Cloud vector involvement

Retrieved 2021-05-26

Biden’s Cybersecurity EO: The Wrong Issues (tpost)

Retrieved 2021-05-16

SolarWinds breach exposes hybrid multicloud security weaknesses (VentureBeat)

SolarWinds breach exposes hybrid multicloud security weaknesses (DNyuz)

SolarWinds breach exposes hybrid multicloud security weaknesses (Public News)

Retrieved 2021-05-13

Microsoft's new security feature locks hackers out with GPS (ZDNet)

Retrieved 2021-05-12

CISA to pilot secure cloud instance in response to SolarWinds attack (FRN)

Retrieved 2021-04-22

Cisco CEO Chuck Robbins: Moving To The Cloud Alone Isn’t A Security Cure (All)

Retrieved 2021-04-12

Satya Nadella: SolarWinds Hack Underscores Need For ‘Moving To The Cloud’

Retrieved 2021-04-09

Satya Nadella: SolarWinds Hack Underscores Need For ‘Moving To The Cloud’

Retrieved 2021-04-01

SolarWinds Hack Demonstrates Need for Cloud Security

Retrieved 2021-03-31

Revelations About Securing Hybrid Cloud Environments Post-SolarWinds (secblvd)

Retrieved 2021-03-25

What was so striking to Microsoft’s president about SolarWinds and Exchange Server attacks? (CyberNews)

Retrieved 2021-03-22

The ‘Frankencloud’ model is our biggest security risk (TechCrunch)

Retrieved 2021-03-19

SolarWinds-Linked Attackers Target Microsoft 365 ... (PG-Intel)

Retrieved 2021-03-15

Michael Dell: Public Cloud Isn’t More Secure Than On (Premise)

Retrieved 2021-03-11

Be on the Lookout: Impact of SolarWinds Orion Compromise on

Retrieved 2021-03-08

Microsoft: Microsoft failed to shore up defenses that could have limited SolarWinds hack (U.S. senator, Telecom News, ET Telecom)

Retrieved 2021-03-04

What’s the message about Cloud Contracts since AWS declined to testify to the Senate about SolarWinds? | Blogs | Internet, IT & e-Discovery Blog (Foley & Lardner LLP)

Retrieved 2021-03-03

Cloud Vs On (premise Debate Flares Up In The Wake Of Solarwinds Attack)

CISA Official Calls for Update of Identity Management Guidance in Wake of SolarWinds Compromise (Nextgov)

Retrieved 2021-03-02

AWS Used By Bad Guys: SolarWinds Hackers Used Elastic Compute Cloud (CTOvision.com)

Retrieved 2021-03-01

iTWire (Microsoft chief's claims on cloud security result in sharp rejoinder)

What the SolarWinds Attacks Mean for Cloud Data Protection - (Redmondmag.com)

Cloud (based dev teams must shift security left to avoid fate of SolarWinds)

Retrieved 2021-02-28

SolarWinds hack pits Microsoft against Dell, IBM over how companies store data

Retrieved 2021-02-27

SolarWinds Hack Pits Microsoft Against Dell, IBM Over How Companies Store Data (WSJ)

iTWire (John Capobianco)

Retrieved 2021-02-25

SolarWinds Hackers Targeted Cloud Services as a Key Objective  (AI Trends)

AWS: SolarWinds Hackers Used Our Elastic Compute Cloud

US senator claims Microsoft failed to fix cloud holes before SolarWinds hack - Security (iTnews)

AWS: SolarWinds hackers used our elastic compute cloud - Security (CRN Australia)

Retrieved 2021-02-08

A Key Step in Preventing a Future SolarWinds (Just Security)

Retrieved 2021-02-02

GitHub (cisagov/Sparrow: Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.)

Retrieved 2021-01-26

Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access

Retrieved 2021-01-21

Takeaways for Microsoft cloud customers and partners after the SolarWinds breach (MSCloudNews)

Retrieved 2021-01-18

Google Cloud: We do use some SolarWinds, but we weren't affected by mega hack (ZDNet)

Retrieved 2021-01-15

Google’s approach to secure software development and supply chain risk management (Google Cloud Blog)

Retrieved 2021-01-14

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender (MS Security)

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender (MS Security)

Retrieved 2021-01-13

SolarWinds: Between The Clouds (secblvd)

Retrieved 2021-01-11

Hackers Didn’t Only Use SolarWinds to Break In, Says CISA (secblvd)

Retrieved 2021-01-08

Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments (CISA)

Retrieved 2021-01-05

SolarWinds hack endangering cloud services’ API keys (DevOps Online)

Researchers say cloud deployments of SolarWinds Orion could put API keys at risk (IT World Canada)

Retrieved 2021-01-04

SolarWinds hack poses risk to cloud services' API keys and IAM identities

Retrieved 2020-12-30

Learning from SolarWinds: Five steps to fortify your cloud supply chain | Article (Compliance Week)

Retrieved 2020-12-23

How the SolarWinds hackers are targeting cloud services in unprecedented cyberattack (GeekWire)

Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)

Cloud infrastructure is not immune from the SolarWinds Orion breach (secblvd)

Retrieved 2020-12-18

Protecting Microsoft 365 from on-premises attacks (Microsoft Tech Community)

Mitigating Cloud Supply-chain Risk: Office 365 and Azure Exploited in Massive U.S. Government Hack (CipherCloud)

Retrieved 2020-12-17

Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps

NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources > National Security Agency Central Security Service > Article View

Retrieved 2020-12-15

Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk

Retrieved 2020-08-01

Cloud Security: A Primer for Policymakers (Carnegie Endowment for International Peace)

Retrieved 2019-03-20

I'm in your cloud, reading everyone's emails (hacking Azure AD via Active Directory)

Retrieved 2019-01-23

Find cloud account credentials