About this site

Previous work

Projects

   

   

   

   

   

   

   

   

   

   

Updated 2024-06-14 21:38z 3292 articles

Index by category

  • Articles in chronological order of discovery
  • Articles in chronological order of publication
  • Articles by website, searchable

    • Explain hack

  • Timeline of the attack
  • New policies consideration
  • Hearings request details about hack
  • Duration of attack, recovery

    • Initial vector

  • First vector of attack

    • Best articles

  • Best journalism regarding the attack

    • Legal action

  • Legal action or legislation
  • SolarWinds Stock and associated legal action
  • SEC Investigation

    • Executive Order

  • White House Executive order

    • Technical details

  • Vulnerabilities
  • Protection processes
  • Tools for detection and recovery
  • Cloud vector involvement
  • DNS extraction or circumvention
  • Phishing
  • The vector or vectors used in the attack
  • Active Persistent Threat
  • Detecting the presence of the attack
  • Indicators of Compromise
  • Credentials involved in hack including SAML
  • Tools Techniques and Procedures in the attack
  • Malware used in the attack
  • Attackers still have access to compromised servers
  • Drilldown: Detailed, low-level analysis of malware and TTP
  • Remote code execution

    • Removal

  • How to remove the malware

    • Prevention

  • Zero trust
  • How to prevent attacks
  • Monitoring

    • victims

  • Identifications of the victims of the attack
  • Mimecast
  • Dept of Homeland Security hackers

    • breach

  • Description of the attack
  • Information breached or infrastructure compromised
  • Loss of information such as source code
  • Failure to detect
  • Microsoft agent breached

    • Extent of attack

  • Impact of hack
  • Duration of attack, recovery
  • Extent of attack and recovery effort
  • Cost of recovery

    • Leadership, business issues and response

  • Leadership
  • Government breach or response
  • response
  • Retaliation
  • Discrete actions taken in response to the attack
  • Insurance
  • Transparency regarding hack
  • Considerations of Surveillance
  • Sharing information about hacks
  • Board reform to include security
  • Congressional Hearings
  • Actions responding to attack
  • Reactions to the attack
  • Breach disclosure requirements
  • 60 day sprints announced
  • Funding for remediation and prevention
  • Investment in security
  • Legislslation would establish cybersecurity training
  • Legisltation considered
  • International implicaitons

    • Who is to blame

  • Vendor relevance to hack
  • Rejoinder to vendor's claims
  • Pointing fingers
  • The intern did it

    • Cultural aspects that lead to breaches

  • Culture

    • Analysis of the attack and its impact and remediation

  • Attribution of the attacking actor
  • Strategy for overall remediaton and long term view
  • Remediation
  • Investigation of the vector
  • Analysis of the attack
  • History of attacks
  • Recovery from attack
  • Reproduceable builds or parallel builds
  • Software Bill of Materials and SLSA
  • Supply Chain Risk Warning

    • Marketing and alternatives

  • Alternatives to SolarWinds
  • Mostly Marketing

    • Podcast

  • Video or Audio story

    • Entertainment

  • astronomy

    • Contents copyright Ciexinc.com 2024; All rights reserved
    Cookie policy: This site neither sets nor collects cookies.
    blog1.2.5/pb1.2.7