SolarWinds Articles
Updated 2024-01-20 05:49zZ
The vector or vectors used in the attack (327 articles)
-
Microsoft: Hackers Exploiting New SolarWinds Serv (U Bug Related to Log4j Attacks)
-
SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks (tpost)
-
SolarWinds Attacker Targets Cloud Service Providers in New Supply Chain Threat
-
SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor (tpost)
-
How one red team exercise averted a new SolarWinds (style attack)
-
Russia (Linked Nobelium Deploying New 'FoggyWeb' Malware)
-
Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (SecurityWeek.Com)
-
SolarWinds hackers Nobelium spotted using a new backdoor
-
New malware from SolarWinds attackers leaves behind a backdoor (TechRadar)
-
Microsoft warning: This malware creates a 'persistent' backdoor for hackers (ZDNet)
-
SolarWinds attackers drop 'FoggyWeb' backdoor on AD SSO servers - Security - Software (iTnews)
-
This Week In Security: Ghoscript In Imagemagick, Solarwinds, And DHCP Shenanigans (Hackaday)
-
Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack (News Nation USA)
-
A deep-dive into the SolarWinds Serv-U SSH vulnerability (Microsoft Security Blog)
-
Experts Uncover Several C&C Servers Linked to WellMess Malware (News Nation USA)
-
Podcast: Why Securing Active Directory Is a Nightmare (tpost)
-
Three new security plunders: Microsoft said it’s the same group behind SolarWinds hack
-
Solar Winds Hackers Continue To Cause Grief (Cyber Security Hub)
-
Microsoft Customers Warned of Targeted Scams by NOBELLIUM (Data Privacy + Cybersecurity Insider)
-
NSA discloses hacking methods it says are used by Russia (The Seattle Times)
-
SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (NY Press News)
-
SolarWinds Investigation Leads Microsoft to Another Security Breach Discovery (FindBiometrics)
-
Microsoft: malicious cyber group Nobelium tried to attack entities in 36 countries (Israel Defense)
-
SolarWinds Hackers Continue Assault With a New Microsoft Breach (Forbes Alert)
-
BreachExchange: SolarWinds hackers breach Microsoft support agent to target customers
-
Nobelium, After SolarWinds, Has Now Hit Microsoft (Cyberintel Magazine)
-
Details of basic customers attacked by Microsoft support agents and SolarWinds attackers (Fuentitech)
-
SolarWinds hack: Microsoft says new breach discovered during SolarWinds hack probe (The Economic Times)
-
Microsoft Signed Malware That Spreads Through Gaming (tpost)
-
Microsoft uncovers new breach while investigating SolarWinds hackers, Digital News (AsiaOne)
-
The SolarWinds hackers are attacking again. (Aluria Tech)
-
Microsoft customer support hacked in new campaign by APT29
-
Microsoft Tracks Attack Campaign Against Customer ...
-
Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)
-
Russian hackers breached Microsoft customer support to try phishing targets in 36 countries
-
Microsoft’s customer support targeted by SolarWinds hackers
-
Microsoft Discovers New Attacks by SolarWinds Group, Including One Against Its Own Agent - by Cynthia Brumfield (Metacurity)
-
Microsoft says hackers who compromised SolarWinds breached three new victims
-
SolarWinds hackers attack Microsoft, shocking security analysts (Techzine Europe)
-
Microsoft says new breach discovered in probe of suspected SolarWinds hackers (The Star Phoenix)
-
Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Regina Leader Post)
-
Microsoft (NASDAQ:MSFT) customers compromised in a cyberattack
-
Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)
-
SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (The Cyber Security News)
-
Microsoft says new breach was discovered in probe by suspected SolarWinds hackers by Reuters (My Blog)
-
Microsoft says its own customer support tools were compromised by SolarWinds hackers (TechNewsBoy.com)
-
SolarWinds hackers breach new victims, including a Microsoft support agent (HITBSecNews)
-
Microsoft Says SolarWinds Hackers Attacked Three in New Breach (usnewsmail)
-
SolarWinds hackers break into new victims, including Microsoft support agents (Fuentitech)
-
SolarWinds Hackers Accessed Microsoft Customer Service Tools (Teller Report)
-
Microsoft Corporation (NASDAQ:MSFT) - Microsoft Says Its Customer Support Tools, Users' Information Were Exploited By The Hackers Behind SolarWinds (Benzinga)
-
Microsoft says a new breach was discovered in a suspected investigation into SolarWinds hackers (India News Republic)
-
Microsoft admits to signing rootkit malware in supply-chain fiasco (Business Standard News)
-
SolarWinds hackers attack new victims, including Microsoft support agent – . (FR24 News English)
-
SolarWinds hackers breach new victims, including a Microsoft support agent – Ars Technica (Million Dollar Business Blog)
-
SolarWinds Hackers Breach New Victims, Including Microsoft Support Agent (Salesground)
-
SolarWinds hackers breach new victims, together with a Microsoft help agent (EAUC News)
-
Microsoft claims its own customer support tools have been compromised by SolarWinds hackers – . (FR24 News English)
-
Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Netscape Money & Business)
-
Microsoft Discloses New Customer Hack Linked to SolarWinds Cyberattackers (WSJ)
-
SolarWinds hackers breach new victims, including a Microsoft support agent (ars)
-
Microsoft: Russia (linked SolarWinds hackers breached three new entitiesSecurity Affairs)
-
Microsoft reports previously undetected security breach while investigating SolarWinds hack — RT USA News
-
Microsoft says its own customer support tools were compromised by SolarWinds hackers (Sports Grind Entertainment)
-
SolarWinds backdoor gang pwns Microsoft support agent to turn sights on customers (Register)
-
Microsoft says its own customer support tools were compromised by SolarWinds hackers (Verge)
-
Microsoft says SolarWinds hacking group has breached three new victims (The Record by Recorded Future)
-
Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Reuters)
-
Russian SolarWinds hackers have launched a new campaign using their USAID email address, Microsoft said. (Illinois News Today)
-
What Microsoft officials know about Russian phishing hacks aimed at USAID (Illinois News Today)
-
Russia's Nobelium uses USAID's email system for hacking, according to Microsoft (Illinois News Today)
-
will over solarwinds latest massive phishing
-
U.S. seizes domains used in USAID hack (UPI)
-
US SolarWinds hackers seize domains used in cyber espionage attacks (Jioforme)
-
SolarWind Attackers Launch New Wave Of Phishing Attacks
-
Feds seize two domains used by SolarWinds intruders for malware spear (phishing op • The Register)
-
US seizes 2 domain names used in cyberespionage campaign (The Seattle Times)
-
Justice Department seizes domains used in Nobelium-USAID phishing campaign (ZDNet)
-
NobleBaron (New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs)
-
SolarWinds Threat Actors Behind New Email Attack Campaign
-
U.S. seizes two domains used in cyberattacks that mimicked USAID communications (Nasdaq)
-
SolarWinds hackers launch phishing attack - (GCN)
-
New breach by hackers behind SolarWinds 'mostly unsuccessful', says Microsoft (Secure books)
-
Russian SolarWinds Hacker Launches New Phishing Campaign-Security (Illinois News Today)
-
How SolarWinds Hackers ‘Nobelium’ Used Constant Contact in Mass Phishing Campaign
-
SolarWinds Attackers Launch New Wave Of Nobelium Attacks - Malware News (Malware Analysis, News and Indicators)
-
New Wave of Phishing Attacks: SolarWinds Hackers Target Government and NGOs
-
Russian hackers of SolarWinds back on the attack
-
Nobelium: The SolarWinds Hackers is Back With Another Cyber Attack (secblvd)
-
Solarwinds: 150 companies massively targeted by APT29
-
Another Nobelium Cyberattack (Microsoft On the Issues)
-
New sophisticated email-based attack from NOBELIUM (MS Security)
-
CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached
-
More US agencies potentially hacked, this time with Pulse Secure exploits (ars)
-
NSA: OT Security Guidance in Wake of SolarWinds Attack
-
Another top VPN is reportedly being used to spread the SolarWinds hack
-
APT actors increasingly turn to exploits to launch attacks (ITProPortal)
-
Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (All Tech News)
-
An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)
-
Well (known VPN used to steal credentials on SolarWinds servers)
-
Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)
-
CISA warns of theft of credentials via SolarWinds and PulseSecure VPN
-
CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)
-
CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)
-
Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)
-
SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)
-
SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)
-
Supernova Attack Leveraged SolarWinds, Pulse Secure
-
SolarWinds hacking campaign puts Microsoft in the hot seat
-
Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)
-
Analysts Uncover More Servers Used in SolarWinds Attack
-
Supernova Attack Leveraged SolarWinds, Pulse Secure
-
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)
-
APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network
-
When a Ripple Becomes a Wave: Cyberattack Fallout (secblvd)
-
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (Times News Express)
-
New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
-
Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)
-
CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)
-
CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)
-
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
-
Russian Cyber Threat Defense – Now and Looking Forward (secblvd)
-
cyber.dhs.gov - Emergency Directive 21 (03: pulse secure)
-
US agencies assess Pulse Secure VPN exploitation. New Sunburst infestation found. Facebook shuts down Paletinian spy groups.
-
Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds
-
Cybersecurity expert: If you use SolarWinds, they got you (POWERGRID International)
-
CISA Identifies SUPERNOVA Malware During Incident Response (CISA)
-
CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
-
Cybercriminals get bolder as impact from SolarWinds and ransomware grows (SiliconANGLE)
-
Protecting The Integrity Of The Software Factory
-
iTWire (SolarWinds speaks out, and software dev can never be the same again)
-
SolarWinds hack: the mystery of one of the biggest cyberattacks ever (CyberNews)
-
SolarWinds Experimenting With New Software Build ... (Go Decrypt)
-
Three Vulnerabilities Exposed During SolarWinds Attack & How It Could Have Been Prevented (CPO Magazine)
-
Government Monitoring Won't Stop the Next SolarWinds Campaign, Experts Say (Zero Day)
-
Has Your Organization Been Breached By Solar Winds Malware?
-
SolarWinds (Linked Attackers Target Microsoft 365 ...)
-
Mimecast confirms hackers behind SolarWinds supply chain attack accessed limited amount of customer information (The Daily Swig)
-
What 2020 taught us about the need for deception technology (scmedia)
-
Despite hacks, Biden admin not planning to step up government surveillance (Hindustan Times)
-
Post-SolarWinds, IT departments increase vendor scrutiny (CIO Dive)
-
How Should the U.S. Respond to the SolarWinds and Microsoft Exchange Hacks? (Lawfare)
-
U.S. government to respond to SolarWinds hackers in weeks: senior official
-
Retaliation Options: US Cyber Responses To SolarWinds, Exchange Hacks « Breaking Defense (Defense industry news, analysis and commentary)
-
Biden administration to respond in weeks to SolarWinds hackers-senior official | The Mighty 790 KFGO (KFGO)
-
Why embedded devices are the dangerous blind spot in the SolarWinds attack (hill)
-
What the Quad Must Learn From the SolarWinds Hack (The National Interest)
-
FireEye CEO: Reckless Microsoft hack unusual for China | (leadertelegram.com)
-
Why the SolarWinds Hack Is a Wake-Up Call (CoFR)
-
SolarWinds Sunburst backdoor supply chain attack: Why it still matters | Security (ITP.net)
-
Hackers hiding Supernova malware in SolarWinds Orion linked to China
-
China (linked hackers exploited SolarWinds software in 2020 breach, researchers say)
-
The SolarWinds attack and best practices for code (signing)
-
Is it time to adopt an ‘assumed breach’ cyber policy? (BIC Magazine)
-
Latest target for hackers: A popular file-transfer program (WRAL TechWire)
-
EXCLUSIVE: I am Groot - POLITICO: one-on (wine with lead house cyber chair)
-
Casting a wide intrusion net: Dozens burned with single hack
-
Microsoft discovers more malware used by SolarWinds attacker while FireEye finds new backdoor (IT World Canada News)
-
Risky business: 3 timeless approaches to reduce security risk in 2021 (Help Net Security)
-
The March IronNet Threat Intelligence Brief (secblvd)
-
Still more questions than answers on SolarWinds attack - (Defense Systems)
-
How SolarWinds Busted Up Our Assumptions About Code ...
-
A Briefing on the SolarWinds Threat (ACT-IAC)
-
SolarWinds (A Supply Chain Compromise)
-
Hacking group targets organizations via Microsoft server software -researcher | WKZO | Everything Kalamazoo (590 AM · 106.9 FM)
-
Extreme : SolarWinds – A Supply Chain Compromise (MarketScreener)
-
SolarWinds Cyberattack Prompts Calls for Aggressive Countermeasures | The Well News (Pragmatic, Governance, Fiscally Responsible, News & Analysis)
-
NTIA Software Component Transparency (National Telecommunications and Information Administration)
-
SolarWinds security fiasco may have started with simple password blunders (ZDNet)
-
Critical VMware vSphere Vulnerability Is a Must (Patch)
-
CrowdStrike Exec Points to Active Directory 'Structural Problems' in Senate Solorigate Hearing - (Redmondmag.com)
-
The anatomy of the SolarWinds attack chain (ITWeb)
-
Former SolarWinds CEO blames intern for "solarwinds123" password leak (CNNPolitics)
-
SolarWinds Update: Russian Threat-Actor Re (Used Components from Other)
-
First Blackbaud, then SolarWinds. Supply chain cyber (attacks are proliferating – how secure is your business?)
-
SolarWinds Hackers Targeted Cloud Services as a Key Objective (AI Trends)
-
SolarWinds Hack Leaves Entire Industry In Panic (Research Snipers)
-
Google’s been lobbying for more scrutiny into Microsoft’s liability for SolarWinds hack » OnMSFT.com
-
Senate SolarWinds Hearing: 4 Key Issues Raised
-
Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries
-
SolarWinds not the only company used to hack targets, tech execs say at hearing (CNET)
-
SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate | Technology (Guardian)
-
Executives testify SolarWinds hack was of unprecedented scale, scope (UPI)
-
SolarWinds hackers targeted NASA, Federal Aviation Administration networks (TechCrunch)
-
The Anatomy of the SolarWinds Attack Chain
-
The Anatomy of the SolarWinds Attack Chain (secblvd)
-
Opinion (Why Was SolarWinds So Vulnerable to a Hack? - The New York Times)
-
What's Scarier Than the SolarWinds Breach? (secblvd)
-
SolarWinds CEO to Testify at Second Hearing Friday; He Offers Details Now
-
SolarWinds Cyber Attack: February 24 Webinar Will Address Lessons Learned
-
Microsoft wraps SolarWinds probe, nudges companies toward zero trust
-
What financial services should learn from the SolarWinds cyber attack
-
Hiding in Plain Sight: What the SolarWinds Attack ...
-
CyberArk Labs: The Anatomy of the SolarWinds Attack (Techwire)
-
Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)
-
The Solarwinds Hack Is A One Of A Kind And Not The Norm (Information Security Buzz)
-
SolarWinds (style email compromise attacks go mainstream)
-
Suspected Russian Hackers Used U.S. Networks, Official Says (Bloomberg)
-
SolarWinds Hack and the Case of DNS Security (secblvd)
-
France Just Suffered A Very 'Solar Winds' (Like Cyberattack)
-
Microsoft: SolarWinds attack took more than 1,000 engineers to create (ZDNet)
-
France Ties Russia's Sandworm to a Multiyear Hacking Spree (WIRED)
-
On SolarWinds, Supply Chains and Enterprise Networks
-
Symantec Enterprise Podcasts
-
Software supply chain attacks – everything you need to know (The Daily Swig)
-
Our systems weren’t the entry point for SolarWinds attackers, says Microsoft (Channel Daily News)
-
SolarWinds Shines Spotlight on Supply Chain Risks (CSO Online)
-
SolarWinds security to-do list post hack (Utility Dive)
-
SolarWinds CEO: “SolarWinds Orion Development Program was Exploited by the Hackers” - E Hacking News (Latest Hacker News and IT Security News)
-
Microsoft: No Evidence SolarWinds Was Hacked Via Office 365
-
Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
-
Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
-
SolarWinds CEO Confirms Office 365 Email ‘Compromise’ Played Role In Broad (Based Attack)
-
Nearly One (Third of Attack Targets Weren’t Running SolarWinds)
-
Hackers had access to SolarWinds email system for months: report (hill)
-
Chinese threat actor may have exploited SolarWinds. New SolarWinds vulnerabilities reported. Spyware in South Sudan. BEC gift card scams rise.
-
Second SolarWinds Attack Group Breaks into USDA Payroll — Report (tpost)
-
More exploitable flaws found in SolarWinds software, says cybersecurity firm
-
3 New Severe Security Vulnerabilities Found In SolarWinds Software
-
Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says (WSJ)
-
SolarWinds Hackers Cast a Wide Net (BankInfoSecurity)
-
Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say (WSJ)
-
CISA Warns of New Malware Threat to Vulnerable SolarWinds Orion Tech
-
Fidelis Targeted By SolarWinds Hackers After Installing Orion
-
Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access
-
ConnectWise Control MSP Security Vulnerabilities Are ‘Severe:’ Bishop Fox
-
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop (MS Security)
-
SolarWinds Hackers Access Malwarebytes’ Office 365 Emails
-
Injecting a Backdoor into SolarWinds Orion (Schneier)
-
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments - Malwarebytes Labs (Malwarebytes Labs)
-
Malwarebytes said it was hacked by the same group who breached SolarWinds (ZDNet)
-
IOTW: As The SolarWinds Hack Investigation Continues, New Insights Reveal A New Suspect (Cyber Security Hub)
-
Understanding third-party hacks in the aftermath of the SolarWinds breach (Help Net Security)
-
SolarWinds Cyber (Attack Affects Developers and Contractors)
-
Mimecast Says Attackers Stole Certificate, Targeted Customers' Email (Decipher)
-
Mimecast compromised by a threat actor | 2021-01-13 (Security Magazine)
-
Sunspot malware scoured servers for SolarWinds builds to trojanize them
-
5 Things To Know About The Mimecast Hack And Stock Drop
-
SolarWinds Discloses Earlier Evidence of Hack (WSJ)
-
Email security firm Mimecast says hackers hijacked its products to spy on customers (Reuters)
-
The Hack Roundup: SolarWinds Shares Details on How Attackers Inserted Backdoor (Nextgov)
-
SolarWinds: What Hit Us Could Hit Others — Krebs on Security
-
Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News (Latest Hacker News and IT Security News)
-
SolarWinds Malware Arsenal Widens with Raindrop (tpost)
-
Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments (CISA)
-
Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek.Com)
-
CEO Refutes Reports of Involvement in SolarWinds Campaign (Infosecurity Magazine)
-
The SolarWinds Hack
-
FireEye's Mandia: 'Severity (Zero Alert' Led to ...)
-
An Update on SolarWinds (JetBrains Blog)
-
CISA: Hackers access to federal networks without SolarWinds - (FCW)
-
NSA Warns That Russian Hackers Are Targeting Virtual Workspaces (Nextgov)
-
CISA: SolarWinds Hackers Got Into Networks by Guessing Passwords (Nextgov)
-
Implications of Russian Hacking of SolarWinds
-
Department of Justice Statement on Solarwinds Update | OPA (DOJ)
-
Statement on the story from The New York Times regarding JetBrains and SolarWinds (JetBrains Blog)
-
FBI probe of major hack includes project-management software from JetBrains: sources (Reuters)
-
Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)
-
Researchers say cloud deployments of SolarWinds Orion could put API keys at risk (IT World Canada)
-
SolarWinds hack endangering cloud services’ API keys (DevOps Online)
-
Latest on the SVR’s SolarWinds Hack (Schneier)
-
SolarWinds hack may have been a global attack (TechRadar)
-
Microsoft Hacked in Russia-Linked SolarWinds Cyberattack (WSJ)
-
The Real Culprit Behind SolarWinds: Remote Code Execution
-
Golden SAML Revisited: The Solorigate Connection (secblvd)
-
SolarWinds Orion: Fixes Aim to Block Sunburst and Supernova
-
How hacked is hacked? Here’s a ‘hack scale’ to better understand the SolarWinds cyberattacks (GeekWire)
-
SolarWinds releases updated advisory for new SUPERNOVA malware
-
VU#843464 (SolarWinds Orion API authentication bypass allows remote command execution)
-
A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
-
Emergency directive: Global governments issue alert after FireEye hack is linked to SolarWinds supply chain attack (The Daily Swig)
-
Hack of Federal Agencies Shows Cyber Dangers to Supply Chains (WSJ)
-
Microsoft, FireEye confirm SolarWinds supply chain attack (ZDNet)
-
Russians Are Believed to Have Used Microsoft Resellers in Cyberattacks (nyt)
-
Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)
-
SolarWinds Hack Infected Critical Infrastructure
-
Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)
-
List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors
-
Massive data breach may have been discovered due to 'unforced error' by suspected Russian hackers (CNNPolitics)
-
Bloodhound walkthrough. A Tool for Many Tradecrafts (Pen Test Partners)
-
Infosec pros warned of second SolarWinds Orion vulnerability (IT World Canada News)
-
VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
-
Microsoft: A 2nd Group May Have Also Breached SolarWinds
-
Advisory for SolarWinds Orion Vulnerabilities (secblvd)
-
Trump's reluctance to name Russia in SolarWinds hack will hamper recovery (Axios)
-
A second hacking group has targeted SolarWinds systems (ZDNet)
-
CISA warns that SolarWinds software may not be only entry point in latest breaches - (GCN)
-
Mitigating Cloud Supply-chain Risk: Office 365 and Azure Exploited in Massive U.S. Government Hack (CipherCloud)
-
VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
-
NSA on Authentication Hacks (Related to SolarWinds Breach) (Schneier)
-
Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)
-
Erlang Authenticated Remote Code Execution :: malicious.link — welcome
-
VMware Flaw a Vector in SolarWinds Breach? — Krebs on Security
-
VMware Flaw Used To Hit Choice Targets In SolarWinds Hack: Report
-
Hackers last year conducted a 'dry run' of SolarWinds breach
-
Feds: SolarWinds Attack ‘Poses a Grave Risk’ To Government, Business
-
Supply Chain Attack: CISA Warns of New Initial Attack Vectors Posing 'Grave Risk' (SecurityWeek.Com)
-
SolarWinds, GitHub Leaks and Securing the Software Supply Chain (secblvd)
-
CISA: SolarWinds Not the Only Initial Attack Vector ...
-
The SolarWinds Orion SUNBURST supply-chain Attack (TRUESEC Blog)
-
Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations (CISA)
-
SolarWinds Exposed GitHub Repository Publicly since 2018
-
Federal Agencies, Think Tank Targeted in Russian Hacking Spree
-
Sunburst Trojan (What You Need to Know)
-
New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor
-
SolarWinds said no other products were compromised in recent hack (ZDNet)
-
How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication (Schneier)
-
Suspected Russian Cyberattack Began With Ubiquitous Software Company (WSJ)
-
Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk
-
Hackers used SolarWinds' dominance against it in sprawling spy campaign (Reuters)
-
CISA Warns Agencies of SolarWinds Orion Compromise via Emergency Directive (gcwire)
-
Lessons on Identity Security From Recent High (Profile Breaches)
-
Microsoft’s Role In SolarWinds Breach Comes Under Scrutiny
-
Giant U.S. Computer Security Breach Exploited Very Common Software (Scientific American)
-
SolarWinds' Update Server Could Be Accessed in 2019 Using Password 'solarwinds123': Report
-
The SolarWinds Breach: Why Your Work Computers Are Down Today (Lawfare)
-
Catching Bloodhound Before it Bites (CrowdStrike)
-
SolarWinds Exposed FTP Credentials Publicly in a Github Repo
-
U.S. Agencies Hacked in Foreign Cyber Espionage Campaign Linked to Russia (WSJ)
-
SolarWinds CyberAttack and FireEye Red Team Tools Coverage
-
red_team_tool_countermeasures/CVEs_red_team_tools.md at master · fireeye/red_team_tool_countermeasures (GitHub)
-
US think tank breached three times in a row by SolarWinds hackers
-
Russian State (Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials)
-
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address command injection vulnerability
-
Agencies Need to Improve Implementation of Federal Approach to Securing Systems and Protecting against Intrusions
-
I'm in your cloud, reading everyone's emails (hacking Azure AD via Active Directory)
-
How to create a backdoor to Azure AD (part 1: Identity federation)