security

Published 2021-01-11

  1. SolarWinds Hack Potentially Linked to Turla APT (tpost)
  2. SolarWinds hack is the perfect foreword to new book on biggest breaches
  3. Researchers Find Links Between Sunburst and Russian Kazuar Malware
  4. More federal victims of SolarWinds hacking likely to come forward, CISA chief says
  5. New SolarWinds CEO sets out rescue plan
  6. SolarWinds hackers linked to known Russian spying tools, investigators say (Reuters)
  7. Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources (Reuters)
  8. SolarWinds hackers linked to known Russian spying tools, investigators say (Reuters)
  9. SolarWinds Hack Lessons Learned: Finding the Next ...
  10. SolarWinds Hack Lessons Learned: Finding the Next ...
  11. SolarWinds CEO: Attack Was ‘One Of The Most Complex And Sophisticated’ In History
  12. Sunburst backdoor – code overlaps with Kazuar (Securelist)
  13. Hackers Didn’t Only Use SolarWinds to Break In, Says CISA (secblvd)
  14. Robust Indicators of Compromise for SUNBURST (NETRESEC Blog)
  15. New Findings From Our Investigation of SUNBURST (Orange Matter)
  16. SUNSPOT Malware: A Technical Analysis (CrowdStrike)

Published 2021-01-10

  1. Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News (Latest Hacker News and IT Security News)
  2. The Colorado Division of Securities alerts securities firms to be aware of any impact of SolarWinds hack (WesternSlopeNow.com)

Published 2021-01-09

  1. SolarWinds Malware Arsenal Widens with Raindrop (tpost)
  2. Industry urges agencies to accelerate zero trust adoption after SolarWinds hack (FedScoop)
  3. The SolarWinds Investigation Ramps Up (WIRED)
  4. How to Understand and Defend Against SolarWinds (Type Attacks)

Published 2021-01-08

  1. SolarWinds Government Data Breach Leads to Securities Action (Proskauer - Corporate Defense and Disputes - JDSupra)
  2. Sealed U.S. court records possibly accessed by SolarWinds attackers (Help Net Security)
  3. Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments (CISA)
  4. January 8th Update on SolarWinds (JetBrains Blog)
  5. Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek.Com)
  6. Disturbing trend: Recent nation state attacks (Cybersecurity Tech Accord)
  7. SolarWinds Fights Back With Chris Krebs, Alex Stamos Hires
  8. CISA: SolarWinds hackers also used password guessing to breach targets (ZDNet)
  9. CEO Refutes Reports of Involvement in SolarWinds Campaign (Infosecurity Magazine)
  10. A Golden SAML Journey: SolarWinds Continued (Splunk)
  11. SolarWinds Hires Chris Krebs and Alex Stamos for ...
  12. SolarWinds hires former Trump cyber security chief Chris Krebs
  13. The SolarWinds Hack
  14. SolarWinds to pay former CEO US$312K to assist with investigations - Software (CRN Australia)
  15. solarwinds customers

Published 2021-01-07

  1. FireEye's Mandia: 'Severity (Zero Alert' Led to ...)
  2. SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar (Symantec Blogs)
  3. CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks (scmedia)
  4. Hacking victim SolarWinds hires ex-Homeland Security official Krebs as consultant (Reuters)
  5. An Update on SolarWinds (JetBrains Blog)
  6. Meet The Super Rich Czech Tech Company — And Its Russian CEO —Denying Links To The Huge SolarWinds Hack
  7. SolarWinds hack: Who’s to blame? It’s complicated. (TechBeacon)
  8. SolarWinds Hackers Compromise Confidential Court Filings
  9. CISA: Hackers access to federal networks without SolarWinds - (FCW)
  10. Our Plan for a Safer SolarWinds and Customer Community (Orange Matter)
  11. Krebs Stamos Group
  12. SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack
  13. The Cybersecurity 202: Riot in the Capitol is a nightmare scenario for cybersecurity professionals (wapo)
  14. Sealed U.S. Court Records Exposed in SolarWinds Breach — Krebs on Security
  15. Gossamer tool aims to defend open source projects against SolarWinds-style supply chain attacks (The Daily Swig)
  16. NSA Warns That Russian Hackers Are Targeting Virtual Workspaces (Nextgov)
  17. CISA: SolarWinds Hackers Got Into Networks by Guessing Passwords (Nextgov)
  18. Implications of Russian Hacking of SolarWinds

Published 2021-01-06

  1. DOJ says it was hit by SolarWinds hackers - (FCW)
  2. SolarWinds Hack Breached Justice Department System (WSJ)
  3. The Trends At SolarWinds (NYSE:SWI) That You Should Know About (Simply Wall St News)
  4. SOLARWINDS INVESTORS: ALERT BY FORMER LOUISIANA ATTORNEY GENERAL - Kahn Swick & Foti, LLC Reminds Investors of Lead Plaintiff Deadline in Class Action Lawsuit Against SolarWinds Corporation (SWI)
  5. DoJ says SolarWinds hackers breached its Office 365 system and read email (ars)
  6. Judiciary Addresses Cybersecurity Breach: Extra Safeguards to Protect Sensitive Court Records (US Courts)
  7. Scott+Scott Attorneys at Law LLP Continues Investigating SolarWinds Corporation’s Directors and Officers for Breach of Fiduciary Duties (SWI)
  8. We Should Have Known SolarWinds Would Be a Target (CoFR)
  9. SolarWinds Hack, Ransomware, Regulations Figure Prominently as Virtual Cybersecurity Summits Resume in 2021
  10. SHAREHOLDER ALERT: Block & Leviton LLP Investigating SolarWinds Corp. and Pluralsight, Inc. for Possible Breaches of Fiduciary Duty; Shareholders Should Contact the Firm
  11. SWI INVESTOR FRAUD LAWSUIT FILED: Hagens Berman Encourages SolarWinds (SWI) Investors with Losses to Contact Firm Now
  12. SolarWinds Sued Over Russian Hack (SDxCentral)
  13. How to prepare for and respond to a SolarWinds-type attack (CSO Online)
  14. Life After the SolarWinds Supply Chain Attack
  15. Faulty enterprise software, like SolarWinds, $2 trillion problem (BI)
  16. SolarWinds Government Data Breach Leads to Securities Action (Lexology)
  17. Department of Justice Statement on Solarwinds Update | OPA (DOJ)
  18. Statement on the story from The New York Times regarding JetBrains and SolarWinds (JetBrains Blog)
  19. FBI probe of major hack includes project-management software from JetBrains: sources (Reuters)
  20. Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)
  21. Justice Department also hit by Russian hackers (wapo)

Published 2021-01-05

  1. Feds: SolarWinds Breach Is Likely Russian Intel Gathering Effort
  2. Azure-Sentinel/ADFSDomainTrustMods.yaml at master · Azure/Azure (Sentinel · GitHub)
  3. Opinion: The SolarWinds hack is stunning. Here's what should be done (CNN)
  4. Essays: The Solarwinds Hack Is Stunning. Here’s What Should Be Done (Schneier)
  5. Hacking ‘Likely’ Came From Russia, US Says (nyt)
  6. Bucking Trump, NSA and FBI say Russia was “likely” behind SolarWinds hack (ars)
  7. SolarWinds Hit With Class (Action Lawsuit Following ...)
  8. Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA) (CISA)
  9. SolarWinds Breach is the Rule, Not an Exception (secblvd)
  10. HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Encourages SolarWinds (SWI) Investors with Losses to Contact Firm Now, Securities Fraud Lawsuit Filed
  11. SolarWinds hack officially blamed on Russia: What you need to know (CNET)
  12. ALERT FOR SWI INVESTORS WITH LOSSES: Bernstein Liebhard is Investigating SolarWinds Corporation For Violations of the Securities Laws
  13. SolarWinds attack: CrowdStrike says no impact
  14. Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds
  15. The Cyberlaw Podcast: The Grim Lessons of the SolarWinds Breach (Lawfare)
  16. Researchers say cloud deployments of SolarWinds Orion could put API keys at risk (IT World Canada)
  17. SolarWinds hack endangering cloud services’ API keys (DevOps Online)
  18. Latest on the SVR’s SolarWinds Hack (Schneier)
  19. Severe SolarWinds Hacking: 250 Organizations Affected?
  20. SolarWinds hack continues to spread: What you need to know (CNET)

Published 2021-01-04

  1. Microsoft downplays threat after admitting SolarWinds attackers accessed source code (The Daily Swig)
  2. Finding Targeted SUNBURST Victims with pDNS (NETRESEC Blog)
  3. After SolarWinds breach, where do we go from here? (FRN)
  4. EQUITY ALERT: Rosen Law Firm Files Securities Class Action Lawsuit Against SolarWinds Corporation – SWI (bizwire)
  5. SolarWinds breach could reshape cybersecurity practices
  6. CISA updates on SolarWinds compromise - (GCN)
  7. SolarWinds Hit With Class (Action Lawsuit Alleging Securities Violations)
  8. Treasury Finds no Evidence of Tax Data Breach in SolarWinds Hack (MeriTalk)
  9. US issues advisory for agencies to update SolarWinds software (Express Computer)
  10. SolarWinds, top executives hit with class action lawsuit over Orion software breach (scmedia)
  11. Class Action Complaint for Violation of the Federal Securities Laws
  12. SolarWinds hack may have been a global attack (TechRadar)
  13. Solar Winds Blow Hard (secblvd)
  14. The Grim Lessons of the SolarWinds Breach (reason)
  15. SolarWinds hack poses risk to cloud services' API keys and IAM identities
  16. SolarWinds shareholder files class-action lawsuit alleging leadership 'misrepresented and failed to disclose' information about hack (FoxBiz)
  17. SolarWinds Breach ‘Much Worse’ Than Feared (SDxCentral)
  18. SolarWinds: The more we learn, the worse it looks (ZDNet)
  19. Bremer v. SolarWinds Corporation Et Al - Complaint | Sec Rule 10b 5 (Class Action)

Published 2021-01-03

  1. How to Get Rich Sabotaging Nuclear Weapons Facilities (BIG by Matt Stoller)
  2. SolarWinds hack may be bigger than previously believed (SiliconANGLE)
  3. The threats arising from the massive SolarWinds hack (CBS News)

Published 2021-01-02

  1. ‘William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021’
  2. SolarWinds hack may be much worse than originally feared (Verge)
  3. How Russia’s ‘Info Warrior’ Hackers Let Kremlin Play Geopolitics on the Cheap (WSJ)
  4. As Understanding of Russian Hacking Grows, So Does Alarm (nyt)

Published 2021-01-01

  1. SolarWinds supply chain breach threatens government agencies and enterprises worldwide (ScienceDirect)
  2. Best SolarWinds RMM Alternatives 2021 (Capterra)
  3. Nagios Alternatives: Best Commercial & Open Source of 2021
  4. 50 Best SolarWinds Alternatives & Competitors in 2021
  5. 20 best alternatives to SolarWinds Log & Event Manager as of 2021 (Slant)
  6. Top SolarWinds Competitors and Alternatives (Craft.co)
  7. Unryo (Performance Monitoring & Observability)
  8. What are some alternatives to Solarwinds? (StackShare)
  9. 50 Best SolarWinds Alternatives & Competitors in 2021
  10. SolarWinds Alternative - Get Modern Monitoring (Zenoss)
  11. SolarWinds Alternative (Alternatives to SolarWinds for Network and Server)
  12. Solarwinds alternative: a comparison in depth between Solarwinds and Pandora FMS
  13. Open Source SolarWinds Server & Application Monitor Alternatives (AlternativeTo)
  14. SolarWinds Alternatives (Guide Top 9 SolarWinds Alternatives)
  15. Nagios Alternatives - Nagios Replacement for Monitoring (SolarWinds)
  16. Fed up with Solarwinds, open source options? : sysadmin
  17. SolarWinds Network Performance Monitor Alternatives, Competitors & Similar Software (GetApp®)
  18. RMM Software - Atera - RMM software (PSA & Remote Access for MSPs)
  19. Network Monitoring | NMIS (Opmantek)
  20. A Better Monitoring Alternative (LogicMonitor)
  21. Nagios XI (Your Solarwinds Alternative Network Monitoring Solution)
  22. Top 15 SolarWinds Alternatives & Similar Tools (eBool)
  23. SolarWinds Server & Application Monitor Alternatives and Similar Software (AlternativeTo)
  24. SolarWinds Alternative (Compare Site24x7 vs SolarWinds)
  25. SolarWinds NPM Competitors and Alternatives (IT Central Station)
  26. SolarWinds Alternative (OpManager VS SolarWinds NPM - ManageEngine)
  27. Best SolarWinds Orion Platform Alternatives & Competitors
  28. List of Best SolarWinds NPM Alternatives & Competitors 2021
  29. SolarWinds Network Performance Monitor Alternatives & Competitors (G2)
  30. Top SolarWinds Competitors and Alternatives - Gartner 2021 (IT Infrastructure Monitoring Tools)
  31. SolarWinds Alternative - Get Modern Monitoring (Zenoss)
  32. SolarWinds Alternative (OpManager VS SolarWinds NPM - ManageEngine)
  33. Swap SolarWinds Orion for Intact Scorpio NOW
  34. CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds (SecurityWeek.Com)
  35. SolarWinds hackers accessed Microsoft source code, the company says
  36. SolarWinds Take Control Alternative (Splashtop SOS)
  37. Gossamer: Supply Chain Security for Open (Source Software)
  38. GitHub - Azure/Azure-Sentinel: Cloud (native SIEM for intelligent security analytics for your entire enterprise.)

Published 2021-0-1-06

  1. Security Council Reveals Russia behind SolarWinds hack not China (WaZoBia9ja)

Published 2020-12-31

  1. The SolarWinds Hack Doesn’t Demand a Violent Response (Defense One)
  2. SolarWinds hackers accessed Microsoft source code (ZDNet)
  3. SolarWinds hackers accessed Microsoft source code, the company says (Reuters)
  4. Microsoft Hacked in Russia-Linked SolarWinds Cyberattack (WSJ)
  5. Canada Pension Plan Investment Board’s purchase of SolarWinds stock likely to fall under scrutiny (wapo)
  6. This Week In Security: Deeper Dive Into SolarWinds, Bouncy Castle, And Docker Images (Hackaday)
  7. SolarWinds MSP Rebranding As N-able Amid Spin-Out Plan (ChannelE2E)
  8. Microsoft Internal Solorigate Investigation Update (Microsoft Security Response Center)
  9. The Real Culprit Behind SolarWinds: Remote Code Execution
  10. Security Advisory (SolarWinds)

Published 2020-12-30

  1. CISA demands US govt agencies to update SolarWinds Orion softwareSecurity Affairs
  2. Learning from SolarWinds: Five steps to fortify your cloud supply chain | Article (Compliance Week)
  3. CISA updates SolarWinds guidance, tells US govt agencies to update right away (ZDNet)

Published 2020-12-29

  1. Extracting Security Products from SUNBURST DNS Beacons (NETRESEC Blog)
  2. Golden SAML Revisited: The Solorigate Connection (secblvd)
  3. National cyber director role in the spotlight after SolarWinds hack
  4. SolarWinds Orion: Fixes Aim to Block Sunburst and Supernova
  5. Agencies scrambling to get a grip after SolarWinds hack (FRN)
  6. Op (ed: What nobody else will say about the new cybersecurity crisis)

Published 2020-12-28

  1. CISA releases Azure, Microsoft 365 malicious activity detection tool
  2. Using Microsoft 365 Defender to protect against Solorigate (MS Security)
  3. Russia’s SolarWinds Attack (Schneier)
  4. In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021 (scmedia)
  5. Analysis: The Impact of SolarWinds Hack (BankInfoSecurity)
  6. SolarWinds SUNBRUST backdoor investigation using ShiftLeft’s Code Property Graph (secblvd)
  7. How hacked is hacked? Here’s a ‘hack scale’ to better understand the SolarWinds cyberattacks (GeekWire)
  8. How did SolarWinds' massive data breach go undetected for months? (YouTube)

Published 2020-12-27

  1. Dissecting The SolarWinds Hack For Greater Insights With A Cybersecurity Evangelist

Published 2020-12-26

  1. SolarWinds releases updated advisory for new SUPERNOVA malware
  2. VU#843464 (SolarWinds Orion API authentication bypass allows remote command execution)
  3. A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware

Published 2020-12-24

  1. Veterans Affairs Officials Blow Off Briefing on SolarWinds Hack
  2. SolarWinds Attack Could Have Been Much Worse, Former NSA Chief Says | National News (US News)
  3. Emergency directive: Global governments issue alert after FireEye hack is linked to SolarWinds supply chain attack (The Daily Swig)
  4. Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)
  5. Hack of Federal Agencies Shows Cyber Dangers to Supply Chains (WSJ)
  6. Microsoft, FireEye confirm SolarWinds supply chain attack (ZDNet)
  7. Russians Are Believed to Have Used Microsoft Resellers in Cyberattacks (nyt)
  8. SUNBURST Additional Technical Details (fireeye)
  9. Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)
  10. CrowdStrike Fends Off Attack Attempted By SolarWinds Hackers
  11. SolarWinds hack: Cybersecurity company calls for more transparency with what happened (KXAN Austin)
  12. Here's a simple explanation of the SolarWinds hack (BI)
  13. SolarWinds Hack Infected Critical Infrastructure
  14. Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)

Published 2020-12-23

  1. Who Broke SolarWind with Mat and Mike - S3E8 | The Cyber Tap | Podcasts on Audible (Audible.com)
  2. Q:CYBER spots lateral movement as used in the SolarWinds (Sunburst) calamity | State (insidenova.com)
  3. SolarWinds (Understanding & Detecting the SUPERNOVA Webshell Trojan - SentinelLabs)
  4. From the Solarwinds supply chain attack (Golden Chain Bear) to see the covert operations in APT operations
  5. SolarWinds roundup: Fixes, new bad actors, and what the company knew (Network World)
  6. How we protect our users against the Sunburst backdoor (Securelist)
  7. Cloud infrastructure is not immune from the SolarWinds Orion breach (secblvd)
  8. 'No evidence' IRS taxpayer information exposed by SolarWinds hack (FedScoop)
  9. Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)
  10. Five Solution Providers Breached By SolarWinds Hackers: Researchers
  11. Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they are (CyberScoop)
  12. CrowdStrike Launches Free Tool to Identify & Mitigate Risks in Azure Active Directory (CrowdStrike)
  13. How the SolarWinds hackers are targeting cloud services in unprecedented cyberattack (GeekWire)
  14. List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors
  15. Opinion (With Hacking, the United States Needs to Stop Playing the Victim - The New York Times)
  16. Massive data breach may have been discovered due to 'unforced error' by suspected Russian hackers (CNNPolitics)
  17. The Facts and Mysteries About Russia’s Hack of the U.S.
  18. Experts say SolarWinds hack could impact Kern County businesses
  19. Joe Biden Blames Russia For Huge SolarWinds Hack (HuffPost)
  20. SolarWinds hack exploited weaknesses we continue to tolerate (FT)
  21. Syxsense Confirms There is Zero SolarWinds® Orion® in its Environment and is Not a SolarWinds Customer
  22. solorigate_sample_source/OrionImprovementBusinessLayer.cs at main · Shadow0ps/solorigate_sample_source (GitHub)
  23. Bloodhound walkthrough. A Tool for Many Tradecrafts (Pen Test Partners)
  24. SolarWinds Compromise May Have Begun 5 Months Earlier Than Suspected
  25. SolarWinds roundup: Fixes, new bad actors, and the company knew (Network World)

Published 2020-12-22

  1. Another Hacking Group Has Targeted SolarWinds Systems
  2. SolarWinds Orion Data Security Update
  3. Cyberattack Hit Key US Treasury Systems: Senator (SecurityWeek.Com)
  4. Sunburst Malware Optics Rules
  5. Biden Assails Trump Over Handling of Russia Hacking (nyt)
  6. Infosec pros warned of second SolarWinds Orion vulnerability (IT World Canada News)
  7. Coast Guard releases bulletin on SolarWinds hack (WorkBoat)
  8. Loptr CEO Discusses Solarwinds Breach and How to Stay Safe
  9. A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says
  10. Azure AD workbook to help you assess Solorigate risk (Microsoft Tech Community)
  11. Prevasio: Sunburst Backdoor, Part III: DGA & Security Software
  12. All SentinelOne Customers Protected from SolarWinds SUNBURST Attack (bizwire)
  13. Florida Investigating Server Hacking Through SolarWinds Software
  14. The SolarWinds hack, and the danger of arrogance (scmedia)
  15. Qualys Researchers Identify 7+ Million Vulnerabilities Associated with SolarWinds/FireEye Breach by Analyzing Anonymized Vulnerabilities across Worldwide Customer Base (secblvd)
  16. The SolarWinds Compromise and the Strategic Challenge of the Information and Communications Technology Supply Chain (CoFR)
  17. CISA updates emergency directive for SolarWinds Orion compromise | 2020-12-22 (Security Magazine)
  18. SolarWinds Orion/SUNBURST – Armis Can See Impacted Devices & Attacks (secblvd)
  19. Everything we know about the Solarwinds Hack! (Updated!) (YouTube)
  20. SolarWinds: What It Means & What’s Next
  21. Anexinet Exec: Lack Of Monitoring In SolarWinds Hack Is ‘Scary’
  22. HPE: ‘No Evidence’ It Has Been ‘Impacted’ By SolarWinds (Based Attack)
  23. SolarWinds Campaign Focuses Attention on 'Golden ...
  24. How SolarWinds could’ve been prevented (FRN)
  25. SolarWinds victims revealed after cracking the Sunburst malware DGA
  26. SolarWinds Claims Execs Unaware of Breach When They Sold Stock (SecurityWeek.Com)
  27. Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead (Prevailion)

Published 2020-12-21

  1. The SolarWinds Sunburst Attack: How to Protect Yourself from 5th Generation Cyberattacks (Secure Ops)
  2. Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack (Verge)
  3. SolarWinds Hack: Is NSA Doing the Same to Russia?
  4. VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
  5. Federal Acquisition Supply Chain Security Act
  6. SolarWinds Hack Hit Office Home to Top Treasury Department Officials (WSJ)
  7. Partial lists of organizations infected with Sunburst malware released online (ZDNet)
  8. Russian Hacking Targeted Treasury Department’s Senior Leaders (nyt)
  9. All about the suspected Russian cyberattack that Microsoft has called ‘moment of reckoning’
  10. Advanced Persistent Threat Actors Leverage SolarWinds Vulnerabilities
  11. SHAREHOLDER ALERT: SolarWinds Corp. Investigated for Possible Breaches of Fiduciary Duty After Insiders Sold $285 Million Worth of Company Stock; Investors Should Contact Block & Leviton LLP
  12. Microsoft: A 2nd Group May Have Also Breached SolarWinds
  13. Advisory for SolarWinds Orion Vulnerabilities (secblvd)
  14. Trump's reluctance to name Russia in SolarWinds hack will hamper recovery (Axios)
  15. After the FireEye and SolarWinds breaches, what’s your failsafe? (TechCrunch)
  16. Solorigate Resource Center – updated December 31st, 2020 (Microsoft Security Response Center)
  17. The Law Offices of Frank R. Cruz Continues Its Investigation of SolarWinds Corporation (SWI) on Behalf of Investors (bizwire)
  18. A second hacking group has targeted SolarWinds systems (ZDNet)
  19. Advice for incident responders on recovery from systemic identity compromises (MS Security)
  20. Continue Clean (up of Compromised SolarWinds Software)
  21. The Solarwinds breach — What do CIOs need to do now?
  22. CISA warns that SolarWinds software may not be only entry point in latest breaches - (GCN)
  23. SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security (secblvd)
  24. Kevin Mandia: 50 Firms ‘Genuinely Impacted’ By SolarWinds Attack
  25. SolarWinds incident should be a catalyst to rethink federal cybersecurity (FRN)
  26. Top Expert Backgrounder: Russia’s SolarWinds Operation and International Law
  27. SolarWinds Adviser Warned of Lax Security Years Before Hack (Bloomberg)
  28. Microsoft identifies second hacking group affecting SolarWinds software
  29. SolarWinds Hack Victims: From Tech Companies to a Hospital and University (WSJ)
  30. Solorigate AzureAd IOCs

Published 2020-12-20

  1. SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security (YouTube)
  2. Azure-Sentinel/SolarWindsPostCompromiseHunting.json at master · Azure/Azure (Sentinel · GitHub)
  3. CNN.com (Transcripts)
  4. Biden team and lawmakers raise alarms over Russian cybersecurity breach (wapo)
  5. Former US cybersecurity chief Chris Krebs says officials are still tracking 'scope' of the SolarWinds hack
  6. FireEye CEO: Hack was "totally unique," "utte... (CBS News)
  7. SolarWinds Hack Could Affect 18K Customers — Krebs on Security

Published 2020-12-19

  1. Pompeo Says Russia 'Pretty Clearly' Behind SolarWinds Cyberattack. : NPR
  2. Hacked Networks Will Need to be Burned 'Down to the Ground' (SecurityWeek.Com)
  3. Trump Contradicts Pompeo Over Russia’s Role in Hack (nyt)
  4. Pompeo Blames Russia for Hack as Trump Casts Doubt on Widespread Conclusion (WSJ)
  5. At Least 200 Victims Identified in Suspected Russian Hacking (Bloomberg)
  6. Russia's SolarWinds Hack Is the Big One (BoonWorks)
  7. SolarWinds Hack: Cisco And Equifax Amongst Corporate Giants Finding Malware... But No Sign Of Russian Spies
  8. On the SolarWinds Hack or When Total Information Awareness is the Chainsaw Which Gently Buggers You Sidewise (An F... Again...)
  9. SHAREHOLDER ALERT: Kaskela Law LLC Announces Investigation of SolarWinds Corp. (SWI) and Encourages SWI Stockholders to Contact the Firm
  10. Prevasio: Sunburst Backdoor, Part II: DGA & The List of Victims
  11. It’s A Twister! Will SolarWinds Blow Cybersecurity Governance Reform Into The Boardroom?
  12. FireEye, Crowdstrike enjoy record days as SolarWinds hack leads to soaring security stocks (MarketWatch)
  13. SolarWinds hack shows we need a 'whole of society' national cyber strategy (hill)
  14. US cyber-attack: Russia 'clearly' behind SolarWinds operation, says Pompeo (BBC News)
  15. Massive SolarWinds hack has big businesses on high alert (CNN)
  16. NATO Checking Systems After US Cyberattack (SecurityWeek.Com)
  17. How U.S. agencies' trust in untested software opened the door to hackers (POLITICO)
  18. Second hacking team was targeting SolarWinds at time of big breach (Reuters)
  19. Second hacking team was targeting SolarWinds at time of big breach (Reuters)

Published 2020-12-18

  1. Mitigating Cloud Supply-chain Risk: Office 365 and Azure Exploited in Massive U.S. Government Hack (CipherCloud)
  2. SANS Institute (Newsletters - NewsBites)
  3. Microsoft falls prey to SolarWinds supply chain cyber-attacks (The Daily Swig)
  4. Tech Tent - Hackers breach US government (BBC Sounds)
  5. Protecting Microsoft 365 from on-premises attacks (Microsoft Tech Community)
  6. VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
  7. NSA on Authentication Hacks (Related to SolarWinds Breach) (Schneier)
  8. Microsoft says it found malicious software in its systems (CNA)
  9. What we know – and still don’t – about the worst-ever US government cyber-attack | Hacking (Guardian)
  10. VMware Falls on Report Its Software Led to SolarWinds Breach (Bloomberg)
  11. Microsoft warns UK companies were targeted by SolarWinds hackers
  12. SolarWinds SUNBURST Backdoor: Inside the APT Campaign (SentinelLabs)
  13. Reassembling Victim Domain Fragments from SUNBURST DNS (NETRESEC Blog)
  14. SolarWinds Likely Hacked at Least One Year Before Breach Discovery (SecurityWeek.Com)
  15. GitHub (fireeye/sunburst_countermeasures)
  16. Hackers last year conducted a 'dry run' of SolarWinds breach
  17. Sunburst: connecting the dots in the DNS requests (Securelist)
  18. Federal Reserve Board (Agencies propose requirement for computer security incident notification)
  19. Bill That Trump Is Vowing to Veto Strengthens Hacking Defenses, Lawmakers Say (nyt)
  20. 40 Of Microsoft's Customers Impacted By SolarWinds Hack : NPR
  21. Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)
  22. 'Very, very large' telecom organization and Fortune 500 company breached in SolarWinds hack (scmedia)
  23. Erlang Authenticated Remote Code Execution :: malicious.link — welcome
  24. "Strategic Silence" and State (Sponsored Hacking: The US Gov't and SolarWinds)
  25. DOE Update on Cyber Incident Related to Solar Winds Compromise (DOE)
  26. FireEye, SolarWinds Breaches: Implications and Protections (eSecurityPlanet)
  27. SolarWinds Scandal Calls Attention to Supply Chain Security
  28. SolarWinds Should Have Been More ‘Vigilant’: Palo Alto Networks CEO
  29. DATA443 RELEASES STATEMENT ON FIREEYE AND SOLARWINDS HACK AND BREACH OTC Markets:ATDS
  30. Datto Offers All MSPs Free Scanner To Find Signs Of FireEye, SolarWinds Hack
  31. SolarWinds Hack Throws Wrench In Private Equity’s Most Profitable Market
  32. The Strategic Implications of SolarWinds (Lawfare)
  33. DOE confirms its systems were compromised by SolarWinds hack (Utility Dive)
  34. Alex Stamos on Twitter: "There is a long history of "trickle down" effects in cyber, where a technique honed by a major player becomes commonplace. China's 2000s APTs -> Iran/DPRK/teenagers in the 2010s. Stuxnet ->smart ransomware. If supply (chain a)
  35. Alex Stamos on Twitter: "@VickerySec So far, all of the activity that has been publicly discussed has fallen into the boundaries of what the US does regularly and what we explicitly excluded from the Obama (Xi deal. If we are going to set new red lines, th)
  36. VMware Flaw a Vector in SolarWinds Breach? — Krebs on Security
  37. VMware Flaw Used To Hit Choice Targets In SolarWinds Hack: Report
  38. Cisco Hacked Through SolarWinds As Tech Casualties Mount
  39. Industry Letter - December 18, 2020: Supply Chain Compromise Alert (Department of Financial Services)
  40. Sygnia Advisory: Detection of Golden SAML attacks
  41. US cyber-attack: US energy department confirms it was hit by Sunburst hack (BBC News)
  42. Five Russian hacks that transformed US cyber-security (BBC News)
  43. SolarWinds: UK assessing impact of hacking campaign (BBC News)
  44. Tech Tent: Hacking the heart of the US government (BBC News)
  45. SolarWinds hackers broke into U.S. cable firm and Arizona county, web records show (Reuters)
  46. US cyber-attack: Cybersecurity agency warns suspected Russian hacking campaign broader than previously believed (CNNPolitics)
  47. Microsoft identifies more than 40 organizations targeted in massive cyber breach (CNNPolitics)
  48. Hackers last year conducted a 'dry run' of SolarWinds breach
  49. Microsoft president calls SolarWinds hack an “act of recklessness” (ars)
  50. OODA Loop (Microsoft says it found malicious software in its systems)
  51. Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers (MS Security)

Published 2020-12-17

  1. Microsoft president sounds alarm on ‘ongoing’ SolarWinds hack, identifies 40 more precise targets (Verge)
  2. SolarWinds Alternatives (MetricFire Blog)
  3. SolarWinds Hack ‘One Of The Worst In The Last Decade’: Analyst
  4. Feds: SolarWinds Attack ‘Poses a Grave Risk’ To Government, Business
  5. Supply Chain Attack: CISA Warns of New Initial Attack Vectors Posing 'Grave Risk' (SecurityWeek.Com)
  6. More on the SolarWinds Breach (Schneier)
  7. US under major active cyberattack from Russia, Trump’s former security adviser warns (The Independent)
  8. Cyber attack may be ‘worst in the history of America’ (LV Jrnl)
  9. Hackers Tied to Russia Hit Nuclear Agency; Microsoft Is Exposed (Bloomberg)
  10. Senators Press IRS for SolarWinds Hack Briefing (WSJ)
  11. NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources > National Security Agency Central Security Service > Article View
  12. SolarWinds breach raises stakes for NDAA Trump still threatens to veto (FRN)
  13. SolarWinds, GitHub Leaks and Securing the Software Supply Chain (secblvd)
  14. Senators Ask IRS Whether Taxpayer Data Hit in SolarWinds Hack (Bloomberg)
  15. More Hacking Attacks Found, Officials Warn of Risk to U.S. Government (nyt)
  16. SolarWinds MSP To Revoke Digital Certificates For Tools, Issue New Ones As Breach Fallout Continues
  17. Hack Suggests New Scope, Sophistication for Cyberattacks (WSJ)
  18. SolarWinds Deploys CrowdStrike To Secure Systems After Hack
  19. GitHub (cyberark/shimit: A tool that implements the Golden SAML attack)
  20. Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps
  21. CISA: SolarWinds Not the Only Initial Attack Vector ...
  22. SolarWinds hackers breach US nuclear weapons agency
  23. A moment of reckoning: the need for a strong and global cybersecurity response (Microsoft On the Issues)
  24. SUPERNOVA: A Novel .NET Webshell, an Analysis
  25. DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors (fireeye)
  26. The SolarWinds Orion SUNBURST supply-chain Attack (TRUESEC Blog)
  27. Russian Hackers Have Been Inside Austin Network for Months
  28. Microsoft identifies more than 40 organizations targeted in massive cyber breach (CNNPolitics)
  29. Microsoft says it was hit in SolarWinds attack, but customer data safe (BI)
  30. Nuclear weapons agency breached amid massive cyber onslaught (POLITICO)
  31. Exclusive-Suspected Russian hacking spree reached into Microsoft -sources (Reuters)
  32. Federal investigators find evidence of previously unknown tactics used to penetrate government networks (wapo)
  33. Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations (CISA)
  34. SolarWinds’ Customers (Pastebin)

Published 2020-12-16

  1. Massive hack of US government launches search for answers as Russia named top suspect
  2. FireEye, Microsoft create kill switch for SolarWinds backdoor
  3. Trend data on the SolarWinds Orion compromise
  4. We're not saying this is how SolarWinds was backdoored, but its FTP password 'leaked on GitHub in plaintext' (Register)
  5. SolarWinds Removes Customer List From Site as It Releases Second Hotfix (SecurityWeek.Com)
  6. Sunburst: Supply Chain Attack Targets SolarWinds Users (Symantec Blogs)
  7. FireEye and SolarWinds Cyber Attack Information for Exabeam Customers and Partners
  8. SolarWinds Exposed GitHub Repository Publicly since 2018
  9. Federal Agencies, Think Tank Targeted in Russian Hacking Spree
  10. U.S. Agencies Exposed in Attack by Suspected Russian Hackers (Bloomberg)
  11. Opinion (I Was the Homeland Security Adviser to Trump. We’re Being Hacked. - The New York Times)
  12. Sunburst Trojan (What You Need to Know)
  13. Responding to the SolarWinds Breach: Detect, Prevent, and Remediate the Dark Halo Supply Chain Attack (Volexity)
  14. SolarWinds' dominance became a liability in sprawling spy campaign (VentureBeat)
  15. Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach (GeekWire)
  16. New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor
  17. SolarWinds Post-Compromise Hunting with Azure Sentinel (Microsoft Tech Community)
  18. subdomain & #DGA domain names , #SolarWinds, attacked by #UNC2452 @0xrb (Pastebin.com)
  19. SunBurst_DGA_Decode/decode.py at main · RedDrip7/SunBurst_DGA_Decode (GitHub)
  20. Little (known SolarWinds gets scrutiny over hack, stock sales)
  21. DOD has a leg up in mitigating potential SolarWinds breach, former officials say (FedScoop)
  22. Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) (CISA)
  23. The SolarWinds and US government breach is not a marketing opportunity (ZDNet)
  24. Microsoft to quarantine SolarWinds apps linked to recent hack (ZDNet)
  25. SolarWinds said no other products were compromised in recent hack (ZDNet)
  26. SolarWinds Orion hack: Why cybersecurity experts are worried (CNN)
  27. Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack (nyt)
  28. Hack May Have Exposed Deep US Secrets; Damage Yet Unknown (SecurityWeek.Com)
  29. SUNBURST – SolarWinds® Orion® IT Management Platform Security Advisory (ServerCentral Turing Group)
  30. InfoSec Handlers Diary Blog
  31. SolarWinds: Why the Sunburst hack is so serious (BBC News)
  32. SolarWinds’ shares drop 22 per cent. But what’s this? $286m in stock sales just before hack announced? (Register)
  33. Thread by @megabeets_ on Thread Reader App (Thread Reader App)
  34. SunBurst: the next level of stealth
  35. (1) Itay Cohen on Twitter: "The attackers behind the #SUNBURST malware put a lot of effort into trying to avoid detection by analysts and security vendors. Not only this, but they also tried to make sure to stay under the radar of #SolarWinds develope
  36. GitHub (RedDrip7/SunBurst_DGA_Decode: SunBurst DGA Decode Script)
  37. Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security
  38. How suspected Russian hackers outed their massive cyberattack (POLITICO)

Published 2020-12-15

  1. Russian hack into Treasury, Commerce, DHS raises federal alarms (Axios)
  2. SolarWinds hides list of high-profile customers after devastating hack (Verge)
  3. How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication (Schneier)
  4. The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it. (wapo)
  5. Suspected Russia SolarWinds Hack Exposed After FireEye Cybersecurity Firm Found 'Backdoor'
  6. What We Know (And Don’t) About The SolarWinds Orion Hack So Far
  7. New, free tool adds layer of security for the software supply chain
  8. White House National Security Adviser O’Brien Cuts Trip Short to Address SolarWinds Hack (WSJ)
  9. Suspected Russian Cyberattack Began With Ubiquitous Software Company (WSJ)
  10. Suspected Russian Hack Said to Have Gone Undetected for Months (WSJ)
  11. Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk
  12. Group Behind SolarWinds Hack Bypassed MFA to Access Emails at US Think Tank (SecurityWeek.Com)
  13. SolarWinds attack explained: And why it was so hard to detect (CSO Online)
  14. FireEye Malware Optics Rules
  15. SolarWinds Breach Used to Infiltrate Customer Networks (Solarigate)
  16. Hackers used SolarWinds' dominance against it in sprawling spy campaign (Reuters)
  17. HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Investigating SolarWinds (SWI) Knowledge of Hack in Orion Products, Encourages SWI Investors with Losses to Contact Firm Now
  18. SolarFlare Release: Password Dumper for SolarWinds Orion :: malicious.link — welcome
  19. GitHub (mubix/solarflare: SolarWinds Orion Account Audit / Password Dumping Utility)
  20. Prevasio: Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware
  21. CISA Warns Agencies of SolarWinds Orion Compromise via Emergency Directive (gcwire)
  22. SolarFlare Release: Password Dumper for SolarWinds Orion (secblvd)
  23. Expert warned 'solarwinds123' password could expose firm: Report (BI)
  24. Was my workplace hit by SolarWinds hack? FAQ answers. (trib)
  25. Orion Platform - Scalable IT Monitoring (SolarWinds)
  26. Ensuring customers are protected from Solorigate (MS Security)
  27. Kyle Hanslovan on Twitter: "Although their string obfuscation techniques were anything but special, their codebase and domains successfully evaded security scrutiny for nearly a year ¯_(ツ)_/¯. Here are screenshots of some CryptoHelper and ZipHelper cl
  28. Microsoft and industry partners seize key domain used in SolarWinds hack (ZDNet)
  29. Lessons on Identity Security From Recent High (Profile Breaches)
  30. Microsoft’s Role In SolarWinds Breach Comes Under Scrutiny
  31. SolarWinds Orion: More US government agencies hacked (BBC News)
  32. Giant U.S. Computer Security Breach Exploited Very Common Software (Scientific American)
  33. Richard Blumenthal on Twitter: "Stunning. Today’s classified briefing on Russia’s cyberattack left me deeply alarmed, in fact downright scared. Americans deserve to know what's going on. Declassify what’s known & unknown." / Twitter
  34. SolarWinds' Update Server Could Be Accessed in 2019 Using Password 'solarwinds123': Report
  35. Hackers at center of sprawling spy campaign turned SolarWinds' dominance against it (Reuters)
  36. GitHub (fireeye/sunburst_countermeasures)
  37. SolarWinds hackers have a clever way to bypass multi-factor authentication (ars)

Published 2020-12-14

  1. Customer Guidance on Recent Nation-State Cyber Attacks | MSRC Blog (Microsoft Security Response Center)
  2. After high profile hacks hit federal agencies, CISA demands drastic SolarWinds mitigation (scmedia)
  3. Rear door in SolarWinds Orion - update as soon as possible (updated 2020-12-29) (www.cert.se)
  4. SolarWinds Corporation 8 (K SEC Filing)
  5. NCSC statement on FireEye incident (NCSC.GOV.UK)
  6. SolarWinds Orion vulnerability being actively exploited - updated advisory (CERT NZ)
  7. Cisco Talos Intelligence Group (Comprehensive Threat Intelligence: FireEye Breach Detection Guidance)
  8. Cisco Talos Intelligence Group (Comprehensive Threat Intelligence: Threat Advisory: SolarWinds supply chain attack)
  9. Quick Thoughts on the Russia Hack (Lawfare)
  10. SolarWinds, GitHub Leaks and Securing the Software Supply Chain (BluBracket)
  11. SEC filings: SolarWinds says 18,000 customers were impacted by recent hack (ZDNet)
  12. US govt, FireEye breached after SolarWinds supply (chain attack)
  13. DHS, DOJ And DOD Are All Customers Of SolarWinds Orion, The Source Of The Huge US Government Hack
  14. U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise — Krebs on Security
  15. SolarWinds Hack: U.K. Government, NATO Join U.S. in Monitoring Risk (Bloomberg)
  16. Russian hack’s sophistication impresses even the experts (wapo)
  17. How bad is the hack that targeted US agencies
  18. U.S. Homeland Security, thousands of businesses scramble after suspected Russian hack (Reuters)
  19. Scope of Russian Hacking Becomes Clear: Multiple U.S. Agencies Were Hit (nyt)
  20. SolarWinds hack: US officials scramble to deal with suspected Russian hack of government agencies (CNNPolitics)
  21. The SolarWinds Breach: Why Your Work Computers Are Down Today (Lawfare)
  22. research/uniq (hostnames.txt at main · bambenek/research · GitHub)
  23. Alleged Russian Malware Hack Hit Local Governments In U.S., Officials Say : NPR
  24. SolarWinds Breach: An RSAC Interview with Dmitri Alperovitch About Who, How and Why (RSA)
  25. 10 Things To Know About The SolarWinds Breach And Its U.S. Government Impact
  26. Catching Bloodhound Before it Bites (CrowdStrike)
  27. US Calls On Federal Agencies To Power Down SolarWinds Orion Due To Security Breach
  28. 10 Things To Know About The SolarWinds Breach And Its U.S. Government Impact
  29. US Treasury and commerce department targeted in cyber-attack (BBC News)
  30. DHS, State and NIH join list of federal agencies — now five — hacked in major Russian cyberespionage campaign (wapo)
  31. Russian hackers hit US government using widespread supply chain attack (ars)
  32. DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report (tpost)
  33. SolarWinds' Orion monitoring platform may have been tampered with by attackers - Security - Software (iTnews)
  34. Inline XBRL Viewer
  35. 'Massively disruptive' cyber crisis engulfs multiple agencies (POLITICO)
  36. SolarWinds Exposed FTP Credentials Publicly in a Github Repo
  37. ~18,000 organizations downloaded backdoor planted by Cozy Bear hackers (ars)
  38. Dark Halo Leverages SolarWinds Compromise to Breach Organizations (Volexity)
  39. Russian hacker group 'Cozy Bear' behind Treasury and Commerce breaches (wapo)

Published 2020-12-13

  1. Hackers backed by Russian government reportedly breached US government agencies (Verge)
  2. cyber.dhs.gov - Emergency Directive 21 (01)
  3. U.S. Agencies Hacked in Foreign Cyber Espionage Campaign Linked to Russia (WSJ)
  4. Global Intrusion Campaign Leverages Software Supply Chain Compromise (fireeye)
  5. Treasury, Commerce, Others Hacked by Russian Government Spies, Report (Rolling Stone)
  6. Russian government (backed hackers breached the U.S. Treasury)
  7. Cyberattack on U.S. Treasury by foreign government
  8. REFILE-EXCLUSIVE-U.S. Treasury breached by hackers backed by foreign government - sources (Reuters)
  9. US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
  10. SolarWinds CyberAttack and FireEye Red Team Tools Coverage
  11. Top Democrat: 'Critical' that Pompeo brief senators on SolarWinds hack at State Dept. (hill)
  12. Suspected Russian hackers spied on U.S. Treasury emails - sources (Reuters)
  13. Embassy of Russia in the USA / Посольство России в США - Posts (Facebook)
  14. Suspected Russian hackers spied on U.S. Treasury emails - sources (Reuters)
  15. Customer Guidance on Recent Nation (State Cyber Attacks – Microsoft Security Response Center)
  16. Important steps for customers to protect themselves from recent nation-state cyberattacks (Microsoft On the Issues)
  17. Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect (nyt)
  18. CISA Issues Emergency Directive to Mitigate the Compromise of Solarwinds Orion Network Management Products (CISA)
  19. cyber.dhs.gov - Emergency Directive 21 (01)
  20. Active Exploitation of SolarWinds Software (CISA)
  21. Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor (fireeye)

Published 2020-12-12

  1. Behavior:Win32/Solorigate.C!dha threat description (Microsoft Security Intelligence)

Published 2020-12-09

  1. FireEye cybersecurity tools compromised in state-sponsored attack (Verge)
  2. Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown (jewels hacking tools • The Register)

Published 2020-12-08

  1. Unauthorized Access of FireEye Red Team Tools (Mandiant)
  2. red_team_tool_countermeasures/CVEs_red_team_tools.md at master · fireeye/red_team_tool_countermeasures (GitHub)
  3. Unauthorized Access of FireEye Red Team Tools (fireeye)
  4. U.S. Cyber Firm FireEye Says It Was Breached by Nation-State Hackers (WSJ)
  5. FireEye reveals that it was hacked by a nation state APT group
  6. Chairman Schiff Statement on FireEye Hack (Permanent Select Committee on Intelligence)

Published 2020-12-07

  1. US think tank breached three times in a row by SolarWinds hackers
  2. Russian State (Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials)

Published 2020-12-03

  1. VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address command injection vulnerability

Published 2020-12-01

  1. Agencies Need to Improve Implementation of Federal Approach to Securing Systems and Protecting against Intrusions

Published 2020-11-30

  1. Azure-Sentinel/ProcessEntropy.yaml at master · Azure/Azure (Sentinel · GitHub)

Published 2020-11-21

  1. SolarWinds Adviser Warned of Lax Security Years Before Hack (Bloomberg)
  2. Ex (SolarWinds Adviser Warned Company of Security Issues in 2017: 'Incredibly Easy Target to Hack')

Published 2020-11-13

  1. Suspected Russian hackers spied on U.S. Treasury emails - sources (Reuters)

Published 2020-11-02

  1. U.S. Cyber Command Expands Operations to Hunt Hackers From Russia, Iran and China (nyt)

Published 2020-10-20

  1. Trump ‘Nobody Gets Hacked’ Video Goes Viral

Published 2020-09-25

  1. Commit Virtual 2020: How to Build a Compromise Resilient CI/CD (YouTube)

Published 2020-09-21

  1. CISA orders agencies to quickly patch critical Netlogon bug (CyberScoop)

Published 2020-08-24

  1. Securing Active Directory: Performing an Active Directory Security Review

Published 2020-08-01

  1. Cloud Security: A Primer for Policymakers (Carnegie Endowment for International Peace)

Published 2020-07-24

  1. Who is behind APT29? What we know about this nation-state cybercrime group (The Daily Swig)

Published 2020-06-28

  1. Solarwinds : Security vulnerabilities

Published 2020-06-03

  1. Secure Publication of Datadog Agent Integrations With TUF and In-Toto (Datadog)

Published 2020-05-26

  1. Create a Log Analytics workspace in the Azure portal - Azure Monitor (Microsoft Docs)

Published 2020-03-12

  1. Operationalizing Defend Forward: How the Concept Works to Change Adversary Behavior (Lawfare)

Published 2020-02-02

  1. Chinese Hackers Exploit SolarWinds To Steal Federal Payroll Info: Report

Published 2020-01-26

  1. The SolarWinds Breach Is Shaking Up Incident Response

Published 2020-01-15

  1. solarleaks

Published 2020-01-09

  1. Why Solarwinds Hack didn't succeed for Comodo Customers? Post

Published 2020-01-05

  1. The SolarWinds Attack: Why Israeli Companies Should Pay Attention (Lexology)

Published 2019-09-03

  1. Azure-Sentinel/uncommon_processes.yaml at master · Azure/Azure (Sentinel · GitHub)

Published 2019-08-19

  1. in-toto: Providing farm-to (table guarantees for bits and bytes)

Published 2019-07-31

  1. ADP 3 (28 Defense Support of Civil Authories)

Published 2019-06-12

  1. SolarWinds Achieves SOC 2 Type II Certification (Orange Matter)

Published 2019-06-01

  1. CYBER CONFLICT DATASET

Published 2019-05-07

  1. U.S. Cyber Command Bolsters Allied Defenses to Impose Cost on Moscow (nyt)

Published 2019-04-11

  1. Austin's SolarWinds buying N.C. (based IT company for $350 million)

Published 2019-03-20

  1. I'm in your cloud, reading everyone's emails (hacking Azure AD via Active Directory)

Published 2019-02-28

  1. Text - S.592 - 116th Congress (2019-2020): Cybersecurity Disclosure Act of 2019 | Congress.gov (Library of Congress)

Published 2019-01-23

  1. Find cloud account credentials

Published 2018-12-01

  1. Agencies Need to Improve Implementation of Federal Approach to Securing Systems and Protecting against Intrusions

Published 2018-11-18

  1. How to create a backdoor to Azure AD (part 1: Identity federation)

Published 2018-10-26

  1. Fun with SolarWinds Orion Cryptography — Atredis Partners

Published 2018-10-23

  1. U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections (nyt)

Published 2016-12-06

  1. CJ03 Solar Flare Pulling apart SolarWinds ORION Rob Fuller (YouTube)

Published 2016-07-26

  1. Presidential Policy Directive -- United States Cyber Incident Coordination (whitehouse.gov)

Published 2016-03-25

  1. Cyber Defense Triad For Where Security Matters | November 2016 (CACM)

Published 2016-03-23

  1. 99 Problems but Two-Factor Ain’t One (fireeye)

Published 2014-12-03

  1. The Art of Finding Cyber-Dinosaur Skeletons (Securelist)