SolarWinds Articles

Updated 2024-01-20 05:49zZ

The vector or vectors used in the attack (327 articles)

  1. Microsoft: Hackers Exploiting New SolarWinds Serv (U Bug Related to Log4j Attacks)
  2. SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks (tpost)
  3. SolarWinds Attacker Targets Cloud Service Providers in New Supply Chain Threat
  4. SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor (tpost)
  5. How one red team exercise averted a new SolarWinds (style attack)
  6. Russia (Linked Nobelium Deploying New 'FoggyWeb' Malware)
  7. Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (SecurityWeek.Com)
  8. SolarWinds hackers Nobelium spotted using a new backdoor
  9. New malware from SolarWinds attackers leaves behind a backdoor (TechRadar)
  10. Microsoft warning: This malware creates a 'persistent' backdoor for hackers (ZDNet)
  11. SolarWinds attackers drop 'FoggyWeb' backdoor on AD SSO servers - Security - Software (iTnews)
  12. This Week In Security: Ghoscript In Imagemagick, Solarwinds, And DHCP Shenanigans (Hackaday)
  13. Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack (News Nation USA)
  14. A deep-dive into the SolarWinds Serv-U SSH vulnerability (Microsoft Security Blog)
  15. Experts Uncover Several C&C Servers Linked to WellMess Malware (News Nation USA)
  16. Podcast: Why Securing Active Directory Is a Nightmare (tpost)
  17. Three new security plunders: Microsoft said it’s the same group behind SolarWinds hack
  18. Solar Winds Hackers Continue To Cause Grief (Cyber Security Hub)
  19. Microsoft Customers Warned of Targeted Scams by NOBELLIUM (Data Privacy + Cybersecurity Insider)
  20. NSA discloses hacking methods it says are used by Russia (The Seattle Times)
  21. SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (NY Press News)
  22. SolarWinds Investigation Leads Microsoft to Another Security Breach Discovery (FindBiometrics)
  23. Microsoft: malicious cyber group Nobelium tried to attack entities in 36 countries (Israel Defense)
  24. SolarWinds Hackers Continue Assault With a New Microsoft Breach (Forbes Alert)
  25. BreachExchange: SolarWinds hackers breach Microsoft support agent to target customers
  26. Nobelium, After SolarWinds, Has Now Hit Microsoft (Cyberintel Magazine)
  27. Details of basic customers attacked by Microsoft support agents and SolarWinds attackers (Fuentitech)
  28. SolarWinds hack: Microsoft says new breach discovered during SolarWinds hack probe (The Economic Times)
  29. Microsoft Signed Malware That Spreads Through Gaming (tpost)
  30. Microsoft uncovers new breach while investigating SolarWinds hackers, Digital News (AsiaOne)
  31. The SolarWinds hackers are attacking again. (Aluria Tech)
  32. Microsoft customer support hacked in new campaign by APT29
  33. Microsoft Tracks Attack Campaign Against Customer ...
  34. Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)
  35. Russian hackers breached Microsoft customer support to try phishing targets in 36 countries
  36. Microsoft’s customer support targeted by SolarWinds hackers
  37. Microsoft Discovers New Attacks by SolarWinds Group, Including One Against Its Own Agent - by Cynthia Brumfield (Metacurity)
  38. Microsoft says hackers who compromised SolarWinds breached three new victims
  39. SolarWinds hackers attack Microsoft, shocking security analysts (Techzine Europe)
  40. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (The Star Phoenix)
  41. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Regina Leader Post)
  42. Microsoft (NASDAQ:MSFT) customers compromised in a cyberattack
  43. Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)
  44. SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (The Cyber Security News)
  45. Microsoft says new breach was discovered in probe by suspected SolarWinds hackers by Reuters (My Blog)
  46. Microsoft says its own customer support tools were compromised by SolarWinds hackers (TechNewsBoy.com)
  47. SolarWinds hackers breach new victims, including a Microsoft support agent (HITBSecNews)
  48. Microsoft Says SolarWinds Hackers Attacked Three in New Breach (usnewsmail)
  49. SolarWinds hackers break into new victims, including Microsoft support agents (Fuentitech)
  50. SolarWinds Hackers Accessed Microsoft Customer Service Tools (Teller Report)
  51. Microsoft Corporation (NASDAQ:MSFT) - Microsoft Says Its Customer Support Tools, Users' Information Were Exploited By The Hackers Behind SolarWinds (Benzinga)
  52. Microsoft says a new breach was discovered in a suspected investigation into SolarWinds hackers (India News Republic)
  53. Microsoft admits to signing rootkit malware in supply-chain fiasco (Business Standard News)
  54. SolarWinds hackers attack new victims, including Microsoft support agent – . (FR24 News English)
  55. SolarWinds hackers breach new victims, including a Microsoft support agent – Ars Technica (Million Dollar Business Blog)
  56. SolarWinds Hackers Breach New Victims, Including Microsoft Support Agent (Salesground)
  57. SolarWinds hackers breach new victims, together with a Microsoft help agent (EAUC News)
  58. Microsoft claims its own customer support tools have been compromised by SolarWinds hackers – . (FR24 News English)
  59. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Netscape Money & Business)
  60. Microsoft Discloses New Customer Hack Linked to SolarWinds Cyberattackers (WSJ)
  61. SolarWinds hackers breach new victims, including a Microsoft support agent (ars)
  62. Microsoft: Russia (linked SolarWinds hackers breached three new entitiesSecurity Affairs)
  63. Microsoft reports previously undetected security breach while investigating SolarWinds hack — RT USA News
  64. Microsoft says its own customer support tools were compromised by SolarWinds hackers (Sports Grind Entertainment)
  65. SolarWinds backdoor gang pwns Microsoft support agent to turn sights on customers (Register)
  66. Microsoft says its own customer support tools were compromised by SolarWinds hackers (Verge)
  67. Microsoft says SolarWinds hacking group has breached three new victims (The Record by Recorded Future)
  68. Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Reuters)
  69. Russian SolarWinds hackers have launched a new campaign using their USAID email address, Microsoft said. (Illinois News Today)
  70. What Microsoft officials know about Russian phishing hacks aimed at USAID (Illinois News Today)
  71. Russia's Nobelium uses USAID's email system for hacking, according to Microsoft (Illinois News Today)
  72. will over solarwinds latest massive phishing
  73. U.S. seizes domains used in USAID hack (UPI)
  74. US SolarWinds hackers seize domains used in cyber espionage attacks (Jioforme)
  75. SolarWind Attackers Launch New Wave Of Phishing Attacks
  76. Feds seize two domains used by SolarWinds intruders for malware spear (phishing op • The Register)
  77. US seizes 2 domain names used in cyberespionage campaign (The Seattle Times)
  78. Justice Department seizes domains used in Nobelium-USAID phishing campaign (ZDNet)
  79. NobleBaron (New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs)
  80. SolarWinds Threat Actors Behind New Email Attack Campaign
  81. U.S. seizes two domains used in cyberattacks that mimicked USAID communications (Nasdaq)
  82. SolarWinds hackers launch phishing attack - (GCN)
  83. New breach by hackers behind SolarWinds 'mostly unsuccessful', says Microsoft (Secure books)
  84. Russian SolarWinds Hacker Launches New Phishing Campaign-Security (Illinois News Today)
  85. How SolarWinds Hackers ‘Nobelium’ Used Constant Contact in Mass Phishing Campaign
  86. SolarWinds Attackers Launch New Wave Of Nobelium Attacks - Malware News (Malware Analysis, News and Indicators)
  87. New Wave of Phishing Attacks: SolarWinds Hackers Target Government and NGOs
  88. Russian hackers of SolarWinds back on the attack
  89. Nobelium: The SolarWinds Hackers is Back With Another Cyber Attack (secblvd)
  90. Solarwinds: 150 companies massively targeted by APT29
  91. Another Nobelium Cyberattack (Microsoft On the Issues)
  92. New sophisticated email-based attack from NOBELIUM (MS Security)
  93. CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached
  94. More US agencies potentially hacked, this time with Pulse Secure exploits (ars)
  95. NSA: OT Security Guidance in Wake of SolarWinds Attack
  96. Another top VPN is reportedly being used to spread the SolarWinds hack
  97. APT actors increasingly turn to exploits to launch attacks (ITProPortal)
  98. Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (All Tech News)
  99. An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)
  100. Well (known VPN used to steal credentials on SolarWinds servers)
  101. Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)
  102. CISA warns of theft of credentials via SolarWinds and PulseSecure VPN
  103. CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)
  104. CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)
  105. Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)
  106. SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)
  107. SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)
  108. Supernova Attack Leveraged SolarWinds, Pulse Secure
  109. SolarWinds hacking campaign puts Microsoft in the hot seat
  110. Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)
  111. Analysts Uncover More Servers Used in SolarWinds Attack
  112. Supernova Attack Leveraged SolarWinds, Pulse Secure
  113. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)
  114. APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network
  115. When a Ripple Becomes a Wave: Cyberattack Fallout (secblvd)
  116. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (Times News Express)
  117. New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
  118. Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)
  119. CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)
  120. CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)
  121. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
  122. Russian Cyber Threat Defense – Now and Looking Forward (secblvd)
  123. cyber.dhs.gov - Emergency Directive 21 (03: pulse secure)
  124. US agencies assess Pulse Secure VPN exploitation. New Sunburst infestation found. Facebook shuts down Paletinian spy groups.
  125. Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds
  126. Cybersecurity expert: If you use SolarWinds, they got you (POWERGRID International)
  127. CISA Identifies SUPERNOVA Malware During Incident Response (CISA)
  128. CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
  129. Cybercriminals get bolder as impact from SolarWinds and ransomware grows (SiliconANGLE)
  130. Protecting The Integrity Of The Software Factory
  131. iTWire (SolarWinds speaks out, and software dev can never be the same again)
  132. SolarWinds hack: the mystery of one of the biggest cyberattacks ever (CyberNews)
  133. SolarWinds Experimenting With New Software Build ... (Go Decrypt)
  134. Three Vulnerabilities Exposed During SolarWinds Attack & How It Could Have Been Prevented (CPO Magazine)
  135. Government Monitoring Won't Stop the Next SolarWinds Campaign, Experts Say (Zero Day)
  136. Has Your Organization Been Breached By Solar Winds Malware?
  137. SolarWinds (Linked Attackers Target Microsoft 365 ...)
  138. Mimecast confirms hackers behind SolarWinds supply chain attack accessed limited amount of customer information (The Daily Swig)
  139. What 2020 taught us about the need for deception technology (scmedia)
  140. Despite hacks, Biden admin not planning to step up government surveillance (Hindustan Times)
  141. Post-SolarWinds, IT departments increase vendor scrutiny (CIO Dive)
  142. How Should the U.S. Respond to the SolarWinds and Microsoft Exchange Hacks?  (Lawfare)
  143. U.S. government to respond to SolarWinds hackers in weeks: senior official
  144. Retaliation Options: US Cyber Responses To SolarWinds, Exchange Hacks « Breaking Defense (Defense industry news, analysis and commentary)
  145. Biden administration to respond in weeks to SolarWinds hackers-senior official | The Mighty 790 KFGO (KFGO)
  146. Why embedded devices are the dangerous blind spot in the SolarWinds attack  (hill)
  147. What the Quad Must Learn From the SolarWinds Hack (The National Interest)
  148. FireEye CEO: Reckless Microsoft hack unusual for China | (leadertelegram.com)
  149. Why the SolarWinds Hack Is a Wake-Up Call (CoFR)
  150. SolarWinds Sunburst backdoor supply chain attack: Why it still matters | Security (ITP.net)
  151. Hackers hiding Supernova malware in SolarWinds Orion linked to China
  152. China (linked hackers exploited SolarWinds software in 2020 breach, researchers say)
  153. The SolarWinds attack and best practices for code (signing)
  154. Is it time to adopt an ‘assumed breach’ cyber policy? (BIC Magazine)
  155. Latest target for hackers: A popular file-transfer program (WRAL TechWire)
  156. EXCLUSIVE: I am Groot - POLITICO: one-on (wine with lead house cyber chair)
  157. Casting a wide intrusion net: Dozens burned with single hack
  158. Microsoft discovers more malware used by SolarWinds attacker while FireEye finds new backdoor (IT World Canada News)
  159. Risky business: 3 timeless approaches to reduce security risk in 2021 (Help Net Security)
  160. The March IronNet Threat Intelligence Brief (secblvd)
  161. Still more questions than answers on SolarWinds attack - (Defense Systems)
  162. How SolarWinds Busted Up Our Assumptions About Code ...
  163. A Briefing on the SolarWinds Threat (ACT-IAC)
  164. SolarWinds (A Supply Chain Compromise)
  165. Hacking group targets organizations via Microsoft server software -researcher | WKZO | Everything Kalamazoo (590 AM · 106.9 FM)
  166. Extreme : SolarWinds – A Supply Chain Compromise (MarketScreener)
  167. SolarWinds Cyberattack Prompts Calls for Aggressive Countermeasures | The Well News (Pragmatic, Governance, Fiscally Responsible, News & Analysis)
  168. NTIA Software Component Transparency (National Telecommunications and Information Administration)
  169. SolarWinds security fiasco may have started with simple password blunders (ZDNet)
  170. Critical VMware vSphere Vulnerability Is a Must (Patch)
  171. CrowdStrike Exec Points to Active Directory 'Structural Problems' in Senate Solorigate Hearing - (Redmondmag.com)
  172. The anatomy of the SolarWinds attack chain (ITWeb)
  173. Former SolarWinds CEO blames intern for "solarwinds123" password leak (CNNPolitics)
  174. SolarWinds Update: Russian Threat-Actor Re (Used Components from Other)
  175. First Blackbaud, then SolarWinds. Supply chain cyber (attacks are proliferating – how secure is your business?)
  176. SolarWinds Hackers Targeted Cloud Services as a Key Objective  (AI Trends)
  177. SolarWinds Hack Leaves Entire Industry In Panic (Research Snipers)
  178. Google’s been lobbying for more scrutiny into Microsoft’s liability for SolarWinds hack » OnMSFT.com
  179. Senate SolarWinds Hearing: 4 Key Issues Raised
  180. Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries
  181. SolarWinds not the only company used to hack targets, tech execs say at hearing (CNET)
  182. SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate | Technology (Guardian)
  183. Executives testify SolarWinds hack was of unprecedented scale, scope (UPI)
  184. SolarWinds hackers targeted NASA, Federal Aviation Administration networks (TechCrunch)
  185. The Anatomy of the SolarWinds Attack Chain
  186. The Anatomy of the SolarWinds Attack Chain (secblvd)
  187. Opinion (Why Was SolarWinds So Vulnerable to a Hack? - The New York Times)
  188. What's Scarier Than the SolarWinds Breach? (secblvd)
  189. SolarWinds CEO to Testify at Second Hearing Friday; He Offers Details Now
  190. SolarWinds Cyber Attack: February 24 Webinar Will Address Lessons Learned
  191. Microsoft wraps SolarWinds probe, nudges companies toward zero trust
  192. What financial services should learn from the SolarWinds cyber attack
  193. Hiding in Plain Sight: What the SolarWinds Attack ...
  194. CyberArk Labs: The Anatomy of the SolarWinds Attack (Techwire)
  195. Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)
  196. The Solarwinds Hack Is A One Of A Kind And Not The Norm (Information Security Buzz)
  197. SolarWinds (style email compromise attacks go mainstream)
  198. Suspected Russian Hackers Used U.S. Networks, Official Says (Bloomberg)
  199. SolarWinds Hack and the Case of DNS Security (secblvd)
  200. France Just Suffered A Very 'Solar Winds' (Like Cyberattack)
  201. Microsoft: SolarWinds attack took more than 1,000 engineers to create (ZDNet)
  202. France Ties Russia's Sandworm to a Multiyear Hacking Spree (WIRED)
  203. On SolarWinds, Supply Chains and Enterprise Networks
  204. Symantec Enterprise Podcasts
  205. Software supply chain attacks – everything you need to know (The Daily Swig)
  206. Our systems weren’t the entry point for SolarWinds attackers, says Microsoft (Channel Daily News)
  207. SolarWinds Shines Spotlight on Supply Chain Risks (CSO Online)
  208. SolarWinds security to-do list post hack (Utility Dive)
  209. SolarWinds CEO: “SolarWinds Orion Development Program was Exploited by the Hackers” - E Hacking News (Latest Hacker News and IT Security News)
  210. Microsoft: No Evidence SolarWinds Was Hacked Via Office 365
  211. Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
  212. Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
  213. SolarWinds CEO Confirms Office 365 Email ‘Compromise’ Played Role In Broad (Based Attack)
  214. Nearly One (Third of Attack Targets Weren’t Running SolarWinds)
  215. Hackers had access to SolarWinds email system for months: report (hill)
  216. Chinese threat actor may have exploited SolarWinds. New SolarWinds vulnerabilities reported. Spyware in South Sudan. BEC gift card scams rise.
  217. Second SolarWinds Attack Group Breaks into USDA Payroll — Report (tpost)
  218. More exploitable flaws found in SolarWinds software, says cybersecurity firm
  219. 3 New Severe Security Vulnerabilities Found In SolarWinds Software
  220. Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says (WSJ)
  221. SolarWinds Hackers Cast a Wide Net (BankInfoSecurity)
  222. Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say (WSJ)
  223. CISA Warns of New Malware Threat to Vulnerable SolarWinds Orion Tech
  224. Fidelis Targeted By SolarWinds Hackers After Installing Orion
  225. Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access
  226. ConnectWise Control MSP Security Vulnerabilities Are ‘Severe:’ Bishop Fox
  227. Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop (MS Security)
  228. SolarWinds Hackers Access Malwarebytes’ Office 365 Emails
  229. Injecting a Backdoor into SolarWinds Orion (Schneier)
  230. Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments - Malwarebytes Labs (Malwarebytes Labs)
  231. Malwarebytes said it was hacked by the same group who breached SolarWinds (ZDNet)
  232. IOTW: As The SolarWinds Hack Investigation Continues, New Insights Reveal A New Suspect (Cyber Security Hub)
  233. Understanding third-party hacks in the aftermath of the SolarWinds breach (Help Net Security)
  234. SolarWinds Cyber (Attack Affects Developers and Contractors)
  235. Mimecast Says Attackers Stole Certificate, Targeted Customers' Email (Decipher)
  236. Mimecast compromised by a threat actor | 2021-01-13 (Security Magazine)
  237. Sunspot malware scoured servers for SolarWinds builds to trojanize them
  238. 5 Things To Know About The Mimecast Hack And Stock Drop
  239. SolarWinds Discloses Earlier Evidence of Hack (WSJ)
  240. Email security firm Mimecast says hackers hijacked its products to spy on customers (Reuters)
  241. The Hack Roundup: SolarWinds Shares Details on How Attackers Inserted Backdoor (Nextgov)
  242. SolarWinds: What Hit Us Could Hit Others — Krebs on Security
  243. Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News (Latest Hacker News and IT Security News)
  244. SolarWinds Malware Arsenal Widens with Raindrop (tpost)
  245. Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments (CISA)
  246. Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek.Com)
  247. CEO Refutes Reports of Involvement in SolarWinds Campaign (Infosecurity Magazine)
  248. The SolarWinds Hack
  249. FireEye's Mandia: 'Severity (Zero Alert' Led to ...)
  250. An Update on SolarWinds (JetBrains Blog)
  251. CISA: Hackers access to federal networks without SolarWinds - (FCW)
  252. NSA Warns That Russian Hackers Are Targeting Virtual Workspaces (Nextgov)
  253. CISA: SolarWinds Hackers Got Into Networks by Guessing Passwords (Nextgov)
  254. Implications of Russian Hacking of SolarWinds
  255. Department of Justice Statement on Solarwinds Update | OPA (DOJ)
  256. Statement on the story from The New York Times regarding JetBrains and SolarWinds (JetBrains Blog)
  257. FBI probe of major hack includes project-management software from JetBrains: sources (Reuters)
  258. Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)
  259. Researchers say cloud deployments of SolarWinds Orion could put API keys at risk (IT World Canada)
  260. SolarWinds hack endangering cloud services’ API keys (DevOps Online)
  261. Latest on the SVR’s SolarWinds Hack (Schneier)
  262. SolarWinds hack may have been a global attack (TechRadar)
  263. Microsoft Hacked in Russia-Linked SolarWinds Cyberattack (WSJ)
  264. The Real Culprit Behind SolarWinds: Remote Code Execution
  265. Golden SAML Revisited: The Solorigate Connection (secblvd)
  266. SolarWinds Orion: Fixes Aim to Block Sunburst and Supernova
  267. How hacked is hacked? Here’s a ‘hack scale’ to better understand the SolarWinds cyberattacks (GeekWire)
  268. SolarWinds releases updated advisory for new SUPERNOVA malware
  269. VU#843464 (SolarWinds Orion API authentication bypass allows remote command execution)
  270. A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
  271. Emergency directive: Global governments issue alert after FireEye hack is linked to SolarWinds supply chain attack (The Daily Swig)
  272. Hack of Federal Agencies Shows Cyber Dangers to Supply Chains (WSJ)
  273. Microsoft, FireEye confirm SolarWinds supply chain attack (ZDNet)
  274. Russians Are Believed to Have Used Microsoft Resellers in Cyberattacks (nyt)
  275. Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)
  276. SolarWinds Hack Infected Critical Infrastructure
  277. Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)
  278. List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors
  279. Massive data breach may have been discovered due to 'unforced error' by suspected Russian hackers (CNNPolitics)
  280. Bloodhound walkthrough. A Tool for Many Tradecrafts (Pen Test Partners)
  281. Infosec pros warned of second SolarWinds Orion vulnerability (IT World Canada News)
  282. VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
  283. Microsoft: A 2nd Group May Have Also Breached SolarWinds
  284. Advisory for SolarWinds Orion Vulnerabilities (secblvd)
  285. Trump's reluctance to name Russia in SolarWinds hack will hamper recovery (Axios)
  286. A second hacking group has targeted SolarWinds systems (ZDNet)
  287. CISA warns that SolarWinds software may not be only entry point in latest breaches - (GCN)
  288. Mitigating Cloud Supply-chain Risk: Office 365 and Azure Exploited in Massive U.S. Government Hack (CipherCloud)
  289. VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
  290. NSA on Authentication Hacks (Related to SolarWinds Breach) (Schneier)
  291. Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)
  292. Erlang Authenticated Remote Code Execution :: malicious.link — welcome
  293. VMware Flaw a Vector in SolarWinds Breach? — Krebs on Security
  294. VMware Flaw Used To Hit Choice Targets In SolarWinds Hack: Report
  295. Hackers last year conducted a 'dry run' of SolarWinds breach
  296. Feds: SolarWinds Attack ‘Poses a Grave Risk’ To Government, Business
  297. Supply Chain Attack: CISA Warns of New Initial Attack Vectors Posing 'Grave Risk' (SecurityWeek.Com)
  298. SolarWinds, GitHub Leaks and Securing the Software Supply Chain (secblvd)
  299. CISA: SolarWinds Not the Only Initial Attack Vector ...
  300. The SolarWinds Orion SUNBURST supply-chain Attack (TRUESEC Blog)
  301. Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations (CISA)
  302. SolarWinds Exposed GitHub Repository Publicly since 2018
  303. Federal Agencies, Think Tank Targeted in Russian Hacking Spree
  304. Sunburst Trojan (What You Need to Know)
  305. New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor
  306. SolarWinds said no other products were compromised in recent hack (ZDNet)
  307. How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication (Schneier)
  308. Suspected Russian Cyberattack Began With Ubiquitous Software Company (WSJ)
  309. Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk
  310. Hackers used SolarWinds' dominance against it in sprawling spy campaign (Reuters)
  311. CISA Warns Agencies of SolarWinds Orion Compromise via Emergency Directive (gcwire)
  312. Lessons on Identity Security From Recent High (Profile Breaches)
  313. Microsoft’s Role In SolarWinds Breach Comes Under Scrutiny
  314. Giant U.S. Computer Security Breach Exploited Very Common Software (Scientific American)
  315. SolarWinds' Update Server Could Be Accessed in 2019 Using Password 'solarwinds123': Report
  316. The SolarWinds Breach: Why Your Work Computers Are Down Today (Lawfare)
  317. Catching Bloodhound Before it Bites (CrowdStrike)
  318. SolarWinds Exposed FTP Credentials Publicly in a Github Repo
  319. U.S. Agencies Hacked in Foreign Cyber Espionage Campaign Linked to Russia (WSJ)
  320. SolarWinds CyberAttack and FireEye Red Team Tools Coverage
  321. red_team_tool_countermeasures/CVEs_red_team_tools.md at master · fireeye/red_team_tool_countermeasures (GitHub)
  322. US think tank breached three times in a row by SolarWinds hackers
  323. Russian State (Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials)
  324. VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address command injection vulnerability
  325. Agencies Need to Improve Implementation of Federal Approach to Securing Systems and Protecting against Intrusions
  326. I'm in your cloud, reading everyone's emails (hacking Azure AD via Active Directory)
  327. How to create a backdoor to Azure AD (part 1: Identity federation)