About this site
Previous work
Projects
Published order
Date 2024-06-14
- Microsoft whistleblower says firm ignored early warnings about flaw exploited in SolarWinds breach (ITPro)
Date 2024-06-13
- Microsoft Refused to Fix Flaw Years Before SolarWinds Hack — ProPublica
- After Recall's mess, Microsoft isn't beating the security loopholes allegation any time soon (MSPoweruser)
- Microsoft Ignored Whistleblower Warnings Before SolarWinds Attack (PCMag)
- Microsoft Security Failures Get Rough Treatment On Capitol Hill
- Microsoft says new security protocols address whistleblower concerns
Date 2024-01-20
- Microsoft executive emails hacked by Russian intelligence group
- Microsoft says Russia-linked group hacked employee emails (The Japan Times)
Date 2023-10-31
- SEC charges SolarWinds with fraud over SUNBURST attacks (Register)
- SolarWinds and CISO accused of fraud, control failures (Help Net Security)
- SEC Charges SolarWinds and CISO With Misleading Investors (Infosecurity Magazine)
Date 2023-06-27
- SEC notice to SolarWinds CISO and CFO roils cybersecurity industry (CSO Online)
Date 2022-02-09
- SEC.gov (Statement on Cybersecurity Risk Management for Investment Advisers, Registered Investment Companies, and Business Development Companies)
- Ten Questions We Hope the Cyber Safety Review Board Answers—and Three It Should Ignore (Lawfare)
Date 2021-12-07
- Rules Committee Print 117 (21; Text of House Amendment to S. 1605)
- SolarWinds Attackers Spotted Using New Tactics, Malware (tpost)
- Shareholders Seek to Hold Current and Former SolarWinds Officials Liable for Massive 2020 Security Breach (Benesch - JDSupra)
Date 2021-12-08
- SolarWinds hack may have been more damaging than previously thought (TechRadar)
- A Year After the SolarWinds Hack, Supply Chain Threats Still Loom (WIRED)
- Reviewing the Biggest Data Breaches of 2021 (secblvd)
- Breach reporting requirement sputters as House passes NDAA (scmedia)
- House Passes NDAA Without Cyber Incident Reporting Legislation (Nextgov)
Date 2021-11-05
- SolarWinds investors allege board knew about cyber risks (Reuters)
- SolarWinds Board Sued by Pension Funds Over Cyberattack (1)
Date 2021-10-08
- Hackers of SolarWinds stole data on U.S. sanctions policy, intelligence probes (Reuters)
- Microsoft: Russia Behind 58% of Detected State (Backed Hacks)
- Nobelium Makes Russia Leader in Cyberattacks (BankInfoSecurity)
- Microsoft Digital Defense Report and Security Intelligence Reports
- Biden signs bill to strengthen K-12 school cybersecurity (hill)
- The SolarWinds hack may have been more damaging than previously thought
Date 2021-10-04
- solarwinds serv (u vulnerabilities and exploits)
Date 2021-09-14
- Venafi Survey: Execs Say Companies Negligent in Protecting Security Software Build Environments Should Face Clear Consequences (bizwire)
- SolarWinds CEO: Breach transparency 'painful' but necessary
Date 2021-09-11
- Wide-ranging SolarWinds probe sparks fear in Corporate America - Security - Software (iTnews)
- The imperative of the U.S. government’s Zero Trust measures (Digital Journal)
Date 2021-09-27
- A multi-party data breach creates 26x the financial damage of single-party breach (Help Net Security)
- Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers
Date 2021-09-26
- SolarWinds CEO talks about protecting IT in the wake of a sunburst (Fuentitech)
- Autodesk reveals it was targeted by Russian SolarWinds hackers | #computerhacking (#hacking - National Cyber Security News Today)
Date 2021-07-24
- After failing to dissuade cyber-attacks, America looks to its friends for help (The Economist)
- SolarWinds Stock Flies Higher after Completing Spin-Off (Millennial Money)
- House GOP calls for Biden to sanction China over hacks
Date 2021-07-13
- SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack (tpost)
- A New Critical SolarWinds Zero-Day Vulnerability Reported (Cyberintel Magazine)
- SolarWinds, Alerted By Microsoft, Patches Serv-U Vulnerability (MSSP Alert)
- New CISA Director Confirmed, W.H. Gains Cyber-Director (tpost)
- Microsoft links Serv-U zero-day attacks to Chinese hacking group (The Record by Recorded Future)
- SolarWinds 0-day gave Chinese hackers privileged access to customer servers (ars)
- New SolarWinds vulnerability under attack: RCE in Serv (U file sharing tool)
- Chinese hacking group DEV-0322 behind Solarwinds Serv (U 0day attacksSecurity Affairs)
Date 2021-07-07
- Russia ‘Cozy Bear’ Breached GOP as Ransomware Attack Hit (wapo)
- Republican National Committee Hack: Russian Cozy Bear Group Breached Computers (Bloomberg)
- Russian hackers targeted Republican National Committee last week, reports say (The Independent)
- RNC says contractor breached in hack, GOP data secure (hill)
- CRN
- Attempted Hack of R.N.C. and Russian Ransomware Attack Test Biden (nyt)
- A cyberattack on the R.N.C. was likely carried out by Russians, posing a challenge for Biden. (nyt)
- Attempted to hack RNC and Russian ransomware attack test Biden (Eminetra)
- Russian Hacker Group Cozy Bear Behind GOP Cyberattack: Reports (Tech Times)
- The fencing built around the Capitol after the Jan. 6 riot is coming down. (nyt)
- SolarWinds and Related Supply Chain Compromise (Federal Energy Regulatory Commission)
- FERC, NERC whitepaper warns of supply (chain risk)
- SolarWinds and Related Supply Chain Compromise
Date 2021-07-01
- Microsoft Customers Warned of Targeted Scams by NOBELLIUM (Data Privacy + Cybersecurity Insider)
Date 2021-07-02
- Solar Winds Hackers Continue To Cause Grief (Cyber Security Hub)
- The Countdown Towards Zero Trust and MFA (Infosecurity Magazine)
- China Likely Outed Soon For Exchange Hacks - Breaking Defense Breaking Defense (Defense industry news, analysis and commentary)
- Understanding Zero Trust in the Cyber Executive Order for Federal Agencies (MeriTalk)
- Debate Heats Up as Senator Prepares to Introduce Incident-Reporting Legislation (Nextgov)
- Denmark's central bank affected by SolarWinds compromise. Notes from the underground. (Publicnewsportal)
- US, UK warn about Russia's brute force cyber campaign (Illinois News Today)
Date 2021-06-25
- Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Reuters)
- Microsoft says SolarWinds hacking group has breached three new victims (The Record by Recorded Future)
- Bipartisan Legislation Would Establish Cybersecurity Literacy Campaign
- Microsoft says its own customer support tools were compromised by SolarWinds hackers (Verge)
- SolarWinds : Cyberattack Generates Recent Widespread SEC Enforcement Requests (MarketScreener)
- Senators propose bill to help tackle cybersecurity workforce shortage (hill)
Date 2021-06-23
- SolarWinds Cyberattack Generates Recent Widespread SEC Enforcement Requests (Troutman Pepper - JDSupra)
- SEC “Sweep” of Public Companies’ & Registrants’ Responses to the SolarWinds Cyberbreach
- SEC Reportedly Investigating SolarWinds Disruption (Breaking into - The Rv Article)
Date 2021-06-22
- SEC still digging into SolarWinds fallout, nudges undeclared victims (Register)
- SP 800-216 (Draft), Recommendations for Federal Vulnerability Disclosure Guidelines (CSRC)
- U.S. SEC probing SolarWinds clients over cyber breach disclosures -sources (Reuters)
- World Business Report: Update: US authorities open probe into SolarWinds' cyber breach on Apple Podcasts
- Cyber agency says SolarWinds hack could have been deterred by simple security measures
- Mandatory Cyber Reporting Within 24 Hours: Sen. Warner Bill - Breaking Defense Breaking Defense (Defense industry news, analysis and commentary)
- Software bills of materials (SBOM) could help improve cybersecurity (CNX Software)
- SolarWinds Hackers Could Have Been Waylaid by Simple Countermeasure -US Officials - Latest Tweet by Reuters (LatestLY)
- SolarWinds hackers may have been thwarted by simple security measures, officials say (Fuentitech)
- The Cybersecurity 202: Defense contractors are yet another sector highly vulnerable to hacking, study finds (wapo)
- Government-mandated SBOMs to throw light on software supply chain security (CSO Online)
- US SEC investigates SolarWinds clients over cyber breach disclosures (IT PRO)
- Rethinking US Federal network defenses. Mandatory reporting laws. International CyberCrime Prevention Act, RICO, and money laundering.
- U.S. SEC has begun probe of cyber breach by SolarWinds – sources
- US SEC investigates SolarWinds clients over cyber breach disclosures (The Cyber Security News)
- SolarWinds hackers could have been waylaid by simple countermeasure – U.S. officials (102.5 Duke FM)
- SolarWinds Clients Said to Face US SEC Probe Over Cyberattack Disclosures (News Update)
- Could better cyber hygiene have prevented the SolarWinds attack?
- Hillicon Valley: Cyber agency says SolarWinds hack could have been deterred | Civil rights groups urge lawmakers to crack down on Amazon's 'dangerous' worker surveillance (Manchin-led committee puts forth sprawling energy infrastructure proposal - The Ne)
- The US Securities and Exchange Commission is investigating SolarWinds clients for hacking detection - Sources by Reuters (Asia Pacific Live Update)
- US SEC Investigates SolarWinds Clients for Cyber Breach: Report (Economy and Business News - Insider Voice)
- Total Solar Eclipses Shed Light on the Temperature of Solar Winds and Sun's Corona (Science Times)
- Politics: Cyber agency says SolarWinds hack could have been deterred by simple security measures - PressFrom (US)
- SolarWinds customers asked to face investigation from US SEC over cyber breach disclosure (Indian Lekhak)
- SEC Investigates If Companies Did Not Disclose Effects of SolarWinds Cyber Breach (UK Time News)
- CISA: Firewall Rules Could Have Blunted SolarWinds Malware
- SEC Reportedly Probing SolarWinds Breach | Hacking (TechNewsWorld)
- CISA believes SolarWinds attack could have been prevented with simple countermeasures | 2021-06-23 (Security Magazine)
- CISA: No organization in the public or private sector could’ve prevented SolarWinds breach (FRN)
- Did Companies Fail to Disclose Being Affected by SolarWinds Breach? (The Cyber Post)
- Recent SEC Enforcement Requests Related to SolarWinds Cyberattack (Skadden, Arps, Slate, Meagher & Flom LLP - JDSupra)
- CISA believes SolarWinds attack could have been prevented with simple countermeasures (Cyber Reports Cybersecurity News & Information)
- SEC Reportedly Probing SolarWinds Breach (Hacking - newsbinding)
- Federal Agencies Could Have Neutralized SolarWinds Breach, CISA Says
- The SEC is reportedly investigating SolarWinds breaches (Hacking - Fuentitech)
- US SEC probing clients of SolarWinds over cyber (breach)
- Energy wants $201 million to bolster cybersecurity in wake of attacks
- House lawmakers introduce bill to increase American awareness of cyber threats (hill)
- CMMC: The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program (Nextgov)
- Key Lawmaker Calls on Pentagon Leadership to Act on Cyber Certification Program (Nextgov)
- Open Source Security: Google Has New Plans to Stop Software Supply Chain Attacks (Texas News Today)
- SEC.gov (In the Matter of Certain Cybersecurity-Related Events (HO-14225) FAQs)
- SEC Conducts Sweep of Customers Impacted by SolarWinds Cyber Breach (Securities Litigation and Regulatory Enforcement)
Date 2021-06-20
- Jake Sullivan: U.S. preparing more sanctions for Russia
Date 2021-06-21
- Biden’s executive order on cybersecurity should include behavior transparency (TechCrunch)
- U.S. SEC probing SolarWinds clients over cyber breach disclosures -sources (Reuters)
- US SEC officials say government agencies have begun investigating SolarWinds cyber infringement (Texas News Today)
- SEC Investigating Companies’ Handling of SolarWinds Attack (Bloomberg)
- SolarWinds hackers could have been waylaid by simple countermeasure -US officials (Reuters)
- Hillicon Valley: Cyber agency says SolarWinds hack could have been deterred | Civil rights groups urge lawmakers to crack down on Amazon's 'dangerous' worker surveillance | Manchin-led committee puts forth sprawling energy infrastructure proposal (TheHil)
- U.S. SEC seeks information from SolarWinds clients in cyber breach probe (Regina Leader Post)
- U.S. SEC probing SolarWinds clients over cyber breach disclosures (sources)
- SolarWinds’ Breach Disclosures Being Painstakingly Examined by U.S. SEC (Byte News)
- US SEC Requests Information from SolarWinds Customers in Cyber Attack Investigation (RB Tech Inc)
Date 2021-06-18
- Systemic cyberattacks trigger response from insurers (Insurance Business)
- The Cybersecurity 202: The race is on to make hacked companies more accountable to government. (wapo)
- Google’s latest framework aims to prevent SolarWinds (like supply chain attacks)
- Senators Draft a Federal Breach Notification Bill
Date 2021-06-17
- Senate confirms first White House cyber director
- Open-source security: Google has a new plan to stop software supply chain attacks (ZDNet)
- Binary Authorization for Borg: how Google verifies code provenance and implements code identity
- Critical cyber targets: You can't touch this (again), Biden tells Putin
- Google dishes out homemade SLSA, a recipe to thwart software supply (chain attacks • The Register)
- Cybersecurity Rule Could Prompt DoD Supplier Fallout (EE Times)
- Cybersecurity Rule Could Prompt DoD Supplier Fallout (EE Times)
- SolarWinds hackers could have been waylaid by simple countermeasure -US officials (National Post)
Date 2021-06-16
- Cyber EO May Move Software Supply Chain Security From Neutral to Highway Speed (MeriTalk)
- NSA cyber director discusses US response, approach to apparent espionage operation
- Is an Attacker Living Off Your Land?
- Tonya Ugoretz: FBI Needs Industry Cooperation to Address Cyber Incidents
- Microsoft's CISO: Why we're trying to banish passwords forever (ZDNet)
Date 2021-06-08
- CISA launches platform to let hackers report security bugs to US federal agencies (TechCrunch)
Date 2021-06-05
- India's Cybersecurity Breach Reporting Law: Time for an Overhaul? (Illinois News Today)
Date 2021-06-02
- Meatpacking giant JBS believes Russia behind hack that hit plants - Raw Story (Celebrating 17 Years of Independent Journalism)
- FireEye CEO Kevin Mandia On Ransomware: Businesses Must ‘Try To Reduce The Blast Radius’ Of Attacks
- SolarWinds lawsuit claims private equity owners ‘sacrificed cybersecurity to boost short-term profits’ (The Open Security)
- SolarWinds hackers are attempting phishing attacks targeting 150 organizations, Microsoft said. (Illinois News Today)
Date 2021-06-03
- New Executive Order Issued on Improving Nation’s Cybersecurity (Lexology)
- Russian SolarWinds hackers have launched a new campaign using their USAID email address, Microsoft said. (Illinois News Today)
Date 2021-06-11
- Solarwinds Corp 2021 Definitive information statements DEF 14C
- Form DEF 14C SolarWinds Corp For: Jun 11
- Notification no (nos: What to avoid when alerting customers of a breach)
- Biden Signs Executive Order Aimed at Improving the Federal Government’s Cybersecurity (Troutman Pepper - JDSupra)
- Federal cyber spending to drive an M&A surge, analyst says (Washington Business Journal)
- Cyber regulation could come after a series of hacks and ransomware attacks (Voice of America - Texas News Today)
Date 2021-06-26
- SolarWinds backdoor gang pwns Microsoft support agent to turn sights on customers (Register)
- Microsoft says its own customer support tools were compromised by SolarWinds hackers (Sports Grind Entertainment)
- Microsoft reports previously undetected security breach while investigating SolarWinds hack — RT USA News
- Microsoft: Russia (linked SolarWinds hackers breached three new entitiesSecurity Affairs)
- SolarWinds hackers breach new victims, including a Microsoft support agent (ars)
- Microsoft Discloses New Customer Hack Linked to SolarWinds Cyberattackers (WSJ)
- Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Netscape Money & Business)
- Microsoft claims its own customer support tools have been compromised by SolarWinds hackers – . (FR24 News English)
- SEC FORM 3
- SolarWinds hackers breach new victims, together with a Microsoft help agent (EAUC News)
- SolarWinds Hackers Breach New Victims, Including Microsoft Support Agent (Salesground)
- SolarWinds hackers breach new victims, including a Microsoft support agent – Ars Technica (Million Dollar Business Blog)
- SolarWinds hackers attack new victims, including Microsoft support agent – . (FR24 News English)
- Microsoft admits to signing rootkit malware in supply-chain fiasco (Business Standard News)
- Microsoft says a new breach was discovered in a suspected investigation into SolarWinds hackers (India News Republic)
- SolarWinds clients say they will face an investigation from the USSEC over disclosure of cyber breaches (Fuentitech)
- Microsoft Corporation (NASDAQ:MSFT) - Microsoft Says Its Customer Support Tools, Users' Information Were Exploited By The Hackers Behind SolarWinds (Benzinga)
Date 2021-04-06
- Minority Media | Homeland Security & Governmental Affairs Committee (Homeland Security & Governmental Affairs Committee)
- Senators want federal government to take accountability for SolarWinds hack (Washington Times)
- Top Homeland Security Senators Want Details on Agencies Hit in SolarWinds, Microsoft Intrusions (Nextgov)
- IG: Cybersecurity Weaknesses Persist in US Energy Dept.
- The SolarWinds hack timeline: Who knew what, and when? (Reseller News)
- Senators press for more on SolarWinds hack after AP report
- Senators press for more on SolarWinds hack after AP report | Govt-and-politics (tulsaworld.com)
- Senators press for more details on scope of SolarWinds hack (MarketWatch)
- Senators seek details on Einstein's performance and limitations - (FCW)
- Former CISA chief cautions on push for national cyber director - (Defense Systems)
- Why Didn't Government Detect SolarWinds Attack?
- Senators press for more on SolarWinds hack after AP report
- Viewpoint: Preventing the next SolarWinds breach calls for rapid training and education (Baltimore Business Journal)
- Security Advisory (SolarWinds)
Date 2021-06-01
- How SolarWinds Hackers ‘Nobelium’ Used Constant Contact in Mass Phishing Campaign
- Russian SolarWinds Hacker Launches New Phishing Campaign-Security (Illinois News Today)
- New breach by hackers behind SolarWinds 'mostly unsuccessful', says Microsoft (Secure books)
- Biden's $6T budget includes cybersecurity, broadband infrastructure (Healthcare IT News)
- GISEC 2021: SolarWinds CEO to deliver a keynote address titled SolarWinds: Secure by Design on June 2 (Enterprise Channels MEA)
- The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow (secblvd)
- Cyberattacks on Companies' IP Threaten the Global Order (Barron's)
- Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber
- SolarWinds hackers launch phishing attack - (GCN)
- JBS cyber attack: 1/5 of beef production wiped out in massive hack (Axios)
- U.S. seizes two domains used in cyberattacks that mimicked USAID communications (Nasdaq)
- Cybersecurity for U.S. critical infrastructure a ‘national (security imperative,’ NSC official says – Urgent Comms)
- Here Are Some Of The Major Hacks The U.S. Blamed On Russia In The Last Year
- Meatpacking giant JBS hit by cyberattack; believes Russia involved
- SolarWinds Threat Actors Behind New Email Attack Campaign
- Poisoned Installers Found in SolarWinds Hackers Toolkit (Flizzyy News)
- NobleBaron (New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs)
- Justice Department seizes domains used in Nobelium-USAID phishing campaign (ZDNet)
- US seizes 2 domain names used in cyberespionage campaign (The Seattle Times)
- Feds seize two domains used by SolarWinds intruders for malware spear (phishing op • The Register)
- Senate Hearing Considers CMMC, and Ability to Stop a SolarWinds-Type Attack (PubKGroup)
- SolarWinds lawsuit claims private equity owners ‘sacrificed cybersecurity to boost short-term profits’ (The Cyber Security News)
- Cyberattack On World's Biggest Meat Company 'Likely Based In Russia'
- SolarWind Attackers Launch New Wave Of Phishing Attacks
- US SolarWinds hackers seize domains used in cyber espionage attacks (Jioforme)
- U.S. seizes domains used in USAID hack (UPI)
- will over solarwinds latest massive phishing
- Biden weighs direct action against Russian targets following cyberattacks (WHAM)
- Russia's Nobelium uses USAID's email system for hacking, according to Microsoft (Illinois News Today)
- Biden Warns Businesses of Increased Cybersecurity Threat
- SolarWinds lawsuit expands to include private equity owners
- FireEye CEO: 'We are getting sucker (punched in cyberspace')
- SolarWinds Corporation (Bernstein Litowitz Berger & Grossmann LLP)
- Consolidated Complaint for Violations of the Federal Securities Laws
- What Microsoft officials know about Russian phishing hacks aimed at USAID (Illinois News Today)
- US Seizes Domains Used by SolarWinds Hackers in Cyber Espionage Attacks (News Nation USA)
Date 2021-05-27
- New sophisticated email-based attack from NOBELIUM (MS Security)
- Federal Register :: Software Bill of Materials Elements and Considerations
Date 2021-05-26
- White House taps Matt Olsen, Uber security boss and former NSA lawyer, to lead key DOJ division
- US agencies lack supply chain best practices post (SolarWinds)
- Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach | #microsoft | #hacking (#cybersecurity - National Cyber Security News Today)
- Microsoft has discovered yet more SolarWinds malware | #microsoft | #hacking (#cybersecurity - National Cyber Security News Today)
- SolarWinds prevention, avoiding a cyber security disaster (CyberTalk)
- Biden’s Cybersecurity EO: The Wrong Issues (tpost)
Date 2021-05-25
- Colonial ransomware hack spurs first-ever cybersecurity regulations for pipeline industry (wapo)
- It's Time for Congress to Push Companies to Come Forward on Hacks (Just Security)
- Turn the Tables: Supply Chain Defense Needs Some ...
- United States House of Representatives : Chairman Foster Opening Statement for Hearing on SolarWinds and Improving the Cybersecurity of Software Supply Chains
- DoJ, FBI, IC reviewing supply chain threats posed by Russian companies (FRN)
- VIDEO: Congress Holds Joint Hearing On SolarWinds Hack And Cybersecurity (LiveTube)
- SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing (R Street)
- SolarWinds hack 'a big wakeup call,' NASA's human spaceflight chief says (Space)
- Written Sttement of jamie Dimon to Senate Banking Committee
- (16) Dimon: Cyberattacks are getting worse. DC must do more
Date 2021-05-21
- Veterans Affairs says no evidence of data loss from SolarWinds hack (FRN)
- SolarWinds CEO: Hackers Were Doing "Early Recon" As Early As January 2019 (My TechDecisions)
- 'Early recon activities' for SolarWinds hack may have started in early 2019 ⋅ Windows Global
- VA found ‘no evidence’ of compromise in SolarWinds hack: CISO Cunningham
Date 2021-05-20
- SolarWinds: A Harbinger For a National Data Breach Reporting Law (Decipher)
- President Biden's Executive Order to Improve Cybersecurity Issued (King & Spalding - JDSupra)
- House Panel Passes Bill to Explore Bringing State and Local Cybersecurity Workers into CISA (Nextgov)
- The Negligence behind the Colonial Pipeline Hack | Business (stltoday.com)
- To avoid insider threats, security strategies call for behavioral profiling and anomaly comparison | 2021-05-20 (Security Magazine)
- SolarWinds CEO extends hack timeline, rethinks intern blame (Cybersecurity Dive)
- How 2 New Executive Orders May Reshape ...
- How to Avoid Another Cybersecurity Disaster Like SolarWinds
- 12 Lessons Learned From The SolarWinds Breach: RSA Conference
- CrowdStrike breaks down 'Golden SAML' attack
- Hackers targeted SolarWinds earlier than previously known (Arab News PK)
- New Bill Proposes that Americans Should Be Able to Sue Foreign Hackers (Faegre Drinker Biddle & Reath LLP - JDSupra)
- Hackers targeted SolarWinds earlier than previously known (Inside Telecom)
- CISA and NIST Guidance on Software Supply Chain Attacks
- What to do? GSA cyber advisor offers tips on supply chain risk management. (scmedia)
- SolarWinds hack: Nation-state attackers could have launched supply chain attack nine months before previously thought (The Daily Swig)
- The 3 elements of a sound threat intelligence program (TechRepublic)
- CMMC is not as scary as you think (secblvd)
- SolarWinds hackers had earlier access than previously thought; Russia denies role (Seeking Alpha)
- President Biden Announces Sweeping New Cybersecurity Reforms (Pillsbury Winthrop Shaw Pittman LLP - JDSupra)
- N-able Announces New Chief Security Officer and General Counsel to Its Executive Leadership Team (N-able)
- The UK’s Approach to Russian Cyber Operations Shows No Signs of Changing (RUSI)
- Hackers targeted SolarWinds earlier than previously known (Arab News)
- SimuLand: Understand adversary tradecraft and improve detection strategies (MS Security)
- Solar Storm Coming to Earth at 2.1 Million km per Hour: How Dangerous Is It? (Nature World News)
- Cybersecurity Legal Task Force
- Biden urged by tech firms to embrace commercial software
Date 2021-05-19
- Biden EO Has Teeth, But May Prove Difficult to Implement (secblvd)
- How CISA limited the impact of the SolarWinds attack (FRN)
- CEO: SolarWinds Attack Dates Back to at Least January 2019 (PCMag)
- SolarWinds CEO says hackers may have struck months earlier ...
- SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019 (The Record by Recorded Future)
- SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern
- SolarWinds CEO says hackers may have struck months earlier than thought (Nasdaq)
- SolarWinds: The Detailed Account of the Incident Response (RSA)
- #RSAC: SolarWinds CEO Provides new details on attack and response (Jioforme)
- #RSAC: SolarWinds CEO Provides New Details into Attack and Response (The Cyber Security News)
- SolarWinds CEO says hackers may have struck months earlier than thought (Reuters)
- President Biden’s Cybersecurity Order Takes Security Seriously (Lowndes - JDSupra)
- President Biden’s Recent Cybersecurity Executive Order Will Increase Compliance Obligations on the Private Sector (Lexology)
- Plurilock Issues Statement Following U.S. Executive Order to Increase Cybersecurity Defenses
- Senate Homeland Security and Governmental Affairs Hearing on Cybersecurity (UPI)
- Parsing Biden’s Cybersecurity Order (secblvd)
- Would CMMC compliance block a SolarWinds-style attack? - (FCW)
- Hackers targeted SolarWinds earlier than previously known (WDHN - DothanFirst.com)
- SolarWinds CEO: Attack Began Much Earlier Than Previously Thought (NewsOpener)
- Is it time to test the limits -- and potential -- of expanding CMMC? - (Defense Systems)
- UPDATE 1 (SolarWinds CEO says hackers may have struck months earlier than thought)
- Hackers Targeted Solarwinds Earlier than Previously Known (VOA)
- Hackers targeted SolarWinds earlier than previously known
- SolarWinds CEO Apologizes For Blaming An Intern
- SECURITY ALERT - SolarWinds CEO: Attack Began Much Earlier Than Previously Thought (MalwareTips Community)
- Dave MacKinnon takes over as CSO of N-able (formerly SolarWinds MSP) | 2021-05-21 (Security Magazine)
- Hackers targeted SolarWinds earlier than previously known
Date 2021-05-18
- Russian spy chief denies SVR was behind Solarwinds cyber ...
- Cyber Defense Isn't a Niche Issue Anymore (Bloomberg)
- CISA’s EINSTEIN had a chance to be great, but it’s more than good enough (FRN)
- Biden Proposes Billions for Cybersecurity After Wave of Attacks (Regina Leader Post)
- CISA Issues Guidance on Evicting Adversaries from Networks Following SolarWinds Attacks
- Nearly 40 defense companies were impacted in SolarWinds breach (FedScoop)
- False Claims Act is a Weapon against Breaches and Whistlenlowers
- Gibson Dunn (President Biden Issues Executive Order to Enhance U.S. Cybersecurity in the Wake of Major Cyber Incidents)
- Legislation to secure critical systems against cyberattacks moves forward in the House (hill)
- #RSAC: Anne Neuberger Sets Out Biden Administration’s Plan to Modernize US Cyber-defenses (Infosecurity Magazine)
- Biden administration eyes cybersecurity funding after hacks
- Microsoft Corporation (NASDAQ:MSFT), Solarwinds, Inc. (NYSE:SWI) - Biden Administration Prioritizes Cybersecurity Funding Following Multiple Hacks (Benzinga)
- SolarWinds CEO says hackers may have struck in January 2019, months earlier than thought (Reuters)
- Biden calls for $22 billion in cyber security funding (IT PRO)
Date 2021-05-17
- How Hackers Infiltrated U.S. Government Servers Through A Texas (Based Company)
- CISA Eviction Guide for SolarWinds, Microsoft O365 Compromises
- Biden's cyber order lays foundation for securing government - (Defense Systems)
- Voyager 1 discovers faint plasma 'hum' in interstellar space (Space)
- Biden Administration Issues Cybersecurity Executive Order
- CISA releases Eviction Guidance for SolarWinds Orion, Microsoft Office365 users (Industrial Cyber)
- Russia Sanctioned For Role In SolarWinds Supply Chain Attack - Technology (United States)
- CISA: Disconnect Internet for 3-5 Days to Evict SolarWinds Hackers From Network (SecurityWeek.Com)
- Can NTSB-style oversight work for cybersecurity? - (FCW)
- Zero trust moves from vision to reality - (GCN)
- Cybersecurity for All: President Biden Issues Sweeping Cybersecurity Executive Order (Holland & Knight LLP - JDSupra)
- Biden administration eyes cybersecurity funding after attacks | The Mighty 790 KFGO (KFGO)
- CISA releases Eviction Guidance for SolarWinds, Microsoft O365 compromises
Date 2021-05-16
- Biden issues order to strengthen nationwide cyber defenses
- National Cyber Defense Is a "Wicked" Problem: Why the Colonial Pipeline Ransomware Attack and the SolarWinds Hack Were All but Inevitable
- SolarWinds breach exposes hybrid multicloud security weaknesses (VentureBeat)
- President Biden pens Executive Order to boost US cybersecurity
- The SolarWinds and Zero Trust Conversation You've Been Waiting For | The Well Aware Security Show | Podcasts on Audible (Audible.com)
- SolarWinds breach exposes hybrid multicloud security weaknesses (DNyuz)
- Subscribe to read (FT)
- 1 - Unpacking the SolarWinds Breach: Now What? | Infrastructure Anywhere: A Podcast Series from CPP Associates | Podcasts on Audible (Audible.com)
- SolarWinds breach exposes hybrid multicloud security weaknesses (Public News)
Date 2021-05-14
- iTWire (New cyber rules will be judged by their efficacy: Tenable chief)
- Former CISA chief says Biden order on cybersecurity is "dramatic game change" (CBS News)
- Responding With Strength To The SolarWinds Attack - Technology (United States)
- Opinion: Agencies Need More Reliable Authentication To De-Weaponize Stolen Data During SolarWinds Breach (Potomac Officers Club)
- CISA Publishes Eviction Guidance for Networks Affected by SolarWinds and AD/M365 Compromise (CISA)
- Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)
- Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise: Risk decisions for Leaders
- Biden signs executive order to bolster US cyber security following pipeline attack
- White House cybersecurity order lands with a plea for private sector help (Utility Dive)
- Cybersecurity Executive Order: Can automation fix the nation’s misconfiguration problem? (secblvd)
- Cybersecurity: Why the new White House executive order is a major turning point (Fortune)
- President Biden outlines new software policy following recent cyberattacks (TechRadar)
- Former head of U.S. cybersecurity Christopher Krebs on “The Takeout” - 5/14/2021 (CBS News)
- In EO, federal security provides impetus for far reaching cyber implications
- Security News in Review: Biden Administration Aims to Disrupt Ransomware Gangs (secblvd)
- Why the Colonial Pipeline Ransomware Attack and the SolarWinds Hack Were All but Inevitable (California News Times)
- UK and US confirm Russian responsibility for SolarWinds attack - Industry (update.com)
- Congress to Speed up Efforts on Pushing out Hack Reporting Law (KMJ-AF1)
- Hackers targeted SolarWinds faster than previously known (Florida News Times)
Date 2021-05-13
- SolarWinds Hacking Claim a 'False Flag' by US Intelligence Seeking More Funding, Moscow Says (Sputnik)
- Microsoft's new security feature locks hackers out with GPS (ZDNet)
- Cybersecurity executive order or fire drill? (FRN)
- President Biden signs executive order to strengthen U.S. cybersecurity defenses | 2021-05-13 (Security Magazine)
- Biden says Colonial Pipeline hackers based in Russia, but not government-backed (hill)
- Bahamas must ‘step up game’ on cyber security (The Tribune)
- Everything You Need to Know about the New Executive Order on Cybersecurity (Lawfare)
- Biden's Cybersecurity Executive Order: 4 Key Takeaways
- Senator Proposes Cyber 'Academy' to Attract More to National Service (Military.com)
- Education CISO Discusses Zero Trust, Automation Going Hand-in (Hand – MeriTalk)
- Rapid7 says attacker accessed its source code in Codecov supply chain hack
- Cyber Response Bill Advances in Senate (Nextgov)
- Biden Signs Executive Order On Cybersecurity In Wake Of Pipeline Hack (WXXI News)
- Cybersecurity Execs Weigh In On Biden Executive Order (SDxCentral)
- Executive Order on Improving the Nation's Cybersecurity (The White House)
- Biden Says Gov't To Disrupt Pipeline Ransomware Hackers (Law360)
- Biden's Cybersecurity Order Benefits CrowdStrike, Dragos: Experts
- President Biden signs cybersecurity executive order (SD Times)
- The politics and policy of SolarWinds (CSO Online)
- Supply Chain Cybersecurity Risks: What the SolarWinds Breach Should Teach Us (BTB Security)
- Cyber EO lays a foundation for securing government - (GCN)
- Biden Order Aims To Tighten Software Security Practices - (Redmondmag.com)
- Joe Biden Signs Executive Order to Boost Cybersecurity
- Biden Takes Executive Action to Strengthen National Cybersecurity, Secure Supply Chains
- Biden signs executive order to modernize cyberdefenses
- Lawmakers introduce bill to protect critical infrastructure against cyberattacks (hill)
- Microsoft Could Get $150 Million in US Cyber Spending Despite Recent Hacks (English Bulletin)
- Linux and open-source communities rise to Biden's cybersecurity challenge (ZDNet)
- Biden's Cybersecurity Order Likely To Reach Beyond Gov't (Law360)
- US sanctions 10 Pakistani individuals and companies for meddling in 2020 presidential election - World (Business Recorder)
Date 2021-05-12
- Biden Signs Executive Order to Bolster Federal Government’s Cybersecurity (nyt)
- CISA to pilot secure cloud instance in response to SolarWinds attack (FRN)
- Supply chain penetration: Here’s how you can protect yourself (HT Tech)
- Russia must do more to tackle cyber criminals operating from within its borders, says UK (ZDNet)
- Mark Warner calls for mandatory reporting of hacks after Colonial Pipeline attack
- Dark Reading | Security (Protect The Business)
- Moscow Cuts U.S. Embassy Staff Marking Latest Decline In U.S. (Russia Relationship)
- Biden signs executive order to strengthen cybersecurity after Colonial Pipeline hack
- Biden Signs Order to Boost Cybersecurity After Pipeline Hack (Bloomberg)
- Biden signs much-anticipated cybersecurity executive order - (FCW)
- House lawmakers roll out bill to invest $500 million in state and local cybersecurity (hill)
- FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks (The White House)
- Biden signs order to beef up federal cyber defenses (LV Sun)
- Biden cyber executive order reignites push to cloud, zero trust
- Biden signs executive order aiming to prevent future cybersecurity disasters (Verge)
- Biden issues executive order following mounting cyberattacks (Axios)
- Biden Orders IT Gov't Contractors To Report Data Breaches (Law360)
- Biden orders federal cyber upgrade after barrage of hacks (POLITICO)
- Biden signs cybersecurity executive order after ransomware attack on fuel pipeline (CBS 42)
- Biden signs order to improve federal cybersecurity
- How Biden's new executive order plans to prevent another SolarWinds attack (The Record by Recorded Future)
- Biden signs executive order to improve federal cybersecurity (hill)
- Biden Signs Cybersecurity Executive Order Following Colonial Pipeline Hack : NPR
- Biden cybersecurity order mandates new rules for govt ...
- Biden signs cybersecurity executive order in the wake of pipeline shutdown
- Biden signs security (focused executive order meant to accelerate breach reporting, boost software standards)
- Biden signs executive order aimed at boosting cybersecurity
- Biden Executive Order Follows Recent Cyberattacks : NPR
- Biden's Executive Order Will Not Stop Cyber Attacks (LinkedIn)
- Biden cybersecurity order tackles software risks in energy, other sectors following Colonial hack (Utility Dive)
- Biden’s Cyber Strategy Must De-weaponize Civilian Data (Nextgov)
- Biden Signs Executive Order to Bolster Federal Government’s Cybersecurity (nyt)
- Biden signs cybersecurity executive order, though rules wouldn't (WENY News)
- Joe Biden signs executive order to beef up federal cyber defenses following pipeline hack - ABC11 Raleigh (Durham)
- Biden Executive Order Mandates MFA, Zero Trust Model and Standardized Incident Reporting
- Biden Executive Order on Cybersecurity Calls for Enhanced Software Supply Chain Security (secblvd)
Date 2021-05-09
- SolarWinds Says Hackers Probably Stole Data from Email Accounts — GigaLaw
- Biden Plans Order to Strengthen U.S. Cyberattack Defenses (nyt)
Date 2021-05-11
- Mandatory Breach Notification Requirements Are Coming For Government Contractors - Technology (United States)
- Watch live: Acting CISA director testifies on cybersecurity following SolarWinds hack (hill)
- SolarWinds Opened the Door for Cybersecurity Culture Overhaul at DHS
- SolarWinds CEO describes overhauled Orion build system after that 'very small, unique' security breach (Register)
- Senators discuss federal cybersecurity following SolarWinds hack (WYTV)
- Senators Want FISMA Changes on Cyberattack Reporting (MeriTalk)
- Senators Cite Colonial Pipeline Hack in Calling for Cyber Response and Recovery Fund (Nextgov)
- Senate committee holds hearing on cybersecurity after massive SolarWinds hack (The Global Herald)
- RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment (secblvd)
- Lawmakers eye tightening law to get more details on cyberattacks (Roll Call)
- Federal SolarWinds Recovery : FedNet
- SolarWinds CEO describes overhauled Orion build system after that ‘very small, unique’ security breach (IT Security News)
- Statemtnt of Ryan A Higgins, CISO Dept Commerce reporting to DHS
- SolarWinds CEO describes overhauled Orion build system after that 'very small, unique' security breach • The Register (SecuritNEWS)
Date 2021-05-05
- CISA has a better understanding of critical software post (SolarWinds hack)
- NYDFS recommends critical new practices to reduce supply chain risk in wake of SolarWinds attack (Lexology)
- CISA used new subpoena power to contact US companies vulnerable to hacking
- NSA: Connecting OT to the net can lead to "indefensible levels of risk"
- Further TTPs associated with SVR cyber actors
- 14 Alternatives To SolarWinds Network Bandwidth Analyzer, Pros, Cons & Questions (Hackers Pad)
Date 2021-04-30
- More US agencies potentially hacked, this time with Pulse Secure exploits (ars)
- ‘Accelerate change or lose’: Applying Gen. Brown’s action orders to cyberspace education and training
- Warner says Senate committee working on bill to require mandatory reporting for cyber threats (FRN)
- US Cuts Visa Services in Moscow Embassy as Russia Squeezes Embassy (Bloomberg)
- Stop Malicious Cyber Activity Against Connected Operational Technology
- The Ticking Time Bomb in Every Company's Code
- Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack Morning Edition podcast
- NYDFS Issues Report on SolarWinds (Robinson+Cole Data Privacy + Security Insider - JDSupra)
- Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack (Georgia Public Broadcasting)
- Survey Finds Broad Concern Over Third (Party App ...)
- CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached
- NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses (Alston & Bird - JDSupra)
- A Tale of Two Hacks: From SolarWinds to Microsoft Exchange (tpost)
- Defending Against Software Supply Chain Attacks
Date 2021-04-29
- SolarWinds : Biden Administration Issues New Sanctions On Russia In Connection With SolarWinds And Election Interference Efforts (MarketScreener)
- New York State Department of Financial Services Releases Report on SolarWinds Cyber Espionage Attack
- Top US military intelligence official says Russian military pose (WENY News)
- Hunting Hackers: Reducing the Time to Discovery (CSO Online)
- Microsoft weighs revamping flaw disclosures after suspected leak (Pittsburgh Post-Gazette)
- NYDFS Issues Report on SolarWinds Response and Recommends Critical Cybersecurity Measures (Practical Law)
- Biden Order Will Require New Cybersecurity Standards In Response To SolarWinds Attack (88.5 WFDD)
- NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses (Alston & Bird Privacy, Cyber & Data Strategy Blog)
- Biden prepping cybersecurity executive order in response to SolarWinds attack
Date 2021-05-03
- Administration drafting EO to help U.S. Gov’t secure digital supply chain
- Stopping the Next SolarWinds Requires Doing ...
Date 2021-04-28
- Another top VPN is reportedly being used to spread the SolarWinds hack
- New York Warns of Supply Chain Attack Dangers in Recent SolarWinds Report
- GCHQ calls for more UK investment in cybersecurity. US Senate considering information (sharing bill. CISA and NIST offer supply chain security guidance.)
- In Wake of Recent Breaches, FAA Wants to Up Cybersecurity of National Airspace System (Nextgov)
- US poised to impose anti-Russian sanctions over cyberattacks, election meddling — media - World (TASS)
- With sanctions, let’s offer Russia incentives, too (The Seattle Times)
- SolarWinds Supply Chain Attack: How to Protect Your Business
- Lawmakers introduce legislation to create civilian reserve program to fight hackers (hill)
- New York: NYDFS issues report on investigation of SolarWinds cyberattack | News post (DataGuidance)
- CISA & NIST Publish Recommendations for IT Admins to Defend Against the Next ‘SolarWinds’ Event (HOTforSecurity)
- Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack (Flipboard)
- Biden Order Will Require New Cybersecurity Standards In Response To SolarWinds Attack (VPM)
- Biden Order Will Require New Cybersecurity Standards In Response To SolarWinds Attack (Public Radio Tulsa)
- NIST, CISA Share Software Supply Chain Attack Defense Guidance
- Supply Chain Security Hinges on Zero Trust, Partnerships: A MeriTV Discussion (MeriTalk)
- Sidechannel Interview with Alex Stamos and Chris Krebs by Kim Zetter - Zero Day (Free Listening on SoundCloud)
- NSA: OT Security Guidance in Wake of SolarWinds Attack
- Tips on Enhancing Supply Chain Security (DataBreachToday)
- APT actors increasingly turn to exploits to launch attacks (TahawulTech.com)
- Security News in Review: Emotet Uninstalled Worldwide; Babuk “Goes Dark” (secblvd)
- DOD Zero Trust Reference Architecture
Date 2021-04-27
- Well (known VPN used to steal credentials on SolarWinds servers)
- New York State Department of Financial Services Issues Report On The Solarwinds Supply Chain Attack - Report Finds That DFS-regulated Companies Responded Quickly to the Attack (Report Identifies Key Cybersecurity Measures to Reduce Supply Chain Risk)
- Lawmakers Seek to Expand CISA's Role (GovInfoSecurity)
- Hackers are targeting Microsoft authentication servers
- Abusing Replication: Stealing AD FS Secrets Over the Network (fireeye)
- ‘Mandatory’ Cyber Info Sharing Bill Coming, Says Senate Intel Chair Warner « Breaking Defense (Defense industry news, analysis and commentary)
- House Solarium Commission Members Press for More CISA Funding (Nextgov)
- Cybersecurity roundup: U.S. agencies warn of Russian hacks, Australian hospitals struggle to get back online (Healthcare IT News)
- An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)
- Anatomy of the SolarWinds Hack: Who What Where When How
- Senate Intelligence panel working on legislation around mandatory cyber breach notification (hill)
- Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (All Tech News)
- Report: As result of SolarWinds breach, U.S. military concerned about updating software platforms (Israel Defense)
- APT actors increasingly turn to exploits to launch attacks (ITProPortal)
- The Cybersecurity 202: Lawmakers want to create a reserve corps of cybersecurity experts to respond to the next SolarWinds (wapo)
- Dark Reading | Security (Protect The Business)
- Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (The Open Security)
- What Is Steganography? (Built In)
- SolarWinds, Microsoft Hacks Prompt Focus on Zero-Trust Security | News (CACM)
- The Cybersecurity 202: Lawmakers want to create a reserve corps of cybersecurity experts to respond to the next SolarWinds (R Street)
- Biden Order To Require New Cybersecurity Standards In Response To SolarWinds Attack (WFSU News)
Date 2021-04-26
- Report: Russia 'likely' kept access to US networks after SolarWinds hack (Çukute)
- CISA warns of theft of credentials via SolarWinds and PulseSecure VPN
- SolarWinds hack and security - What is a software bill of materials? (JAXenter)
- SolarWinds, Microsoft Hacks Prompt Focus on Zero-Trust Security (WSJ)
- 'Cock.li' Admin Says He's Not Surprised Russian Intelligence Uses His Site
- Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders (CISA)
- Major US breaches, SolarWinds, prompts focus on zero trust model
- Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)
- New bill would task CISA with infrastructure risk assessments - (FCW)
- Lawmakers call for increasing the budget of key federal cybersecurity agency (hill)
- Before SolarWinds, US officials say SVR began stealthily targeting cloud services in 2018
- SolarWinds hack analysis reveals 56% boost in command server footprint (ZDNet)
- SolarWinds, Microsoft Hack Quick Focus on Zero Trust Security (India News Republic)
- SolarWinds, Microsoft hacks prompt focus on zero (trust security)
- Supply Chain Compromise (CISA)
- A Contrarian View on SolarWinds (SANS Institute)
- The FireEye/SolarWinds cyber attack | Ivanti Insights | Podcasts on Audible (Audible.com)
- SolarWinds, Microsoft hacks prompt focus on zero-trust security (Samachar Central)
- Russia accelerates its de-dollarization policy, chooses to settle exports in euro over dollar (Kitco News)
Date 2021-04-25
- SolarWinds executive explains their ‘security by design’ concept (TahawulTech.com)
- SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)
- Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)
- Two sources close to the SolarWinds breach investigation say Russian intelligence agency SVR hackers are likely still maintaining access to U.S. networks (CNN) (Inverse Zone)
- CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)
- Report: Russia 'likely' kept access to US networks after SolarWinds hack
- Report: Russia 'likely' kept access to US networks after SolarWinds hack
- Report: Russia 'likely' kept access to US networks after SolarWinds hack (Engadget)
- Report: Russia likely retained access to US network after SolarWinds hack (News Chant USA)
- Report: Russia 'likely' kept access to US networks after SolarWinds hack (My Droll)
- CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)
- http.title:solarwinds http.favicon.hash:-1776962843 (Shodan Search)
Date 2021-04-24
- Top White House cyber official says action taken so far not enou (WENY News)
- Top White House cyber official says action taken so far not enough to deter further Russia cyberattacks (CNNPolitics)
- Exclusive: Sources familiar with the investigation of SolarWinds breach say hackers from Russia's SVR intelligence agency likely still maintain access to US networks (CNN) (Last Bulletin)
Date 2021-04-23
- The SolarWinds Attack: The Story Behind The Hack » RJR Empires
- Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (Times News Express)
- When a Ripple Becomes a Wave: Cyberattack Fallout (secblvd)
- APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network
- Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)
- Supernova Attack Leveraged SolarWinds, Pulse Secure
- Analysts Uncover More Servers Used in SolarWinds Attack
- Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)
- SolarWinds hacking campaign puts Microsoft in the hot seat
- SolarWinds hacking campaign puts Microsoft in the hot seat (WFTV)
- Supernova Attack Leveraged SolarWinds, Pulse Secure
- Senators introduce legislation to protect critical infrastructure against attack (hill)
- SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation (SWI)
- SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation - SWI (bizwire)
- SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)
- Federal CISO DeRusha Cites SolarWinds Response as Promising ‘Use Case’ (MeriTalk)
Date 2021-04-22
- SolarWinds: Illuminating the Hidden Patterns That Advance the Story (RiskIQ)
- SolarWinds: Advancing the Story (RiskIQ Community Edition)
- Research Uncovers New Command Servers Used in SolarWinds Campaign (Zero Day)
- House Passes State Department Cybersecurity Legislation (KMJ-AF1)
- Democracy in The Daily: Russia against the West (The Tufts Daily)
- New cyber (hardening mandates may be coming for defense firms)
- Biden Administration Announces Expansion Of Sanctions Against Russia And Signals Potential Additional Restrictions Following SolarWinds Cyber-Attack - International Law (United States)
- Ex-Sen. Saxby Chambliss lobbying for SolarWinds (LegiStorm)
- U.S. takes steps to protect electric system from cyberattacks (Chattanooga Times Free Press)
- CISA Identifies SUPERNOVA Malware During Incident Response (CISA)
- Researchers shed more light on APT29 activity during SolarWinds attack
- Ex-NSA top lawyer: Here's how to block next SolarWinds mega hack (The Jerusalem Post)
- SolarWinds juggles stakeholders involved in response, recovery to level out business (Cybersecurity Dive)
- Cybersecurity expert: If you use SolarWinds, they got you (POWERGRID International)
- Analysts Estimate SolarWinds (SWI) to Report a Decline in Earnings: What to Look Out for
- Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds
- Why indict foreign cyber operators? IoT security regulation in the UK. Anti (ransomware measures and surveillance limitations in the US.)
- US agencies assess Pulse Secure VPN exploitation. New Sunburst infestation found. Facebook shuts down Paletinian spy groups.
- Cisco CEO Chuck Robbins: Moving To The Cloud Alone Isn’t A Security Cure (All)
- cyber.dhs.gov - Emergency Directive 21 (03: pulse secure)
- Russian Cyber Threat Defense – Now and Looking Forward (secblvd)
- USA: Would CMMC have prevented SolarWinds? | Insights (DataGuidance)
- SolarWinds Hack Imparted Lessons to Work Across Silos and Not ‘Victim Blame,’ Says Federal CISO (Homeland Security Today)
- HAFNIUM Exploits Live On (secblvd)
- Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
- U.S. Announces Sweeping New Sanctions Targeting Russia (Cozen O'Connor - JDSupra)
- Researchers shed more light on APT29 activity during SolarWinds attacks (Fuentitech)
- The Cybersecurity 202: Biden's pick for White House cyber director wants to see better relationship building with the private sector (wapo)
- New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
- CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)
- CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)
- Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)
- Supernova Malware Actors Masqueraded as Remote ...
- New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
- Researchers Find Additional Infrastructure Used By SolarWinds Hackers
- New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
Date 2021-04-21
- SolarWinds : New US Sanctions Targeting Russia's "Harmful Foreign Activities," Including Restrictions On Dealings In Russian Sovereign Debt (MarketScreener)
- Nakasone deflects senators' invitations to seek domestic spying powers - (Defense Systems)
- United States sanctions six Russian companies for aiding Russia's cyber (attacks against the US)
- Russia Sanctioned For Role In SolarWinds Supply Chain Attack (Alston & Bird - JDSupra)
- New cyber (hardening mandates may be coming for defense firms)
- SUNBURST: Reflections to Secure By (secblvd)
- In Tit-For (Tat Move, Russia Expels 10 U.S. Embassy Workers In Moscow)
- Former SolarWinds CEO Kevin Thompson to be the new CEO of Tricentis, a Mountain View software test company (Silicon Valley Business Journal)
- Russia Sanctioned For Role In SolarWinds Supply Chain Attack (Alston & Bird Privacy, Cyber & Data Strategy Blog)
- SolarWinds security chief: ‘We ran a pretty good shop’ (The Record by Recorded Future)
Date 2021-04-19
- Australia: Cyber insurance adoption rates see steady increases
- SolarWinds execs earned US$65M in 2020 despite hack - Security (CRN Australia)
- Increasing Demand of Database Monitoring Software Market 2027 (Datadog,Solarwinds,PRTG Network Monitor – The Courier)
- Poland supports allies' response to aggressive politics of Russia (The First News)
- White House stands down groups tackling SolarWinds, Microsoft Exchange - (FCW)
- Russia sanctioned over SolarWinds, election interference -- even as cyber espionage continues - (GCN)
- SolarWinds: A Catalyst for Change & a Cry for ...
- What Hack? Top SolarWinds Executives Made $65 Million Last Year
- Positive Technologies denies involvement in SolarWinds attack (TechRadar)
- SolarWinds affair. Russia expels US, Polish diplomats in counterretaliation. Codecov compromise. Big data gangs.
- Great Power Cyber Party (War on the Rocks)
- Malware Wants to Phone Home. Trinity Cyber Doesn’t Try to Block It
- President Biden Signs New Executive Order Escalating US Sanctions Against Russia (WilmerHale - JDSupra)
- US Senator Mark Warner calls for urgent transatlantic cooperation on cybersecurity (POLITICO)
- Investigation announced for Long (Term Investors in shares)
- Cyberattacks and Security Breach Disclosures: U.S. Federal Law Coming? (MSSP Alert)
- Statement by Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger on SolarWinds and Microsoft Exchange Incidents (The White House)
- Supply chain risk: Addressing a multitude of single points of failure - (FCW)
- UK, US say Russian hackers carried out SolarWinds attack
- The SolarWinds Breach and CMMC - What’s the Impact? (Pivot Point Security)
- The Biden Administration has officially responded to the SolarWinds attack! by Nick Espinosa | Security Fanatics (Free Listening on SoundCloud)
- SolarWinds hacking campaign puts Microsoft in the hot seat
- White House 'Stands Down' SolarWinds, Exchange Response Groups
- White House Scales Back Response to SolarWinds & ...
Date 2021-04-20
- The SolarWinds Attack: The Story Behind The Hack : NPR
- Exploring three more serious flaws in SolarWinds Orion products (TechNative)
- SolarWinds (NYSE:SWI) Upgraded at Zacks Investment Research (MarketBeat)
- A new direction in response to cyberespionage? Co (opting criminal gangs as instruments of state policy.)
- From the attack on Alexei Navalny to SolarWinds hack, every Russian move under scrutiny as NATO Allies support US action plan on Russia's 'destabilising activities' (IBTimes India)
- Feds Find More Malware Tied to SolarWinds Supply Chain Compromise
- Biden Administration Imposes Sanctions on Russia for SolarWinds (Schneier)
- White House stands down SolarWinds, Microsoft Exchange cyber response groups - (GCN)
- 5 signs a trucking company has been hacked (Commercial Carrier Journal)
- Biden Administration Ratchets Up Russia Sanctions (Michael Volkov - JDSupra)
- White House Winds Down SolarWinds, Exchange Cyber Teams « Breaking Defense (Defense industry news, analysis and commentary)
- DISA and JFHQ-DODIN's Orchestrated Response to SolarWinds (SIGNAL Magazine)
- The SolarWinds Attack: The Story Behind The Hack (Delaware First Media)
- UK and US call out Russia for SolarWinds compromise
- Russia’s Positive Technologies responds to US Treasury sanctions. US Government stands down its SolarWinds and Microsoft Exchange task forces. FCC security priorities charted.
- House passes legislation to elevate cybersecurity at the State Department (hill)
- The Danger of Treating SolarWinds as a Russia Cyber Attack
- Biden administration sanctions Russia over 2020 election interference, SolarWinds hack (FoxBiz)
- More SolarWinds command and control hacking servers found - Security (iTnews)
Date 2021-04-18
- Russia expels 10 US diplomats as part of retaliation for sanctions
- Biden agencies could find key lawmakers in accord on hack-attack alerts (Newsday)
- US imposes sanctions on Russia over cyber (attacks)
- United States imposes sanctions on Russia for SolarWinds Cyber Attack
- U.S. sanctions Russian government, security company for SolarWinds violations, election interference (Eminetra New Zealand)
- Company officials, victims, experts, and intel officials discuss the SolarWinds hack, which successfully compromised ~100 companies and a dozen govt. agencies (Dina Temple-Raston/NPR) (The Global Valley)
- Samir on Twitter: "if you see an instance of dwDrvInst.exe (unsigned by Solarwinds) running with cmdline like "smartcard -install" that could be a sign of successful RCE exploitation of CVE-2019 (3980 https://t.co/FyZvQ2IYVj https://t.co/8OIarbbqeQ" / Twit)
- SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?
Date 2021-04-17
- In Punishing Russia for SolarWinds, Biden Upends U.S. Convention on Cyber Espionage (ADVFN)
- SolarWinds hacking campaign puts Microsoft in the hot seat (StarTribune)
- US Institutes Sanctions Against Russia Over SolarWinds Hack
- In Punishing Russia for SolarWinds, Biden Upends U.S. Convention on Cyber Espionage (WSJ)
- SolarWinds : Russia Russia Russia! The Biden Administration Imposes Tough Sanctions On Russia (MarketScreener)
- NSA: 5 Security Bugs Under Active Nation-State Cyberattack (tpost)
- SolarWinds hacking campaign puts Microsoft in the hot seat (ABC News)
- Russia announces expulsion of 10 U.S. diplomats and ban some U.S. officials (Sandhills Express)
- The Story of the SolarWinds Hack (Hacker News)
- Macron says international community must draw “clear red lines” with Russia (Sandhills Express)
- OODA Loop (Cyber Retaliation Needs to Be Decisive, Swift, and Meaningful)
- SolarWinds : Russia Russia Russia! The Biden Administration Imposes Tough Sanctions On Russia (MarketScreener)
- In Punishing Russia for SolarWinds, Biden Upends U.S. Convention on Cyber Espionage
- Some White House Officials Reportedly Asked Biden Not to Tie New Sanctions to SolarWinds Hack (Sputnik)
- SolarWinds hacking campaign puts Microsoft in hot seat (News, Sports, Jobs - Tribune Chronicle)
- solarwinds stock price chart (Unese.campusquotient.org)
- Utility Regulator Says SolarWinds Backdoor Was Downloaded by 1/4 of Electric Utilities on the North American Power Grid (CPO Magazine)
- Russia Will Expel 10 Diplomats In Response To US Sanctions (Law360)
- Sun starts to set on SolarWinds attack as White House scales back efforts (Windows Central)
- CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
Date 2021-04-15
- Russia Solarwinds hack sanctions announced (wtsp.com)
- White House sanctions Russia over SolarWinds campaign, election interference - (FCW)
- Lesson From SolarWinds: Cyberattacks Have a Lingering Impact (IndustryWeek)
- EU's Borrell voices solidarity with US in SolarWinds hack
- U.S. Agencies: Russian SolarWinds Hackers Leveraging Five Older Vulnerabilities (My TechDecisions)
- Biden administration imposes new sanctions against Russia, expels 10 diplomats
- US hits Russia with sanctions following SolarWinds cyberattack (TechRadar)
- Sanctioning Russia for SolarWinds: What Normative Line Did Russia Cross? (Lawfare)
- US expels Russian diplomats, imposes new sanctions over SolarWinds hack, election interference
- Biden imposes new sanctions on Russia over SolarWinds hack, election interference (trib)
- SOLARWINDS INVESTIGATION INITIATED BY FORMER LOUISIANA ATTORNEY GENERAL: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation (SWI)
- White House blames Russian spy agency SVR for SolarWinds hack: statement (Reuters)
- Cybercriminals get bolder as impact from SolarWinds and ransomware grows (SiliconANGLE)
- US expels Russian diplomats and issues sanctions over SolarWinds hacking attack | News | DW (15.04.2021)
- US government strikes back at Kremlin for SolarWinds hack campaign (ars)
- Biden Boots 10 Russian Diplomats After SolarWinds Mega (Hack)
- Risch Addresses SolarWinds Sanctions, Underscores Cyberthreats from State Actors at Intelligence Hearing - Press Releases (James E Risch, U.S. Senator for Idaho)
- U.S. Sanctions Russia Over SolarWinds Cyberattack, Election Interference (MSSP Alert)
- Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks > National Security Agency Central Security Service > Article View
- If 25% of US utilities downloaded the malicious SolarWinds software, could the grid go down Ukraine-style? (Power Engineering)
- US Formally Attributes SolarWinds Attack to Russian ...
- SolarWinds Fallout: Are the Feds to Blame? (EE Times)
- US Cyber Command, DHS (CISA release Russian malware samples tied to SolarWinds compromise > U.S. Cyber Command > News)
- MAR-10327841-1.v1 – SUNSHUTTLE (CISA)
- Australia blames Russia for SolarWinds attack (InnovationAus)
- US expels 10 Russian diplomats, sanctions others for hack with Triangle connection (WRAL TechWire)
- Biden Sanctions Dozens Of Russians Over Hacking, Elections (Law360)
- Biden Sanctions Russia, Restricts Buying New Debt After Hacking
- US expels 10 Russian diplomats, imposes new sanctions in response to election interference and cyber hacks : The Tribune India
- US institutes new Russia sanctions in response to SolarWinds hack (Sports Grind Entertainment)
- FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government (The White House)
- Rubio: Biden Order on Russia a 'Legality' to Allow Action on SolarWinds (Newsmax.com)
- Biden imposes new sanctions on Russia | National and World (dailylocal.com)
- US Gov sanctions Russia and expels 10 diplomats over SolarWinds hackSecurity Affairs
- US pins SolarWinds cyberattack on Russian intelligence agency (Washington Examiner)
- White House blames Russia's SVR agency for SolarWinds breachl (Seeking Alpha)
- US Sanctions on Russia Rewrite Cyberespionage's Rules (WIRED)
- Background Press Call by Senior Administration Officials on Russia (The White House)
- US imposes sanctions on Moscow, expels Russian diplomats (News24)
- EU’s Borrell voices solidarity with US in SolarWinds hack (wapo)
- SolarWinds: Russian intelligence behind major cyber attack, Raab reveals as US expels diplomats (The Independent)
- US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
- SolarWinds Sanctions Far From Last Word On Russian Hacks (Law360)
- Figuring out SolarWinds hack as US sanctions Russia (Macau Business)
- Statement on Solar Winds Orion cyberattacks - Ministry of Foreign Affairs Republic of Poland (Gov.pl website)
- Furious Dominic Raab & US slam 'malicious' Russian 'CosyBear' hack attack which 'undermines democracy'
- Opinion (Biden is finally pivoting foreign policy to bigger threats - The Washington Post)
- Biden blames and sanctions Russia for the massive SolarWinds hack (Vox)
- White House Hints at ‘Hallmark’ of Expected Cybersecurity Order (MeriTalk)
- Biden imposes new sanctions on Russia | Tn Exchange (newspressnow.com)
- Biden says he warned Putin he could have gone further on sweeping Russia sanctions (ABC7 San Francisco)
- SolarWinds Execs Earned $65M In 2020 Despite Huge Hack
- Russia Expels 10 U.S. Diplomats in Limited Sanctions Response (Bloomberg)
- US Issues Russian SVR Warning (Infosecurity Magazine)
- US government strikes back at Kremlin for SolarWinds hack campaign (ars)
- US Sanctions Russia Over SolarWinds Attack, Election Meddling
- Attribution of cyber incident to Russia (Australian Minister for Foreign Affairs, Minister for Women)
- White House blames Russian spy agency SVR for SolarWinds hack: statement (95 KQDS)
- CISA and CNMF Analysis of SolarWinds (related Malware)
- It was Russia wot did it: SolarWinds hack was done by Kremlin's APT29 crew, say UK and US (Register)
- Britain blames Putin's spies for massive SolarWinds cyber attack (Daily Mail Online)
Date 2021-04-16
- iTWire (US alleges Russia behind SolarWinds compromise, imposes curbs on six firms)
- SolarWinds compromise attributed to Russian state actor (Mirage News)
- Deutsche Welle: US expels Russian diplomats and issues sanctions over SolarWinds hacking attack (KyivPost - Ukraine's Global Voice)
- Russia 'most acute threat' to national security, UK gov’t says
- West Virginia Sen. Joe Manchin stresses importance of improving cybersecurity practices | WDVM25 & DCW50 (Washington, DC)
- US White House blames Russia’s foreign intelligence for cyberattack on SolarWinds software - World (TASS)
- Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks (Homeland Security Today)
- Russian SVR Targets U.S. and Allied Networks
- Russia's SVR Spy Agency Calls U.S. Hack Allegations 'Nonsense': Ifax | Top News (US News)
- NATO to improve cyber defense in bid to boost alliance resilience
- How SolarWinds cyber (attack forced US to sanction Russia)
- Britain, United States accuse Russia of ‘Solar Winds’ cyber attack (Evening Standard)
- White House Names, Blames, Sanctions Russian Govt for Cyber, Election Assaults (MeriTalk)
- US names 6 Russian tech firms aiding govt hackers - Security (CRN Australia)
- Poland Expels Three Russian Diplomats In 'Solidarity' With U.S.
- UK and US call out Russia for SolarWinds compromise | National Cyber Security Centre (Official Press Release)
- White House formally blames Russian intelligence service SVR for SolarWinds hack (The Record by Recorded Future)
- US sanctions six tech firms for supporting Russian intelligence services
- US expels Russian diplomats, imposes sanctions for hacking
- Britain and United States accuse Russia of ‘Solar Winds’ cyber attack
- White House: Russians Behind SolarWinds and 5 More Technology Attacks
- More Countries Officially Blame Russia for SolarWinds Attack (SecurityWeek.Com)
- Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (Krebs on Security)
- US blames Russia spies for SolarWinds hack | The Canberra Times (Canberra, ACT)
- Biden says sanctions against Russia are proportionate response: 'Now is the time to de-escalate' | US & World News (azfamily.com)
- The Biden Administration Just Accused A $1 Billion Russian Cybersecurity Company Of Recruiting Spies
- Biden’s Russia Strike Marks Shift in U.S. Cybersecurity Strategy
- SolarWinds cyber strike: Russia did it, say US and UK
- SolarWinds: Accountability, Attribution, and Advancing the Ball
- How Russia Used SolarWinds To Hack Microsoft, Intel, Pentagon, Other Networks : NPR
- Russia to expel 10 US diplomats in 'tit-for-tat response' to Biden sanctions | National (keysnews.com)
- H-ISAC Supply (Chain Insights Aim to Prevent Next SolarWinds Cyberattack)
- Himes: Biden didn’t show Putin “strong hand,” says cyber offensive is needed (CTInsider.com)
- US imposes new sanctions on Russia, expels 10 diplomats : The Tribune India
- SolarWinds hack affected six EU agencies (The Record by Recorded Future)
- Foreign Intelligence Service of the Russian Federation
- NATO - News: North Atlantic Council Statement following the announcement by the United States of actions with regard to Russia, 15-Apr. (2021)
- Snort Blog: Snort rule update for April 15, 2021
- White House Blames Russian Foreign Intelligence for SolarWinds, Imposes Sanctions on Rival Nation (HOTforSecurity)
- Experts On Russia Being Held Accountable For SolarWinds (Information Security Buzz)
- US sanctions Russian government, security firms for SolarWinds breach, election interference (CSO Online)
- Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (secblvd)
- Biden team’s tall task: Building cyber defenses against Russia, China (CSMonitor.com)
- GOP lawmakers say something important missing from Biden’s Russia sanctions (Washington Examiner)
- U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks (secblvd)
- Days after sanctions, House to vote again on Cyber Diplomacy Act - (FCW)
- SolarWinds cyber strike: Russia did it, say US and UK (Attivo Networks)
- SolarWinds hacking campaign puts Microsoft in the hot seat
- Sanctioned Russian IT firm was partner with Microsoft, IBM
- SolarWinds compromise attributed to Russian state actor (Beehive.govt.nz)
- VirusTotal Community profile for CYBERCOM_Malware_Alert (VirusTotal)
- Russia blocks key Biden Cabinet officials from entering in retaliation for sanctions (hill)
- Holding Russia To Account (U.S. Embassy in Georgia)
- Australian Government Blames Russia For SolarWinds Cyber Attack
- US Pulls Back Curtain on Russian Cyber Operations
- Russia objects to US sanctions; US gets UK, EU support. Vaccine cold chain remains a target. Iran says Natanz back in business.
- Russia sanctions eight US officials and expels diplomats in reta - Erie News Now (WICU and WSEE in Erie, PA)
- Russian SVR Behind the SolarWinds Hack, According to U.S. Government
- 6 out of 11 EU agencies running Solarwinds Orion software were hackedSecurity Affairs
- Russia to expel 10 US diplomats in 'tit-for-tat response' to Biden sanctions | National (pdclarion.com)
- Russia: UK exposes Russian involvement in SolarWinds cyber compromise (UK Government) (CompanyNewsHQ)
- US attributes SolarWinds campaign to Russia's SVR and calls out Russian disinformation shops. New APT34 activity.
- It was Russia wot did it: SolarWinds hack was done by Kremlin’s APT29 crew, say UK and US (Cyber Security Review)
- Russia Retaliates Against Biden's New Sanctions, Expelling 10 U.S. Diplomats (KENW)
- Biden's CISA Cybersecurity Budget Proposal: $2.1B (MSSP Alert)
- Russian SVR blamed for SolarWinds supply chain compromise, cyber espionage action (Industrial Cyber)
- Biden Administration Issues Russian Sanctions in Response to SolarWinds
- Solarwinds, Inc. (NYSE:SWI) - White House Holds Russia's SVR Responsible For SolarWinds Cyber Hack: Reuters (Benzinga)
- Swinburne University confirms over 5,000 individuals affected in data breach (Bestgamingpro)
- SolarWinds cyberattack: How SolarWinds cyberattack forced US to sanction Russia, Telecom News, ET Telecom
- Sanctioned Firm Accused of Helping Russian Intelligence Was Part of Microsoft’s Early Vuln Access Program — MAPP (Zero Day)
- How SolarWinds cyber-attack forced US to sanction Russia - CRN (India)
Date 2021-04-14
- SolarWinds says hack fallout cost at least $23.5 million - Security (iTnews)
- SolarWinds says dealing with hack fallout cost at least US$18m, Technology (THE BUSINESS TIMES)
- SolarWinds spends $18 mn in 3 months after cyber attack (InfotechLead)
- NERC Says 375 Electricity Providers Installed the Laced SolarWinds Update (TechNadu)
- Digital Detectives: Occam’s Razor — A SolarWinds Perspective for Law Firms on Apple Podcasts
- Sunburst Hack Costs SolarWinds At Least $18M (CFO)
- SolarWinds says dealing with hack fallout cost at least US$18 million - Security (CRN Australia)
- Protecting The Integrity Of The Software Factory
- Cyber Cartels Are Committing Modern Bank Heists (Barron's)
- Where VCs Are Putting Their Money As Cybersecurity Funding Hits Record High (Crunchbase News)
- Senators Push for Changes in Wake of SolarWinds Attack
- Biden to Name Morgan Stanley’s Easterly as CISA Head
- Misuse of X.509 Certificates & Keys Involved in SolarWinds Attack
- Hillicon Valley: Intel leaders push for breach notification law | Coinbase goes public (hill)
- US spy chiefs to warn of threats from SolarWinds to North Korea (Maju Saham)
- Biden’s decision: How hard to punch back at Putin's hackers (POLITICO)
- Biden: U.S. 'could have gone further' in sanctions on Russia
- U.S. set to slap new sanctions on Russian officials as soon as Thursday -sources (The Star Phoenix)
- Biden to sanction Russian authorities for massive SolarWinds hack (Biden administration - Eminetra)
- Official: Biden administration set to announce new sanctions against Russia for SolarWinds hack, election interference | National News (newsadvance.com)
- Biden announces sweeping new sanctions against Russia (CBS News)
- US is expected to sanction Russia and expel Russian officials in response to hacks and election interference | (kctv5.com)
- Biden's sanctions against Russia demands diplomats leave tomorrow - Raw Story (Celebrating 17 Years of Independent Journalism)
- NERC finding 25% of utilities exposed to SolarWinds hack indicates growing ICS vulnerabilities, analysts say (Utility Dive)
- Pentagon believes it escaped unscathed from SolarWinds, Microsoft hacks (FRN)
- U.S. set to sanction Russia over SolarWinds hack, election interference: reports (MarketWatch)
- Official: Biden administration set to announce new sanctions against Russia for SolarWinds hack, election interference | Govt. & Politics (swvatoday.com)
- US expels Russian diplomats, imposes sanctions for hacking
Date 2021-04-13
- What You Need to Know about the Cyber (Espionage Attack Linked to Russia)
- Biden Warns Putin Over Hacking But Proposes Summit in a Call (Bloomberg)
- Former DHS Leader Shares Details on SolarWinds Attack
- White House announces CISA, national cyber directors (Utility Dive)
- TIA, CTIA, NAB press Biden to let industry lead on telecom security (FierceTelecom)
- U.S. intelligence community details destructive cyber capabilities, growing influence threats
- SolarWinds says dealing with hack fallout cost at least $18 million | 1450 AM 99.7 FM WHTC (Holland)
- Experts see 'unprecedented' increase in hackers targeting electric grid (hill)
- IC warns that U.S. adversaries are ramping up cyber attacks - (FCW)
- SolarWinds says dealing with hack fallout cost at least $18 million | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
- STRATEGIC THREAT INTELLIGENCE: PREPARING FOR THE NEXT “SOLARWINDS” EVENT
- Biden Warns Putin Over Hacking But Proposes Summit in a Call (2)
- Hundreds of electric utilities downloaded SolarWinds backdoor, regulator says (CyberScoop)
- White House Names National Cyber Director, CISA Chief (FedTech Magazine)
- U.S. spy chiefs warn of ‘unparalleled’ China threat in return to Congress | The Mighty 790 KFGO (KFGO)
- SolarWinds says dealing with hack fallout cost at least $18 million (The Hindu)
- U.S. Poised to Impose Russia Sanctions Over Election, SolarWinds (Bloomberg)
- Annual FireEye Mandiant M (Trends Report Reveals Global Statistics and Insights From Hundreds of Diverse Intrusions)
- FireEye Mandiant M (Trends 2021 report)
- Fireeyye - [Report] M (Trends 2021)
Date 2021-04-12
- City of Tampa among 18,000 targets of SolarWinds hack; exposing government data, personal info - Tampa, Florida (Eminetra)
- Biden Needs To Respond To Russia Hacking (Technology Times)
- Biden's cybersecurity dream team takes shape
- Biden will name cybersecurity agency head after Russian hackers accessed government accounts (Daily Mail Online)
- Former DHS Secretary Details SolarWinds Hackers’ Access to His Email (Nextgov)
- Biden names 2 ex (NSA officials for senior cyber positions)
- The Anatomy of the SolarWinds Attack: A CyberArk Labs Perspective
- SolarWinds and Microsoft Exchange: Hacks Wrapped in a Cybersecurity Dilemma Inside a Cyberspace Crisis (Georgetown Journal of International Affairs)
- SolarWinds and Cozy Bears: How Russian Hackers Compromised the U.S. Government and How We Can Reduce the Chances of It Happening Again (Ricochet)
- Ex-DHS chief confirms suspected Russian hackers targeted his email account (CyberScoop)
- Spy Chiefs to Warn of Threats From SolarWinds to North Korea (Bloomberg)
- ‘They knew I was running late to meetings’: Former DHS chief on reports that SolarWinds hackers targeted his emails (The Record by Recorded Future)
- Biden names 2 ex (NSA officials for senior cyber positions)
- Satya Nadella: SolarWinds Hack Underscores Need For ‘Moving To The Cloud’
Date 2021-04-10
- SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers (The Cyber Post)
Date 2021-04-11
- Biden Seeks to Boost CISA's Budget by $110 Million
- Fed Chairman Jerome Powell: The 2021 60 Minutes Interview (CBS News)
Date 2021-04-09
- The SolarWinds hack timeline: Who knew what, and when?
- DHS CISA Shares SolarWinds Post (Threat Compromise Activity Tool)
- Releases · cisagov/Sparrow (GitHub)
- Investors Could Be Concerned With SolarWinds' (NYSE:SWI) Returns On Capital (Simply Wall St News)
- The U.S. Government Needs to Overhaul Cybersecurity. Here’s How. (Lawfare)
- Biden budget request calls for major investments in cybersecurity, emerging technologies (hill)
- Renewed Concerns Raised on Agency Cybersecurity
- Cyber Cases May Offer Clues to SEC ESG Enforcement
- Biden FY22 Budget Request Seeks $500M for TMF, $750M ‘Reserve’ for IT Fixes (MeriTalk)
- CISA Launches New Threat Detection Dashboard
- Biden Needs to Get Serious About Russian Hacking (Bloomberg)
- White House preps new requirements for industrial control system security - (GCN)
- What the Titans of Industry Reveal about SolarWinds Attack (secblvd)
- White House asks for additional $110 million in CISA funding to address cyber threats (CyberScoop)
- Biden Needs to Respond to Russian Hacking
- SolarWinds Pingdom vs. Rigor Monitoring & Optimization vs. germainAPM Comparison
- Biden Looks To Up Cybersecurity Spending With Budget Plan (Law360)
- SolarWinds Cyberattack: Lessons Learned
- The U.S. Government Needs to Overhaul Cybersecurity. Here’s How. (secblvd)
- SOLARWINDS INVESTIGATION INITIATED BY FORMER LOUISIANA ATTORNEY GENERAL: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation - SWI (NY Press News)
- Satya Nadella: SolarWinds Hack Underscores Need For ‘Moving To The Cloud’
Date 2021-04-08
- 4 things you can do to minimize cyberattacks on supply and value chains (Help Net Security)
- Top Biden cyber official: SolarWinds breach could turn from spying to destruction 'in a moment'
- Russia prepares US sanctions due to Alexei Navalny jailing, Solarwinds hack and election meddling (Daily Mail Online)
- Lavrov says US policy towards Russia is 'dumb,' ineffective (StarTribune)
- Why the U.S. Shouldn’t Play Games With Cyberwarfare as Its Power Declines
- Biden administration sets the stage for retaliation against Russia over SolarWinds, election interference: report (Business Insider India)
- US May Expel Russian Diplomats, Impose New Sanctions: Media - Other Media news (Tasnim News Agency)
- SolarWinds bolsters cybersecurity in wake of hack (Business Insurance)
- Top Biden cyber official: SolarWinds breach could turn from spying to destruction 'in a moment' (Democratic Underground)
- Biden weighs retaliation against Russia for SolarWinds, election interference (KOMO)
- Russia's top diplomat: US policy toward Moscow is 'dumb' (hill)
- Russia prepares US sanctions due to Alexei Navalny jailing, Solarwinds hack and election meddling (Internewscast)
- Federal watchdog investigating State Department cybersecurity pr (WENY News)
- Biden weighs retaliation against Russia for SolarWinds, election interference (WKRC)
- Biden Eyes Russia Retaliation After Meddling, Hacking Review (Bloomberg)
- Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments (CISA)
Date 2021-04-07
- Debate: How Should the US Respond to the SolarWinds Breach? (Russia Matters)
- Long (Term SolarWinds Investors Who Have Held Their Stock Continuously Since September 2019 Encouraged To Contact Kehoe Law Firm, P.C.)
- Senators Press for Details on SolarWinds Hack (Manufacturing Business Technology)
- Biden Eyes Russia Retaliation for SolarWinds, Election Meddling: Report
- Supply‑chain attacks: When trust goes wrong, try hope? (WeLiveSecurity)
- Should cyberwar be met with physical force? Moral philosophy can help us decide
- After A Major Hack, U.S. Looks To Fix A Cyber 'Blind Spot' (Georgia Public Broadcasting)
- SolarWinds TechPod: Secure by Design (Securing the Supply Chain)
- The Need for Zero Trust Workload Protection (secblvd)
- Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past (CSO Online)
- SolarWinds Pingdom vs. RapidSpike vs. SpyCloud Comparison
- Long (Term SolarWinds Investors Who Have Held Their Stock Continuously Since September 2019 Encouraged To Contact Kehoe Law Firm, P.C.)
- Nation-state cyber attacks could lead to cyber conflict (TechRepublic)
- Long (Term SolarWinds Investors Who Have Held Their Stock Continuously Since September 2019 Encouraged To Contact Kehoe Law Firm, P.C.)
- Biden administration sets the stage for retaliation against Russia over SolarWinds, election interference: report
Date 2021-04-05
- Carriers growing increasingly skittish after major cyber incidents (Insurance Business)
- Supply chain attacks: what we know about the SolarWinds ‘Sunburst’ exploit, and why it still matters (Check Point Software)
- President Biden’s new executive order could oblige software vendors to tell Uncle Sam about security breaches (The Daily Swig)
- Supply Chain Hackers Strike Hard at Government Entities
- Russia Suspected of Stealing Thousands of State Department Emails (Homeland Security Today)
- Examining the SolarWinds/Holiday Bear Hack (Columbia SIPA)
- European Institutions Were Targeted in a Cyber-Attack Last Week (BNN Bloomberg)
- The SolarWinds hack timeline: Who knew what, and when? (CSO Online)
Date 2021-04-02
- DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack (Nextgov)
Date 2021-04-03
- Russian hackers stole thousands of emails from US State Department: Report
Date 2021-03-31
- What We Know (and Don't Know) So Far About the ...
- Lessons of the SolarWinds hack
- SolarWinds cyberhack gained access to then-acting DHS chief's emails: Sources (ABC News)
- Atlantic Council: SolarWinds, Microsoft Hacks Reveal ‘Strategic Failure’ (MeriTalk)
- How SolarWinds Is Recovering and Sharing What It Has Learned Over The Last Three Months (My TechDecisions)
- SolarWinds attack makes us distrust the software we buy (TechRepublic)
- What Would Happen If States Started Looking at Cyber Operations as a “Threat” to Use Force? (Lawfare)
- News Briefs | (bedfordgazette.com)
- Expected breach disclosure mandates will test government-industry cooperation - (FCW)
- Zero Trust Security Is Essential for Neutralizing Supply Chain Attacks (TechBullion)
- SolarWinds Attack Makes Us Distrust The Software We Buy (NewsOpener)
- Oklahoma CISO says pandemic accelerated zero (trust implementation)
- Hillicon Valley: Officials say cyber executive order with 'a dozen' actions forthcoming | Epic Games submits Apple complaint to UK watchdog | Facebook's chief revenue officer to leave company (hill)
- Officials say executive order with 'a dozen' actions forthcoming after SolarWinds, Microsoft breaches (hill)
- Russia suspected of stealing thousands of State Department emails
- SolarWinds hacker accessed Homeland Security email (Texas News Today)
- Email accounts of DHS members were compromised in the SolarWinds hackSecurity Affairs
- SolarWinds highlights "alarming" cyberattack trend (Insurance Business)
- Punitive Response to SolarWinds Would Be Misplaced, But Cyber Deterrence Still Matters (Russia Matters)
- US to publish details on suspected Russian hacking tools used in SolarWinds espionage
- SolarWinds Hack Affected Emails Of Homeland Security Leaders (Potomac Officers Club)
- Russians suspected of 'stealing thousands of State Department emails' in latest hack targeting US (Daily Mail Online)
- SolarWinds surprise: Department of Homeland Security emails leaked?
- SolarWinds hacker sneaks into Trump's top executive email (Texas News Today)
- Cybersecurity, browser security, SolarWinds (Homeland Security Newswire)
- SolarWinds Attack Has Growing, Worsening Impact on Cybersecurity Pros
- Revelations About Securing Hybrid Cloud Environments Post-SolarWinds (secblvd)
- U.S. Launches Cyber ‘Sprints’ in the Wake of Nation-State Hacks (Bloomberg)
- When do cyber ops constitute "threats to use force?" Continuity in US cyber response. Questions about disclosure rules.
- Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies (CyberScoop)
- Blackberry Jarvis
- The Fortune 500 Companies That Want To Be Hacked (The Tennessee Tribune)
- Russian hackers have once again been accused of carrying out cyber (attacks on the United States)
- Mind the Gap: How the NSA might use SolarWinds campaign to do warrantless spying (Zero Day)
- cyber.dhs.gov - Emergency Directive 21 (02)
- As SolarWinds Announces More Patches, Analysts Offer Advice
Date 2021-04-01
- Top DHS Officials’ E-Mails Compromised in SolarWinds Hack, (Saudi Press)
- SolarWinds breach severity perception increasing over time (Help Net Security)
- USA to publish detailed analysis of SolarWinds hacking tools
- After SolarWinds, Lawmakers Want Companies to Come Clean About Cyberattacks
- SolarWinds Hack Shows Why We Need a National Cyber Director
- SolarWinds Hack Demonstrates Need for Cloud Security
- Cyber Daily: After SolarWinds, Lawmakers Want Companies to Come Clean About Hacks (State Department Emails Stolen)
- CISA Orders More Microsoft Exchange Checks in Hunt for Undetected Compromises (MeriTalk)
- Russian FM says relations with West have 'hit the bottom' :: WRAL.com
- NSA Director Says More Domestic Surveillance Might Stop Foreign Hacking; Fails To Explain Why NSA Isn't Stopping Much Foreign Hacking (Techdirt)
- Analysts expect the worst if Biden doesn't turn his focus toward protecting the grid (WCTI)
- Biden's cyber executive order to include new rules for federal agencies, contractors
- SolarWinds breach severity perception increasing over time (IT Security News)
- Senators Ready to Give NSA More Domestic Power Over SolarWinds Hack (News From Antiwar.com)
- SolarWinds Hack Obtained Emails of Top U.S. Department of Homeland Security Officials (FISM TV)
- Homeland Security Orders Cyber ‘Sprints’ as Part of U.S. Plan Against Hacks
- DHS Secretary Previews Six ‘Sprints’ to Improve Federal Cybersecurity (MeriTalk)
- SolarWinds Hackers Accessed US Department of Homeland Security (DHS) officials
- Hunting the hunters: How Russian hackers targeted US cyber first (KAKE)
- The Cybersecurity 202: DHS head seeks to quickly solve some major cybersecurity problems (wapo)
- DHS Secretary Outlines Biden Administration’s Cybersecurity Vision (Infosecurity Magazine)
- Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach (CNNPolitics)
- After hack, officials draw attention to supply chain threats - U.S. (Stripes)
- More Surveillance Isn’t the Answer to the SolarWinds Hack (EIN Presswire)
- Russian SolarWinds hackers were so ‘sophisticated’ that they even targeted DHS cybersecurity experts (Alternet.org)
- Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach
- US looks to keep critical sectors safe from cyberattacks | Election Hq (fox5vegas.com)
- After hack, officials draw attention to supply chain threats
- Ep 31 - SolarWinds Hack | Modern Day Apocrypha | Podcasts on Audible (Audible.com)
Date 2021-03-29
- Software vendors would have to disclose breaches to US - Security (CRN Australia)
- AP sources: SolarWinds hack got emails of top DHS officials (StarTribune)
- AP Sources: SolarWinds Hack Got Emails of Top DHS Officials (NBC10 Philadelphia)
- US Vows Consequences for Russian Actions
- SolarWinds hack obtained emails of top US Department of Homeland Security officials (AP)
- (ISC)2 Survey Finds Cybersecurity Professionals Have Increasing Level of Concern About SolarWinds Incident
- The Lawfare Podcast: The Generals vs. the Armed Services Committee with No Bull (Lawfare)
- Lawmakers Press Biden to Nominate Federal Cybersecurity Leader Now (MSSP Alert)
- SolarWinds Patches Four New Vulnerabilities in Their Orion Platform
- SolarWinds: Who’s to Blame? Going Beyond the Cloud (Credit Union Times)
- Biden faces few great options for SolarWinds, Exchange retaliation (POLITICO)
- CISA Builds Out Defensive Tools for Security Teams
- 'Small number' of DHS email accounts accessed during SolarWinds breach (FedScoop)
- Associated Press: SolarWinds hack got emails of top DHS officials (KyivPost - Ukraine's Global Voice)
- In wake of giant software hacks, defenders & dev teams must fix AppSec
- AP sources: SolarWinds hack got emails of top DHS officials | Govt-and-politics (tulsaworld.com)
- White House Weighs ‘Seen and Unseen’ Responses to Major Hack (Bloomberg)
- SolarWinds hack: US weighs ‘seen and unseen’ responses to major cyber attack (Hindustan Times)
- NSA Opens Door to Domestic Internet Spying, Privacy Advocates Say
- SolarWinds Hackers Breached Homeland Security Officials Emails: Report
- NSA Opens Door to Domestic Internet Spying, Privacy Advocates Say
- Unencrypted | What is SolarWinds? Are updates still safe? (THE DEVIL STRIP)
- Cybersecurity Needs a New Alert System (WSJ)
- NIST Seeks Small Business to Help Develop Cybersecurity Standards (Nextgov)
- Putin calls on nations across world to create new ‘legally binding’ global cyberspace treaty, as hack attack row with US escalates — RT Russia & Former Soviet Union
- Head of Homeland Security had his email hacked in SolarWinds attack (IT PRO)
- Solarwinds, Inc. (NYSE:SWI), (CRWD) - SolarWinds Hackers Breached Homeland Security Officials Emails: Report (Benzinga)
- SolarWinds hack obtained emails of top U.S. Department of Homeland Security officials: AP (Reuters)
- Companies Must Report Hacks to U.S. Within Days in Draft Order (Bloomberg)
- Russian hackers stole thousands of State Department emails, reports claim (The Independent)
- The Emails of the Department of Homeland Security exposed
- SolarWinds cyberhack gained access to then (acting DHS chief’s emails: Sources – Illinois News Now)
- DHS Secretary Outlines 60 (Day Cybersecurity Recovery Plan)
- Broken trust: Lessons from Sunburst (Atlantic Council)
- AP sources: SolarWinds hack got emails of top DHS officials
- In wake of giant software hacks, defenders & dev teams must fix AppSec
Date 2021-03-30
- SolarWinds Breach Exposed 'Climate Change' Level of Threat to U.S. Cybersecurity: Experts (The Crime Report)
- SolarWinds Attackers Accessed DHS Emails, Report (tpost)
- Head of Homeland Security had his email hacked in SolarWinds attack (IT PRO)
- SolarWinds Hackers Said to Have Accessed Emails of Top US Security Officials (NewsDeal)
- AP report: SolarWinds hack obtained emails of top DHS officials (Techzine Europe)
- Department of Homeland Security email accounts exposed in SolarWinds hack (Cyber Security Review)
- ZDI-21-373 (Zero Day Initiative)
- N-able Reveals Sales Hit From SolarWinds Hack Amid Spin (Off)
- Infosec Community Increasingly Concerned about SolarWinds Breach, Four Months In
Date 2021-03-28
- Biden's National Cyber Director Nominee Delayed Amid Turf Battle (Newsmax.com)
- Biden Cyber Director Nominee Delayed Amid Turf Battle (News Talk WBAP-AM)
- iTWire (SolarWinds speaks out, and software dev can never be the same again)
- AP sources: SolarWinds hack got emails of top DHS officials (WTMJ)
- AP sources: SolarWinds hack got emails of top DHS officials (ConchoValleyHomepage.com)
- NIST SP 800 (172 release couldn’t come at a better time)
Date 2021-03-27
- Cybersecurity Board Reform Blows Into Place For SolarWinds
- Cybersecurity Board Reform Blows Into Place For SolarWinds
- Opinion (The United States has a major hole in its cyberdefense. Here’s how to fix it. - The Washington Post)
Date 2021-03-26
- Solarwinds Orion Platform updates fix two remote code execution issuesSecurity Affairs
- Mimecast’s Forensic Investigation Found That SolarWinds Hackers Copied Limited Number of Source Code Repositories (CPO Magazine)
- SolarWinds CEO: Here’s What We’re Doing to Prevent Another Attack (SDxCentral)
- Shareholder Alert: Robbins LLP Reminds Shareholders it is Investigating SolarWinds Corporation (SWI)
- Time for cyber teams, not stovepipes: Telos' CEO tells Wall Street - (Washington Technology)
- SolarWinds, cyberattacks (Homeland Security Newswire)
- New, critical vulnerability discovered that could let attackers gain entry to SolarWinds systems (The Cyber Security News)
- New, critical vulnerability could give attackers access SolarWinds systems
- Solarwinds Orion Platform Has New Code Execution Flaws
- Shareholder Alert: Robbins LLP Reminds Shareholders it is Investigating SolarWinds Corporation (SWI) (bizwire)
- SolarWinds Experimenting With New Software Build ... (Go Decrypt)
- SolarWinds hack: the mystery of one of the biggest cyberattacks ever (CyberNews)
- SolarWinds Orion Platform < 2020.2.5 Multiple Vulnerabilities (Tenable®)
- New, critical vulnerability could give attackers access SolarWinds systems (PG-Intel)
- SolarWinds Experimenting With New Software Build ...
- SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation - SWI (bizwire)
- White House to Require Software Firms to Disclose Breaches to Government Customers
- SOLARWINDS INVESTIGATION INITIATED by Former Louisiana Attorney General: Kahn Swick & Foti, LLC Investigates the Officers and Directors of SolarWinds Corporation (SWI)
- SolarWinds experimenting with new software builds … (Jioforme)
- SolarWinds Orion Update Fixes New Holes (ISSSource)
- Raindrop Loader delivers Cobalt Strike; SolarWinds - AlienVault (Open Threat Exchange)
- Boards still aren’t taking cybersecurity seriously, warns new NCSC boss. That means everyone is at risk (Bestgamingpro)
Date 2021-03-25
- New Code Execution Flaws In Solarwinds Orion Platform (SecurityWeek.Com)
- Robert W. Baird Stick to Their Hold Rating for SolarWinds Corporation By Investing.com
- Impatient lawmakers press Biden for cyber director nominee - (FCW)
- The Cybersecurity 202: NSA director says intelligence has a big blind spot: domestic Internet activity (wapo)
- How an advanced architecture can dramatically mitigate massive data breaches - (GCN)
- Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft (Reuters)
- New “CISO View” Survey on Zero Trust Highlights Credential Theft Trends for New Types of Identities (Odessa American: Business)
- NSA director says U.S. has a ‘blind spot’ for detecting attacks like SolarWinds, Microsoft Exchange (The Record by Recorded Future)
- Why the modern CISO should plan for greater Cybersecurity Regulations in the Biden Era (scmedia)
- EXCLUSIVE (Software vendors would have to disclose breaches ...)
- How the heck did US Intelligence miss SolarWinds AND Microsoft Exchange!? by Nick Espinosa (Security Fanatics)
- Fed Breach Disclosure Rule Planned After SolarWinds Hack: Report
- Biden executive order would force software vendors to disclose breaches (Seeking Alpha)
- SolarWinds Attack Illustrates Evolving Russian Cyber Tactics
- Bragar Eagel & Squire is Investigating Certain Officers and Directors of Zoom and SolarWinds Corporation on Behalf of Long (Term Stockholders and Encourages Investors to Contact the Firm)
- General says attacks by foreign hackers are 'clarion call' (StarTribune)
- Senators urge Energy chief to prioritize cybersecurity amid growing threats (hill)
- Why 2021 Is the Year for Zero Trust Security
- Biden Urged To Name National Cyber Czar Amid Breaches (Law360)
- Another Critical RCE Flaw Discovered in SolarWinds Orion Platform
- Another Critical RCE Flaw Discovered in SolarWinds Orion Platform (Times News Express)
- Another serious RCE flaw found on the SolarWinds Orion platform (Jioforme)
- What was so striking to Microsoft’s president about SolarWinds and Exchange Server attacks? (CyberNews)
- What Lessons Should We Learn From The Suspected Russian Hack Of SolarWinds And Other U.S. Agencies And Companies?
- Software vendors would have to disclose breaches to U.S. government users under new order (The Hindu)
- Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft (Reuters)
- Biden reportedly planning an executive order on cybersecurity breach notifications (SiliconANGLE)
- SolarWinds patches critical code execution bug in Orion Platform
- Exec Order Could Force Software Vendors to Disclose ...
- Senators Offer to Let NSA Hunt Cyber Actors Inside the US (Defense One)
- Nakasone Warns Adversaries Hack Unseen In US « Breaking Defense (Defense industry news, analysis and commentary)
- U.S. military launched over 2 dozen cyber operations before 2020 election (Axios)
- NSA Chief Says Recent Hacks Expose Limits of U.S. Cyber Protections (WSJ)
- Agency Dealing With US Nuclear Reserves Hacked In SolarWinds Hack
- Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft (Reuters)
- New, critical vulnerability discovered that could let attackers gain entry to SolarWinds systems (TerabitWeb Blog)
- Hearing | Hearings (United States Commitee on Armed Services)
- Microsoft Safety Scanner Download - Windows security (Microsoft Docs)
Date 2021-03-23
- Swiss Cyber Security Firm Says It Accessed Servers of a SolarWinds Hacking Group
- SolarWinds Attackers Manipulated OAuth App Certificates
- SolarWinds compromise leaves Senate questioning agency cyber defenses (Utility Dive)
- Biden ‘Will Cyberattack Putin’ (Because SolarWinds) (secblvd)
- Exchange Server updates. SolarWinds victim list "solidified." AFCEA and Shell disclose third (party breaches. MangaDex down.)
- NYSE: SWI Investors should contact the Shareholders Foundation in connection with the Lawsuit against SolarWinds Corporation
- Discussions About Mandated Cyber Incident Reporting Resurface After Nation-State Hacks (My TechDecisions)
- CHIRP Tool to Detect SolarWinds Malicious Activity
- Swiss cybersecurity firm says it accessed servers of SolarWinds hacking group (The Bharat Express News)
- Acting CISA Director Considers List Of SolarWinds Victims To Be Complete (Potomac Officers Club)
- Where's the accountability for Solarwinds? - (Defense Systems)
- ‘Accelerate change or lose’: Applying Gen. Brown’s action orders to cyberspace education and training
- King: Mandatory breach disclosure bill coming soon - (Defense Systems)
- US Response to SolarWinds Cyber Penetrations: A Good Defense Is the Best Offense (Russia Matters)
- 'Trust no one' becomes cyber mantra after massive hacking attacks (The Japan Times)
Date 2021-03-22
- Three Vulnerabilities Exposed During SolarWinds Attack & How It Could Have Been Prevented (CPO Magazine)
- Does Microsoft share blame for the SolarWinds hack? (Computerworld)
- CISA head: Group of SolarWinds victims is 'solidified' - (FCW)
- US government calls for better information sharing in wake of SolarWinds, Exchange attacks (CSO Online)
- SilverFish: Swiss researchers identify threat actor with links to SolarWinds hack
- US plans 'aggressive' cyber offensive against Russia in retaliation for SolarWinds attack
- Swiss firm says it has accessed servers of a SolarWinds hacker that attacked 4,700 targets, Tech News News & Top Stories (The Straits Times)
- Researchers discover threat actors with links to SolarWinds hack (IT PRO)
- Swiss firm accesses servers of hacking group linked to SolarWinds breach, Tech News News & Top Stories (The Straits Times)
- The cybersecurity problem we should really worry about (hill)
- The ‘Frankencloud’ model is our biggest security risk (TechCrunch)
- Recent attacks may drive government’s zero trust adoption - (GCN)
- House Lawmakers Ask Agencies to Provide More Details on SolarWinds Hack
- Mimecast: SolarWinds Attackers Stole Source Code - Micro Focus Community (2864117)
- Swiss Cybersecurity Firm says it Accessed Servers of a SolarWinds Hacker
- Swiss Firm Says It Accessed SolarWinds Attackers' Servers
- The cybersecurity problem we should really worry about (hill)
Date 2021-03-21
- CISA releases CHIRP, a tool to detect SolarWinds malicious activitySecurity Affairs
- CISA releases CHIRP, a tool to detect SolarWinds malicious activity (TerabitWeb Blog)
- SolarWinds remains 'rare story in software,' says Jefferies SWI (The Fly)
Date 2021-03-19
- Congress gives four agencies 10 days to report on SolarWinds damage (FRN)
- Burnt by SolarWinds attack? US releases tool for post-compromise detection (ZDNet)
- GitHub (cisagov/CHIRP: A forensic collection tool written in Python.)
- Interview: Sai Venkataraman, Co-Founder and CEO, SecurityAdvisor (Infosecurity Magazine)
- White House reviewing National Cyber Director role as Congress presses for governmentwide leadership (FRN)
- Agency hacks could accelerate push to zero trust security model - (FCW)
- CISA Releases New Tool To Scan For SolarWinds Compromise Activity (My TechDecisions)
- Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool (CISA)
- Here's what Chinese and Russian hackers are doing in Americans' emails
- Solarwinds Orion Attack
- SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (Cyber Security Review)
- Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker (Bloomberg)
- U.S. cyber agency releases tool to help SolarWinds Orion defenders (IT World Canada News)
- DHS CISA Shares Incident Response Tool for On (Prem Threat Activity)
- The Cybersecurity 202: Wyden calls for 'time out' in government cybersecurity contracting (wapo)
- [Security Weekly] Mimecast Source Code Stolen by Hackers Exploiting SolarWinds Sunburst Backdoor (Penta Security Systems Inc.)
- Did you get burned by the SolarWinds attack?US Releases Tools for Post-Infringement Detection (Texas News Today)
- Swiss Cybersecurity Firm Reveals Vital Details of Solarwinds Hackers (KoDDoS Blog)
- What SolarWinds Taught Us About Third Party Risk Management (SANS Institute)
- SolarWinds explainer
- Using CHIRP to Detect Post-Compromise Threat Activity in On-Premises Environments (CISA)
- Biden under growing pressure to nominate cyber czar (hill)
- Government Monitoring Won't Stop the Next SolarWinds Campaign, Experts Say (Zero Day)
- SolarWinds-Linked Attackers Target Microsoft 365 ... (PG-Intel)
Date 2021-03-18
- Patch Management in the Post-SolarWinds Era (secblvd)
- Mimecast reveals source code theft in SolarWinds hack (ZDNet)
- The Cybersecurity 202: Senate panel delves into SolarWinds hack (wapo)
- "The SolarWinds Hack - What we know & what to look for next" -- An MTUG Webinar - Mar 18, 2021 - LA Metropolitan Chamber of Commerce | Lewiston, ME - LA Metropolitan Chamber of Commerce (Lewiston, ME)
- SecurityScorecard snags $180M Series E to measure a company’s security risk (TechCrunch)
- SolarWinds attackers stole Mimecast source code (IT Security Guru)
- Source code for Mimecast stolen for SolarWinds breach (Texas News Today)
- SolarWinds hackers stole Mimecast source code
- HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Invites SolarWinds (SWI) Investors with Significant Losses to Contact Firm Before March 5, 2021 Deadline, SEC Investigating Company
- NSA, Homeland Security Push Service to Mitigate Cyber-Attacks (Bloomberg)
- US advised not to criticize Russian & Chinese cyberattacks given its history of doing the same
- Mimecast releases report on SolarWinds security incident investigation | 2021-03-18 (Security Magazine)
- Mimecast's source code stolen in SolarWinds breach
- Bipartisan lawmakers push Biden's Cabinet for answers on fallout from SolarWinds hack (Washington Times)
- Has Your Organization Been Breached By Solar Winds Malware?
- SolarWinds hackers stole source code from email security firm Mimecast
- SolarWinds hackers gain access to Mimecast production grid environment (PG-Intel)
- SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (ZDNet)
Date 2021-03-20
- Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker
Date 2021-03-17
- House lawmakers seek answers on SolarWinds from agency chiefs - (FCW)
- Mimecast dumps SolarWinds Orion for Cisco NetFlow after hack - Software (CRN Australia)
- Mayorkas Addresses Cyber Hacks at House Hearing (MeriTalk)
- Russia's Efforts At Information Warfare Against The West Continue : NPR
- What 2020 taught us about the need for deception technology (scmedia)
- New York Regulator Issues Cyber Insurance Guidelines (Newmeyer Dillion - JDSupra)
- Officials urge Biden to appoint cyber leaders after SolarWinds, Microsoft hacks (hill)
- Why America will never be safe from cyberattacks
- Bipartisan Group of Lawmakers Request Information on SolarWinds Cyber Attack (Democrats, Energy and Commerce Committee)
- Suspected Chinese hackers used SolarWinds bug to spy on US payroll agency (sources)
- Hearings to examine the SolarWinds supply chain attack, focusing on the Federal perspective. | Congress.gov (Library of Congress)
- Lawmakers press federal agencies on scope of SolarWinds attack (hill)
- Russia's Efforts At Information Warfare Against The West Continue : NPR
- SolarWinds hackers stole some of Mimecast source code (RedPacket Security)
- Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code
- Mimecast Ax SolarWinds Orion for Cisco NetFlow After Hack - CRN (OLTNEWS)
- Mimecast Update: SolarWinds Hackers Stole Source Code
- Mimecast: SolarWinds Attackers Stole Source Code (tpost)
- Mimecast confirms hackers behind SolarWinds supply chain attack accessed limited amount of customer information (The Daily Swig)
- SolarWinds Attackers Accessed Mimecast Source Code (Decipher)
- Mimecast Says SolarWinds Attackers Accessed its ...
- SolarWinds hackers gain access to Mimecast production grid environment
- Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code
- Mimecast dumps SolarWinds after hackers breached its network (IT PRO)
- Mimecast Discovers That Solarwinds Hackers Stole Some of Their Source Code (TheDigitalHacker)
- Mimecast dumps SolarWinds after hackers breached its network (The Cyber Security News)
- Mimecast Says SolarWinds Hackers Stole Source Code (SecurityWeek.Com)
- Can the Biden Administration Get Russia Policy Right? (Russia Matters)
- Senators press for federal agency accountability over SolarWinds - (FCW)
- Fed CISO DeRusha Calls New Funding ‘Down Payment’ on Security Improvements (MeriTalk)
- The Case for 'Zero Trust' Approach After SolarWinds Attack
- Feds aren't well prepared to spot SolarWinds-style hacks at agencies, CISA official says (CyberScoop)
- TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise (Homeland Security Today)
- House Energy Committee Requests SolarWinds Update from Agencies
- iTWire (Ohio senator lashes govt over accountability for SolarWinds attack)
- Why the SolarWinds Attack Easily Slipped by All EDR/EPP Solutions (secblvd)
- SilverFish Group Threat Actor Report
- Senate Security Leaders Eye FISMA Revamp, SolarWinds Accountability
- The Lawfare Podcast: Dmitri Alperovitch on SolarWinds and Microsoft Exchange on Apple Podcasts
- Senator Hassan Presses Top Administration Officials on Strengthening Cybersecurity Across All Levels of Government Following SolarWinds & Microsoft Exchange Breaches (U.S. Senator Maggie Hassan of New Hampshire)
- Solarwinds stock forecast
- SolarWinds compromise leaves Senate questioning agency cyber defenses (Cybersecurity Dive)
- SolarWinds (Linked Attackers Target Microsoft 365 ...)
- The SolarWinds Senate hearing: 5 key takeaways for security admins (CSO Online)
Date 2021-03-16
- White House considers cybersecurity ratings to boost visibility - (GCN)
- Microsoft could be set for a US government windfall (TechRadar)
- 3 ways agencies can restore cybersecurity trust - (GCN)
- Security Vendors Understate Risks in Senate Hearing on SolarWinds
- Mimecast Axes SolarWinds Orion For Cisco NetFlow After Hack
- For US cyber defense, helpful hackers are only half the battle (hill)
- HAFNIUM targeting Exchange Servers with 0-day exploits (Microsoft Security Blog)
Date 2021-03-15
- Google, Microsoft Feud Over Antitrust, Hacking Issues (Silicon UK)
- US government to respond to SolarWinds hackers in weeks
- Capitol Hill angry over Microsoft’s security upcharge (POLITICO)
- The US must adopt Software Bill of Materials to thwart cyberattacks (hill)
- Microsoft Pitches Cybersecurity To U.S., (Campaigns & Elections)
- SolarWinds Attacks Recovery Effort Could Take U.S. Government 18 Months (secblvd)
- Cybersecurity Officials Call for Network Visibility, Software Assurance After Russian Hack (FedTech Magazine)
- Michael Dell: Public Cloud Isn’t More Secure Than On (Premise)
- Biden Administration to Respond to SolarWinds Hackers in Weeks, Not Months
- The Obama administration had a plan to stop cyberattacks like SolarWinds—and blew it.
- Top SolarWinds Alternatives (eSecurityPlanet)
- US Should Create New 3-Pronged Approach To Cybersecurity (Law360)
- Exchange Hacks: How Will the Biden Administration Respond?
- SolarWinds Attacks Recovery Effort Could Take U.S. Government 18 Months
- US government to respond to SolarWinds hackers in weeks - Security (iTnews)
Date 2021-03-14
- SolarWinds, SUNBURST, and supply chain security.
- "In Weeks, Not Months," Will the US Government Respond to Solarwinds Hackers Said a Senior Official (TheDigitalHacker)
- Infamous Solarwinds attack started with just two simple mistakes (ABC News)
- An update on the SolarWinds hack and data bre... (CBS News)
- An update on the SolarWinds hack and data breach (CBS News)
- White House Weighs New Cybersecurity Approach After Failure to Detect Hacks (nyt)
Date 2021-03-13
- Why ‘blaming the intern’ won’t save startups from cybersecurity liability (TechCrunch)
- U.S. government to respond to SolarWinds hackers in weeks: senior official — Agenparl
- US moves closer to retaliation over hacking as cyber woes grow | World (Malay Mail)
- Why ‘blaming the intern’ won’t save startups from cybersecurity liability – TechCrunch (Bestgamingpro)
- SolarWinds and Microsoft hacks spark debate over western retaliation (World News Curatory)
- U.S. government to respond to SolarWinds hackers in weeks: Senior Official (.:: CHASLES CORP. ::.)
Date 2021-03-12
- There’s a vexing mystery surrounding the 0-day attacks on Exchange servers (ars)
- Here's What To Make Of SolarWinds' (NYSE:SWI) Returns On Capital
- Google accuses Microsoft of using 'naked corporate opportunism' to distract from SolarWinds hack (Windows Central)
- Our ongoing commitment to supporting journalism
- The Cybersecurity 202: Democrats' new infrastructure bill highlights cybersecurity concerns (wapo)
- Biden administration to respond in weeks to SolarWinds hackers-senior official | The Mighty 790 KFGO (KFGO)
- Retaliation Options: US Cyber Responses To SolarWinds, Exchange Hacks « Breaking Defense (Defense industry news, analysis and commentary)
- U.S. government to respond to SolarWinds hackers in weeks: senior official
- How Should the U.S. Respond to the SolarWinds and Microsoft Exchange Hacks? (Lawfare)
- Biden administration to respond in weeks to SolarWinds hackers-senior official (The Star Phoenix)
- SolarWinds Investors Get Lead Plaintiff in Server Hack Risk Case
- Post-SolarWinds, IT departments increase vendor scrutiny (CIO Dive)
- Biden administration mulls software security grades after SolarWinds
- SolarWinds stockholders begin documenting financial losses
- US to Respond to SolarWinds Hackers in Weeks: Senior Official (KMJ-AF1)
- U.S. government to respond to SolarWinds hackers in weeks: senior official (Reuters)
- SolarWinds lawsuits merge as stockholders begin documenting financial losses (TerabitWeb Blog)
- Cisco Talos Intelligence Group (Comprehensive Threat Intelligence: Talos Takes Ep. #44: A roundtable discussion on SolarWinds)
- SolarWinds Case 1:21-cv-00002-RP -- Motion to Consolidate Class Actions (DocumentCloud)
- Despite hacks, US not seeking widened domestic surveillance (FRN)
- US moves closer to retaliation over hacking as cyber woes grow
- SolarWinds NYC Carpenters Complaint (DocumentCloud)
- US government to respond to SolarWinds hackers in weeks: Senior official (CNA)
- Despite hacks, Biden admin not planning to step up government surveillance (Hindustan Times)
- U.S. government to respond to SolarWinds hackers in weeks: senior official | Article [AMP] (Reuters)
Date 2021-03-11
- Be on the Lookout: Impact of SolarWinds Orion Compromise on
- SolarWinds And Microsoft Exchange Attacks: Lay Down The Cyber Law
- After SolarWinds, Companies Turn to Insurers, Not Feds, for Protection
- Hacked Firms Face ‘Frankenstein’ of State (Based Cyber Notification Laws)
- Relief Package Includes Less for Cybersecurity
- Opinion: A 'Cyber Pearl Harbor' Looms for America Amid Widespread Digital Complacency (Times of San Diego)
- SolarWinds attack and Executive Order on America's Supply Chain illuminate gaps in supply chain risk management, spur innovative solutions by Fortress Information Security
- Why embedded devices are the dangerous blind spot in the SolarWinds attack (hill)
- There is Still More to SolarWinds Attack (Cyware Alerts - Hacker News)
- Windows Exchange, Senate SolarWinds Hack Hearing & NSA’s Zero Trust Recommendations by TFIR: Open Source & Emerging Technologies (Free Listening on SoundCloud)
- The Impact of the SolarWinds Breach on Cybersecurity
- SolarWinds data breach was warning sign to FINRA, cybersecurity chief says | Secondary Sources | National (Westlaw Today)
- Windows Exchange, Senate's SolarWinds Hack Hearing & NSA’s Zero Trust Recommendations (TFiR: Interviews, News & Analysis by Swapnil Bhartiya)
- Marco to Hold Webinar on SolarWinds Orion Attack
- SolarWinds Co. (NYSE:SWI) Receives Consensus Rating of "Hold" from Brokerages (MarketBeat)
- Evolving Cybersecurity Takes More Than Money
- SolarWinds CEO blames intern for cyber attack (Lexology)
- Why 'Layered Security' Should Be Your New Mantra
- Amundi expects no U.S. sanctions on Russia sovereign debt (Reuters)
- SolarWinds (NYSE:SWI) Takes On Some Risk With Its Use Of Debt (Simply Wall St News)
- Microsoft Probing Whether Leak Played Role in Suspected Chinese Hack (WSJ)
- SolarWinds and Microsoft hacks spark debate over western retaliation
- (190) Roundtable: What we've learned (and what we still don't know) about SolarWinds (YouTube)
Date 2021-03-10
- NCP (National Checklist Program Repository)
- CISA: ‘Identity is everything’ for cyber defense post-SolarWinds (FRN)
- Chinese suspected of two attacks on internet (facing SolarWinds server)
- SolarWinds Unlikely to Be an Isolated Event as Attackers Become More Sophisticated (Infosecurity Magazine)
- Kremlin and other Russian official websites down; experts doubt US involvement, World News (wionews.com)
- US 'planning all (out cyberwar on Russia in retaliation for SolarWinds hack' and may take action in next three weeks)
- DHS CISA Shares Remediation, Risk Guidance for SolarWinds Compromise
- Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)
- Chinese threat actor exploited SolarWinds vulnerability. Second (stage backdoor possibly linked to SolarWinds compromise. Dependency confusion updates.)
- Bill Would Eliminate Immunity for Foreign Hackers (Nextgov)
- Congress's latest hacking investigation should model its most recent (hill)
- Security researchers discover Supernova web shell activity linked to Chinese hackers | 2021-03-10 (Security Magazine)
- Chinese hackers presumably behind SolarWinds hack new evidence revealed (Secure Blink)
- Cyber Command: ‘No evidence’ that SolarWinds attackers compromised DoD networks (The Record by Recorded Future)
- Nevada CIO says state’s IT is 8 years behind others’ (StateScoop)
- PodcastOne: In the wake of the SolarWinds breach, lawmakers turned to industry for recommendations
- FireEye CEO: Reckless Microsoft hack odd for China
- Russian hack targeting US government places SolarWinds financial model in the cross hairs (KPIC)
- FireEye CEO: Reckless Microsoft hack unusual for China | (leadertelegram.com)
- The SolarWinds Cyber-Attack – The Devastation and Wreckage (Michael Volkov - JDSupra)
- White House Cyber Group Discusses How to Stop Another SolarWinds
- Gary Davis on Twitter: "Lawmakers blame #SolarWinds hack on ‘collective failure’ to prioritize #cybersecurity https://t.co/IIXbsitaBr" / Twitter
- Patching, with special attention to Hafnium and the rest. Responding to the SolarWinds incident. Hactivists don’t like cameras. Dragnet in the Low Countries.
- What the Quad Must Learn From the SolarWinds Hack (The National Interest)
Date 2021-03-08
- GoldMax, GoldFinder, and Sibot, are the 3 new Malwares Used by SolarWinds Hackers (IT Security News)
- Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
- Server Management Software Market Segmentation 2021, by Key Players: Datadog, SolarWinds MSP, ManageEngine, Microsoft, BMC Software, Central Solutions etc. (Breakout Live)
- Researchers Identify More Malware Used By SolarWinds Hack Group
- Cybersecurity in 2021: Stopping the madness (CSO Online)
- Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
- Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks (ZDNet)
- Microsoft adopted ‘aggressive’ strategy for sharing SolarWinds Attack intel (Urgent Comms)
- Hearings On The SolarWinds Hack And Possible Policy Responses - Technology (United States)
- White House juggling response to Microsoft, SolarWinds hacks
- Casting a wide intrusion net: Dozens burned with single hack | (leadertelegram.com)
- Hearings On The SolarWinds Hack And Possible Policy Responses (MarketScreener)
- EXCLUSIVE: I am Groot - POLITICO: one-on (wine with lead house cyber chair)
- New Cyber Insurance Risk Framework Provides Best Practices for the Insurance Industry (Bradley Arant Boult Cummings LLP - JDSupra)
- Gen. Paul Nakasone on CYBERCOM’s Response to SolarWinds Breach, ‘Defend Forward’ Concept
- Proposal Would Let Foreign Gov'ts Be Sued For Cyberattacks (Law360)
- Hacked Companies Caught in Maze of Notification Requirements
- US plans 'a mix of actions' against Russia over SolarWinds cyberattack (Engadget - News WWC)
- ‘Retaliation’ for Russia's SolarWinds Spying Isn't the Answer (WIRED)
- Will the US Government Recognize SolarWinds as a Cyber Inflection Point? (Data Core Systems)
- U.S. cyberattacks against Russia may be underway in reprisal for SolarWinds hack, experts say (Just The News)
- Biden Plans Cyber Attacks Against Russia For SolarWinds Hack, Ignores Chinese Involvement (National File)
- Latest target for hackers: A popular file-transfer program (WRAL TechWire)
- Is it time to adopt an ‘assumed breach’ cyber policy? (BIC Magazine)
- What to Do About Cybersecurity (Law, Policy -- and IT?)
- The SolarWinds attack and best practices for code (signing)
- China (linked hackers exploited SolarWinds software in 2020 breach, researchers say)
- Microsoft: Microsoft failed to shore up defenses that could have limited SolarWinds hack (U.S. senator, Telecom News, ET Telecom)
- Chinese hackers targeted SolarWinds customers in parallel with Russian op (ars)
- Hackers hiding Supernova malware in SolarWinds Orion linked to China
- More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
- [Update] SolarWinds Hack Finds Possible Link to China, Say Researchers-- Supernova Malware Detected (Tech Times)
- SolarWinds attack and Executive Order on America's Supply Chain illuminate gaps in supply chain risk management, spur innovative solutions by Fortress Information Security
- Security Policies Do Matter, but Really Only So Much
- SolarWinds just keeps getting worse: New strain of backdoor malware found in probe (Register)
Date 2021-03-09
- Understanding Third (Party Hacks, Learning from SolarWinds Hack)
- SolarWinds Hack (CEPA)
- SolarWinds Sunburst backdoor supply chain attack: Why it still matters | Security (ITP.net)
- US plans mix of 'seen and unseen' actions against Russia over SolarWinds attacks
- Beazley on the implications of the Solar Winds hacking incident (Insurance Business)
- Kremlin calls NYT report on planned U.S. cyberstrikes on Russia 'alarming' (Reuters)
- How the SolarWinds attack may affect your organization's cybersecurity (TechRepublic)
- Kremlin: Report On Planned U.S. Cyberstrikes On Russia 'Alarming'
- Biden challenged by early cyber threats (hill)
- Episode 124: Solarwinds recap (Cyber24)
- New survey examines the impact of SolarWinds breach on cybersecurity | 2021-03-08 (Security Magazine)
- NYSE: SWI Shareholder Notice: Lawsuit against SolarWinds Corporation Announced by Shareholders Foundation | 2021-03-09 | Press Releases (Stockhouse)
- Registration
- More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
- Russia Warns Against U.S. Retaliation for SolarWinds Amid Fears of Cyberwar | World Report (US News)
- Was SolarWinds a Different Type of Cyber Espionage? (Lawfare)
- The SolarWinds Hack Gets Worse, But Offers A Tiny Bit Of Amusement (PC Perspective)
- Bill Would Allow Americans to Sue Foreign Hackers
- Researchers Describe a Second, Separate SolarWinds Attack
- Guidance on Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)
- Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
- SolarWinds, cyberattacks (Homeland Security Newswire)
- World Wide Technology (TEC37: 26. Security – Would Zero Trust Have Prevented the SolarWinds Breach? on Apple Podcasts)
- SolarWinds Aftermath Threat Hunting Survey Yields Mixed News
- Air Force Only Service to Develop Cybersecurity Requirements for Weapon Systems Contracts, GAO Says (Nextgov)
- FireEye and Microsoft Uncover More Malware Strains Used in SolarWinds Hack (Toolbox Security)
- Why the SolarWinds Hack Is a Wake-Up Call (CoFR)
- The SolarWinds Hack Hits Home (DevPro Journal)
- How SolarWinds’ Approach to Cybersecurity Made It Vulnerable to an Attack (TTI)
Date 2021-03-07
- Casting a wide intrusion net: Dozens burned with single hack (StarTribune)
- Microsoft: We’ve found three more pieces of malware used by the SolarWinds attackers (Bestgamingpro)
- Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management be Held Accountable for Investors Losses? Contact Johnson Fistel (NeighborWebSJ)
- SolarWinds Password Fail, Chinese Hacking Exchange, Google to stop Tracking Cookies
- Shareholder Alert: Pawar Law Group Announces A Securities Class Action Lawsuit Against Solarwinds Corporation (SWI)
- Preparing for Retaliation Against Russia, U.S. Confronts Hacking by China (nyt)
Date 2021-03-06
- Second (stage backdoor possibly linked to Solorigate campaign. Hafnium exploits Exchange Server vulnerabilities.)
- GoldMax, GoldFinder, and Sibot, 3 new malware used by SolarWinds attackers (IT Security News)
- Microsoft Reveals 3 New Malware Variants Relating to SolarWinds Cyberattack
- China’s and Russia’s spying sprees will take years to unpack (ars)
- Microsoft Adopted an 'Aggressive' Strategy for Sharing SolarWinds Attack Intel (News AKMI)
- Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet - PressboltNews)
- DIB Take Note: SolarWinds Hack and DHS CISA Emergency Directive on Cyber Vulnerabilities Point to the Need to be Prepared for APTs (Stinson - Government Contracting Matters - JDSupra)
- Did you acquire SolarWinds (SWI) before October 18, 2018? Should management be held responsible for investor losses? Contact Johnson Fistel (OLTNEWS)
- Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management Be Held Accountable For Investors Losses? Contact Johnson Fistel SWI
- SolarWinds : Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management be Held Accountable for Investors Losses? Contact Johnson Fistel (MarketScreener)
- Casting a wide intrusion net: Dozens burned with single hack
Date 2021-03-05
- After SolarWinds breach, White House preps executive order on software security (CyberScoop)
- SWI ALERT: The Klein Law Firm Announces a Lead Plaintiff Deadline of March 5, 2021 in the Class Action Filed on Behalf of SolarWinds Corporation Limited Shareholders
- Microsoft Corporation (NASDAQ:MSFT), Solarwinds, Inc. (NYSE:SWI) - Microsoft's Emergency Security Patch After Cyber Attack Attracts White House Monitoring: Reuters (Benzinga)
- It’s Time for a Cybersecurity Quid Pro Quo (Nextgov)
- Risky business: 3 timeless approaches to reduce security risk in 2021 (Help Net Security)
- The Cybersecurity 202: Companies are doing a terrible job of reporting cybersecurity risks to investors, a new study says (wapo)
- Lawsuits Filed Against SWI, XOM and ATNX (Jakubowitz Law Pursues Shareholders Claims)
- Atense Says Its Computer Vaccine Will Prevent Future “SolarWinds” Hacking Events - Press Release (Digital Journal)
- Microsoft Drops 'Solorigate' for 'Nobelium' in Ongoing SolarWinds Attack Investigations - (Redmondmag.com)
- Microsoft discovers more malware used by SolarWinds attacker while FireEye finds new backdoor (IT World Canada News)
- Microsoft Adopted an 'Aggressive' Strategy for ...
- Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
- SolarWinds: "IT's Pearl Harbor." (InsiderPro)
- Three New Malware Strains Linked to SolarWinds Hackers (TerabitWeb Blog)
- The Klein Law Firm Reminds Investors of Class Actions on Behalf of Shareholders of SWI, VLDR and REGI
- Protect, Detect, and Respond to Supply Chain Cyber Attacks (e.g. Solarwinds) Using Splunk Enterprise Managed Security Services - (Redmondmag.com)
- CMMC Project Update: Rule Comments and the Impending Split (ClearanceJobs)
- Researchers Find 3 New Malware Strains Used by SolarWinds Hackers (WP Guy News)
- Microsoft shares details on three new malware strains used in SolarWinds hack
- SolarWinds Orion Security Breach: Cyberattack Timeline and Hacking Incident Details (ChannelE2E)
- SWI DEADLINE ALERT: ROSEN, TOP RANKED IVNESTOR COUNSEL, Encourages SolarWinds Corporation Investors with Large Losses to Secure Counsel Before Important Deadline Today in Securities Class Action (SWI)
- Second (stage backdoor in SolarWinds compromise victim. Exchange Server exploitation. RedEcho as staging. Leaky clouds.)
- U.S. Weapons Programs Lack 'Key' Cybersecurity Measures (tpost)
- Did You Acquire SolarWinds (SWI) Before October 18, 2018? Should Management be Held Accountable for Investors Losses? Contact Johnson Fistel
- SolarWinds SUNBURST Backdoor DGA and Infected Domain Analysis (Cybersecurity Insiders)
- This Week In SolarWinds, with a key unexpected lesson (The Business of Tech)
- Move over, SolarWinds: 30,000 orgs’ email hacked via Microsoft Exchange Server flaws (Verge)
- Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims (WIRED)
Date 2021-03-04
- New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (fireeye)
- The danger in calling the SolarWinds breach an ‘act of war’
- Congressional Hearings on SolarWinds Hack
- Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers (tpost)
- SolarWinds blames at least some of its poor cybersecurity on an intern and a bad password.
- Lesson From SolarWinds Attack: It's Time to Beef Up IAM
- SolarWinds hack a wake-up call to the tech sector (GZERO Media)
- Researchers Disclose More Malware Used in SolarWinds Attack
- The March IronNet Threat Intelligence Brief (secblvd)
- China’s and Russia’s Spying Sprees Will Take Years to Unpack (WIRED)
- Citigroup Begins Coverage on SolarWinds (NYSE:SWI) (MarketBeat)
- SolarWinds : Announcing ‘Cyber Insurance Risk Framework,' NY DFS Joins OFAC In Discouraging Carriers From Making Ransomware Payments (MarketScreener)
- Biden makes cybersecurity ‘top priority’ in national security guidance (FRN)
- Lessons from the SolarWinds Breach (BeyondTrust)
- What’s the message about Cloud Contracts since AWS declined to testify to the Senate about SolarWinds? | Blogs | Internet, IT & e-Discovery Blog (Foley & Lardner LLP)
- Microsoft, FireEye Uncover More Malware Used in the ...
- SolarWinds Deadline Alert
- Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet)
- SWI Deadline: Bronstein, Gewirtz & Grossman, LLC Reminds SolarWinds Corporation Shareholders of Class Action and Lead Plaintiff Deadline: March 5, 2021
- DIB Take Note: SolarWinds Hack and DHS CISA Emergency Directive on Cyber Vulnerabilities Point to the Need to be Prepared for APTs (Lexology)
- SWI FILING DEADLINE TOMORROW: Bernstein Liebhard LLP Reminds Investors of the Deadline to File a Lead Plaintiff Motion in a Securities Class Action Lawsuit Against SolarWinds Corporation
- CYBERCOM Plays ‘Key Role’ As SolarWinds Unfolds: Gen. Nakasone « Breaking Defense (Defense industry news, analysis and commentary)
- Cyber Attacks: Tech’s natural disasters (Gadget)
- FINAL DEADLINE TOMORROW: The Schall Law Firm Announces the Filing of a Class Action Lawsuit Against SolarWinds Corporation and Encourages Investors with Losses to Contact the Firm
- Microsoft reveals GoldMax, Sibot and GoldFinder new malware strains used by SolarWinds hackers (Cyber Security Review)
- New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (Mandiant)
- FireEye finds new malware likely linked to SolarWinds hackers - AlienVault (Open Threat Exchange)
Date 2021-03-03
- Will the SolarWinds hack make us tighten security in the tech industry?
- FBI Director Suggests Multi-Pronged Response to SolarWinds Hack (News Talk WBAP-AM)
- SolarWinds Hacking Damage Could Take up to 18 Months to Recover (Tech Times)
- Cloud Vs On (premise Debate Flares Up In The Wake Of Solarwinds Attack)
- CLASS ACTION UPDATE for SWI, JFU and CLOV: Levi & Korsinsky, LLP Reminds Investors of Class Actions on Behalf of Shareholders
- Okta CEO: After SolarWinds hack, leaders must think about 4 points
- Microsoft: SolarWinds Attack Highlights Growing Sophistication of Nation-State Actors (Infosecurity Magazine)
- SolarWinds CEO Blames Intern for GitHub Password Fiasco (Toolbox Security)
- How SolarWinds Busted Up Our Assumptions About Code ...
- SolarWinds Senate Hearing: Moving Forward It’s All About Zero Trust (secblvd)
- CISA Official Calls for Update of Identity Management Guidance in Wake of SolarWinds Compromise (Nextgov)
- Microsoft opens CodeQL queries to public after SolarWinds hack
- Blinken vows renewed focus on emerging tech after hack (hill)
- Still more questions than answers on SolarWinds attack - (Defense Systems)
- SolarWinds Senate Hearing: Moving Forward It’s All About Zero Trust
- SolarWinds Incident May Bring Data Breach Notification Rules
- DEADLINE ALERT for SWI, QS, TCDA: Law Offices of Howard G. Smith Reminds Investors of Class Actions on Behalf of Shareholders
- Is Solarwinds safe? - General Software Forum (Spiceworks)
- SolarWinds Hackers Obtained Emails of Top US Department of Homeland Security Officials (Cyberintel Magazine)
Date 2021-03-01
- iTWire (Microsoft chief's claims on cloud security result in sharp rejoinder)
- SolarWinds to spend up to US$25M on security following attack - Software (CRN Australia)
- SolarWinds faces an SEC inquiry following insider stock sales that took place before Russian hack (wapo)
- SolarWinds security fiasco may have started with simple password blunders (ZDNet)
- Incident Response to SolarWinds Orion Software Compromise for SMEs
- After SolarWinds debacle, the U.S. needs to keep software makers from being hurt by cost (cutting owners)
- Massive SolarWinds Hack Prompts Up to $25 Million in New Expenses
- Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains
- SolarWinds: Undervalued Despite The ORION Hack (NYSE:SWI) (Seeking Alpha)
- What the SolarWinds Attacks Mean for Cloud Data Protection - (Redmondmag.com)
- SolarWinds: Look Beyond The Hack (NYSE:SWI) (Seeking Alpha)
- If the Walls Fall: Federal Agencies Must Layer Cyber Defenses to Ensure Data Protection (MeriTalk)
- National Security Risks of Late-Stage Capitalism (secblvd)
- The SolarWinds Body Count Now Includes NASA and the FAA (WIRED)
- SHAREHOLDER ALERT: Pawar Law Group Announces a Securities Class Action Lawsuit Against SolarWinds Corporation (SWI)
- Cyber risks loom over Covid-prompted corporate IT shifts (POLITICO)
- NTIA Software Component Transparency (National Telecommunications and Information Administration)
- Sai Huda’s best-selling book Next Level Cybersecurity reveals signals missed in world’s largest hacks such as SolarWinds (EIN Presswire)
- SolarWinds Orion Web Performance Monitor (WPM) Remote Detection (Tenable®)
- How SolarWinds is turning the Orion breach into competitive advantage (Weirdware)
- SolarWinds Cyberattack Prompts Calls for Aggressive Countermeasures | The Well News (Pragmatic, Governance, Fiscally Responsible, News & Analysis)
- SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020 (TI Forense)
- Cloud (based dev teams must shift security left to avoid fate of SolarWinds)
- SolarWinds (Morgan Stanley Technology, Media and Telecom Conference)
- Comment: Mystery — and fear — mounts over SolarWinds hack (HeraldNet.com)
- NYSE:SWI Shareholder Notice: Deadline on March 5, 2021 in Lawsuit Against SolarWinds Corporation - Press Release (Digital Journal)
- Document
- Solarwinds Form 10-K filing 2020-12 (31)
- Breached software firm SolarWinds faces SEC inquiry after insider stock sales (Flipboard)
- Recovering from the SolarWinds hack could take 18 months (MIT Technology Review)
- SolarWinds attack – What is Known and How to Stay Protected (Check Point Software)
Date 2021-02-28
- SolarWinds Officers Blame Intern for ‘solarwinds123’ Password (The Times Hub)
- Solarwinds blamed intern for weak password ( experts have doubts)
- SHAREHOLDER ALERT: SWI QS CLOV: The Law Offices of Vincent Wong Reminds Investors of Important Class Action Deadlines
- SolarWinds hack pits Microsoft against Dell, IBM over how companies store data
- Solarwinds Class Action Reminder
- Congress has new appetite for breach law following SolarWinds hack - Security (iTnews)
- Former SolarWinds CEO Blames Intern for Password Security Breach
- Hearing on Hack Prompts Call for Review of Government’s Cloud Procurement (Nextgov)
- Hackers seized on the pandemic. Some states are fighting back | National (bakersfield.com)
- Buy Palo Alto Networks (PANW) On Weakness; Unlocking Value Of Cloud Business (Seeking Alpha)
- ‘The Marriage Pact’ and the risks we take with data (Charlotte Observer)
- FireEye cyber CEO: American internet users will be targeted in next war
- Jake Williams on Twitter: "I've been thinking a LOT about Brad Smith's testimony this week about #SolariGate. He repeatedly implies that if organizations "just" adopt a cloud first model, they won't experience these sorts of attacks. I called that reckles
Date 2021-02-27
- The SolarWinds Body Count Now Includes NASA and the FAA (WIRED)
- SolarWinds’ security practices questioned by lawmakers following cyber attack
- Tech executives testify in Solorigate hearing. Accellion breach updates. Silver Sparrow targets Macs.
- Critical VMware vSphere Vulnerability Is a Must (Patch)
- Former SolarWinds CEO Blames Intern for “solarwinds123” Password Leak (FR24 News English)
- Microsoft’s Brad Smith Drags AWS, Google Over SolarWinds Response
- Kamala Harris To Prioritize Cybersecurity And Global Health In Foreign Policy Platform (MITechNews)
- SolarWinds Hack Pits Microsoft Against Dell, IBM Over How Companies Store Data (WSJ)
- Microsoft president criticizes Amazon and Google's public response to SolarWinds hack (Washington Times)
- Jeff Elder on Twitter: "SolarWinds leaders told Congress today the password "solarwinds123" was a mistake by an intern. An email from the company in 2019 links the issue to "publicly accessible" data and "exposed credentials." https://t.co/UTfYWYNTFP" / T
- Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak (WKSM-FM)
- Jeff Elder on Twitter: "SolarWinds leaders told Congress the password "solarwinds123" was a quickly fixed intern's error. Records show it was a publicly accessible software (update server with password visible for two years. A company email from 2019 notes)
- Solarwinds blamed intern for weak password – experts have doubts (FR24 News English)
- Accusation: Microsoft failed with security in the SolarWinds hack (Born's Tech and Windows World)
- SolarWinds Officials Blame Intern for ‘solarwinds123’ Password
- The SolarWinds Body Count Now Includes NASA and the FAA (Tech Exec)
- RABET (V Pilot Update and SolarWinds Mitigations)
- iTWire (John Capobianco)
- Senate Intelligence Hearing on SolarWinds Hacking (C-SPAN.org)
- cybersecurity: Tech executives face round two of Congressional grilling over SolarWinds breach, Telecom News, ET Telecom
- Vinoth Kumar on Twitter: "https://t.co/H18DCF44El is an intern service according to the Solarwinds ceo so an intern who worked for only for 3 months(2017) had an access to the FTP server and credential was not rotated after he left. So so
Date 2021-02-26
- Microsoft Releases Queries for SolarWinds Attack Detection
- Solarwinds Corporation (SWI) Q4 2020 Earnings Call Transcript (The Motley Fool)
- Microsoft shares tool to hunt for compromise in SolarWinds breach (CyberScoop)
- It’s Not Such a Breeze: Assessing Your Service Providers After SolarWinds (New York Law Journal)
- Watch live: Congressional hearing on SolarWinds breach (hill)
- SolarWinds Plans Cybersecurity Investment After Supply Chain Compromise (ExecutiveBiz)
- Fallout From the SolarWinds Hack (Bloomberg)
- Miller-Meeks says 'SolarWinds' hack a wake up call for all (Radio Iowa)
- Hillicon Valley: Second SolarWinds hack hearing | TikTok to settle privacy lawsuit | Facebook apologizes for removing lawmaker post (hill)
- Congress has new appetite for breach law following SolarWinds hack -lawmaker (The Star Phoenix)
- The anatomy of the SolarWinds attack chain (ITWeb)
- SHAREHOLDER ALERT: Levi & Korsinsky, LLP Notifies Shareholders of SolarWinds Corporation of a Class Action Lawsuit and a Lead Plaintiff Deadline of March 5, 2021 (SWI)
- CrowdStrike Exec Points to Active Directory 'Structural Problems' in Senate Solorigate Hearing - (Redmondmag.com)
- Microsoft could've prevented some SolarWinds damage (IT Security Guru)
- Katko Opening Statement at Hearing on SolarWinds Cyber Campaign - Committee on Homeland Security (Republicans)
- The SolarWinds Hack and Its Hidden Impacts on Small & Medium Size Enterprises (Fairfax County EDA)
- SolarWinds hack calls for data breach laws, cyber funding, lawmaker told | Secondary Sources | National (Westlaw Today)
- Miller-Meeks says ‘SolarWinds’ hack a wake up call for all (Sioux County Radio)
- WEBINAR: How to avoid being the next SolarWinds security incident Tickets, Thu, Mar 4, 2021 at 10:00 AM (Eventbrite)
- Risk & Repeat: Inside the SolarWinds Senate hearing
- Basic cybersecurity standards must start with procurements, experts say
- File Integrity Monitoring Market Current and Future Demand 2027 (Solarwinds, Alienvault, Logrhythm, Trustwave, Manageengine, Trend Micro, and more – NY Market Reports)
- Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers (ZDNet)
- U.S. Government Cybersecurity Vulnerabilities Flow Down to Private Companies and Federal Court Litigants (New York Law Journal)
- US may announce new sanctions on Russia within weeks - White House press secretary - World (TASS)
- Former NSA and Cyber Command Chief Keith Alexander on SolarWinds, Cyberwar, and China (The Record by Recorded Future)
- SolarWinds Executives Blame Intern for Leaking Password 'solarwinds123', Leading to Largest Security Breach in The US (Tech Times)
- Over 18,000 companies attacked - Microsoft slams Google & Amazon for hiding information (Gizchina.com)
- Microsoft releases open (source CodeQL queries to assess Solorigate compromiseSecurity Affairs)
- Cyber Week in Review: February 26, 2021 (CoFR)
- Here's Why I Continue to Be on the Zscaler Bandwagon (RealMoney)
- Microsoft makes CodeQL queries public post SolarWinds attack
- RABET-V Pilot Update and SolarWinds Mitigations (NASS)
- Former SolarWinds CEO blames intern for 'solarwinds123' password leak | (foxcarolina.com)
- MSFT Stock - Microsoft makes CodeQL queries public post SolarWinds attack (Fintech Zoom - World Finance)
- SolarWinds' Former CEO Blames Intern for 'solarwinds123' Password Leak (Slashdot)
- Oversight and Homeland Security Committees Discussed Next Steps for Government and Private Tech Following SolarWinds Breach (House Committee on Homeland Security)
- At House SolarWinds hearing, bipartisan lawmakers announce breach disclosure bill (TerabitWeb Blog)
- Congress has new appetite for breach law following SolarWinds hack: lawmaker | Business Information & News | FE (Westlaw Today)
- Experts Call for Increased Cyber Info Sharing in Wake of SolarWinds Breach (MeriTalk)
- Former SolarWinds CEO blames the intern for the “solarwinds123” password leak (Security – 6Park News En)
- Former SolarWinds CEO blames intern for "solarwinds123" password leak (CNNPolitics)
- Microsoft slams Amazon's AWS over Solarwinds silence (MSPoweruser)
- CyberSec Chey on Twitter: "Former SolarWinds CEO ("We had no password rules, didn't audit accounts, and were basically crap at security but, hey, that's why I got the big bucks!"" / Twitter)
- Lawmakers blame SolarWinds hack on 'collective failure' to prioritize cybersecurity
Date 2021-02-25
- SolarWinds Hackers Targeted Cloud Services as a Key Objective (AI Trends)
- SolarWinds, SUNBURST, and the Latest in Supply Chain Security, Compromises, & Breach Litigation | Events ( Crowell & Moring LLP)
- 16 Minutes News by a16z on Apple Podcasts
- SolarWinds hackers targeted NASA, Federal Aviation Administration networks
- First Blackbaud, then SolarWinds. Supply chain cyber (attacks are proliferating – how secure is your business?)
- Netenrich and Industry Leaders Discuss the Rise in Third Party Attacks Post (SolarWinds and Techniques to Maximize Security Effectiveness)
- DEADLINE ALERT: Bragar Eagel & Squire, P.C. Reminds Investors That a Class Action Lawsuit Has Been Filed Against SolarWinds Corporation and Encourages Investors to Contact the Firm (Benzinga)
- White House plans executive action in response to massive breach - (Defense Systems)
- AWS linked to SolarWinds hack - Security (CRN Australia)
- Tech firms say there's little doubt Russia behind major hack (LV Sun)
- IPAM Software Market to See Huge Growth by 2025 (Infoblox, SolarWinds Worldwide, Cisco Systems – NY Market Reports)
- Hillicon Valley: Biden signs order on chips | Hearing on media misinformation | Facebook's deal with Australia | CIA nominee on SolarWinds (hill)
- SolarWinds Orion Network Performance Monitor Installed (Windows) (Tenable®)
- Cloud Monitoring Market 2025 Global Industry Trends and Forecast: CA Technologies, Solarwinds, Dynatrace, Idera, Sevone, Cloudyn, Zenoss, Datadog, Kaseya, Logicmonitor, Opsview (NY Market Reports)
- Katko Calls on Administration to Fully Leverage CISA Capabilities in SolarWinds Response - Committee on Homeland Security (Republicans)
- More Money Won’t Prevent the Next SolarWinds - But Better Detection Strategies Will (secblvd)
- Data Archiving Software Market 2025 Global Industry Trends and Forecast: SolarWinds MSP, TitanHQ, CloudBerry Lab, DocuXplorer Software, Jatheon Technologies, GFI Software, ShareArchiver, Relay Communications, Professional Advantage, MessageSolution (NY)
- SolarWinds (SolarWinds Announces Fourth Quarter 2020 Results)
- SolarWinds Corp. to Host Earnings Call
- King: SolarWinds Hack Highlights Need for Increased Deterrence of Cyberattacks
- SolarWinds: 4Q Earnings Snapshot
- The massive Solarwinds attack is still shrouded in mystery
- SolarWinds stock rallies after profit, revenue rise above expectations (MarketWatch)
- SolarWinds Announces Fourth Quarter 2020 Results
- Amazon’s Lack of Public Disclosure on SolarWinds Hack Angers Lawmakers (WSJ)
- CrowdStrike: After The SolarWinds Breach, This Is Your Best Cybersecurity Stock (CRWD) (Seeking Alpha)
- SolarWinds Corp. to Host Earnings Call
- Amazon com : Lack of Public Disclosure on SolarWinds Hack Angers Lawmakers (MarketScreener)
- How to Avoid Falling Victim to a SolarWinds (Style ...)
- SolarWinds Profit Forecast Trails Estimates After Hack (Bloomberg)
- SolarWinds: 4Q Earnings Snapshot (Lexington Herald Leader)
- SolarWinds Announces Fourth Quarter 2020 Results (bizwire)
- SolarWinds (SWI) Q4 Earnings and Revenues Beat Estimates (Nasdaq)
- The Law Offices of Frank R. Cruz Announces the Filing of a Securities Class Action on Behalf of SolarWinds Corporation (SWI) Investors | State (montereycountyweekly.com)
- Open Text : After SolarWinds, worldwide governments can trust no one (MarketScreener)
- [PDF] Global Data Archiving Software Market 2021 (SolarWinds MSP, TitanHQ, CloudBerry Lab – The Courier)
- File Integrity Monitoring Market to Watch: Solarwinds, Alienvault, Logrhythm, Trustwave, Manageengine, Trend Micro (NY Market Reports)
- Website Monitoring Software Market 2021 Precise Outlook – SolarWinds, AlertBot (InfoGenius), Zoho, LogicMonitor, New Relic, SmartBear, Nagios, Freshworks, Monitis (FLA News)
- The Klein Law Firm Reminds Investors of Class Actions on Behalf of Shareholders of SWI, FUBO and EBIX
- SolarWinds: 4Q Earnings Snapshot | Business News (scnow.com)
- Detecting and Responding to SolarWinds Infrastructure Attack with Cisco Secure Analytics (Cisco Blogs)
- CrowdStrike Slams Microsoft Over SolarWinds Hack (Unified Networking)
- SolarWinds To Spend Up To $25M On Security Following Attack
- Microsoft shares CodeQL queries to scan code for SolarWinds (like implants)
- U.S. and EU prepare new rounds of sanctions against Russia (MarketWatch)
- AWS: SolarWinds Hackers Used Our Elastic Compute Cloud
- Krebs Lays Out CISA Bite-Back at Health (Sector Hackers – MeriTalk)
- Cyber (pandemic: The most notable cyber attacks of 2020)
- Cyber Diplomacy Act aims to elevate America's global cybersecurity standing (CSO Online)
- SolarWinds Revenue, Earnings After Security Breach (MSSP Alert)
- CIA nominee: Cyber threats are 'ever greater risk' for U.S. society - (FCW)
- 10 Security Quotes: Microsoft, CrowdStrike, SolarWinds, and FireEye Talk to Congress
- US Senators, tech execs recommend hack reporting requirement, Technology (THE BUSINESS TIMES)
- Tech exec to Congress: Supply chain hack took 1,000 engineers - (Defense Systems)
- Microsoft Releases Free Tool for Hunting SolarWinds ...
- Ex-NSA chief: No idea how badly SolarWinds hack harmed security (The Jerusalem Post)
- SWI SHAREHOLDER FILING DEADLINE: Bernstein Liebhard LLP Reminds Investors of the Deadline to File a Lead Plaintiff Motion in a Securities Class Action Lawsuit Against SolarWinds Corporation (GuruFocus.com)
- Bloomberg
- Cloud Email Security Software Market to Witness Astonishing Growth With Vital Key Players | Proofpoint, SpamTitan, Barracuda, SolarWinds – KSU (Sentinel)
- Haeggquist & Eck, LLP Is Investigating Claims Against SolarWinds Corporation’s Directors and Officers for Breach of Fiduciary Duty
- White House Releases Executive Order on America's Software Supply Chains (secblvd)
- IDX Introduces Cybersecurity Healthcheck to Identify Security...
- Our Dire Need for a National Cybersecurity Agency
- Huawei backs supply chain security standards in wake of SolarWinds breach (hill)
- Executive Order Focuses on Supply Chain Risk Management
- The Top Free Tools for Sysadmins in 2021
- Watch: Risk Advisory Services: SolarWinds Cyber Attack and its Impact on your Cybersecurity Insurance
- Microsoft Releases Free Tool for Hunting SolarWinds ...
- The SolarWinds of Change are Blowing in the Need for Tech Collaboration (Law.com)
- US senator claims Microsoft failed to fix cloud holes before SolarWinds hack - Security (iTnews)
- Microsoft failed to shore up defenses that could have limited SolarWinds hack: U.S. senator | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
- Haeggquist & Eck, LLP Is Investigating Claims Against SolarWinds Corporation’s Directors and Officers for Breach of Fiduciary Duty (bizwire)
- Assessing Fallout from the SolarWinds Breach (eWEEK)
- Lawmakers angered over Amazon’s lack of public disclosure on SolarWinds hack (MarketWatch)
- SOLARWINDS SHAREHOLDER ALERT BY FORMER LOUISIANA ATTORNEY GENERAL: Kahn Swick & Foti, LLC Reminds Investors with Losses in Excess of $100,000 of Lead Plaintiff Deadline in Class Action Lawsuits Against SolarWinds Corporation (SWI)
- AWS: SolarWinds hackers used our elastic compute cloud - Security (CRN Australia)
- Here's the Big Problem With Too Much Trust
- SolarWinds Update: Russian Threat-Actor Re (Used Components from Other)
- Former SolarWinds CEO blames intern for "solarwinds123" password leak (CNNPolitics)
Date 2021-02-23
- SolarWinds CEO to Testify at Second Hearing Friday; He Offers Details Now
- US House committees to hold Feb 26 hearing on 'SolarWinds' hack (CNA)
- Data Archiving Software Market to 2027 – SolarWinds MSP, TitanHQ, CloudBerry Lab and Others (NY Market Reports)
- Website Monitoring Software Market 2020-2026 (SolarWinds, Zoho, SmartBear, LogicMonitor, New Relic, Freshworks, Datadog, Nagios – The Courier)
- What's Scarier Than the SolarWinds Breach? (secblvd)
- State (sponsored cyber attacks have corporates worried)
- Patch Management Market Opportunities (Industry Report by SolarWinds, ConnectWise, Oracle, Chef Software, GFI Software, Automox, SysAid Technologies and ManageEngine – NY Market Reports)
- Opinion (Why Was SolarWinds So Vulnerable to a Hack? - The New York Times)
- SolarWinds to Showcase Database Management Solutions at Microsoft Ignite 2021
- Network Optimization Services Market Evolving Technology and Growth Outlook 2020 to 2026 | Solarwinds, Cisco Systems, Huawei, Nokia, ZTE, Infovista, Citrix, Fatpipe Networks – KSU (Sentinel)
- Health care bore brunt of cyberattacks in 2020, study says (Roll Call)
- Best Practices for Strengthening Your Organization’s Overall Security Posture (Manufacturing Business Technology)
- Newscan: SolarWinds CEO recommends liability protections for sharing information about incidents (Urgent Comms)
- Have Insiders Been Selling SolarWinds Corporation (NYSE:SWI) Shares? (Simply Wall St News)
- Biden administration planning to sanction Russia for SolarWinds hacks (wapo)
- The Anatomy of the SolarWinds Attack Chain (secblvd)
- MSP Software Provider Atera Raises $25M From K1 (ChannelE2E)
- After SolarWinds hack, the U.S. must prioritize cybersecurity (Idaho Business Review)
- SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack - U.S. Senate hearing (Reuters)
- House committees to hold February 26 hearing on 'SolarWinds' hack (Gadgets Now)
- IBM CEO Says He Feels ‘Sorry’ For SolarWinds, Cybersecurity ‘Biggest Issue’ For Tech Industry
- Network security relies on careful scrutiny
- The Anatomy of the SolarWinds Attack Chain
- Lawmakers grill SolarWinds CEO on devastating hack (WSM-FM1)
- WTH is Russia doing cyberattacking the United States? David Sanger on the SolarWinds hack and the future of American cyber security | What the Hell Is Going On | Podcasts on Audible (Audible.com)
- Mayorkas Announces Initial Plans To Bolster U.S. Cyber Security; SolarWinds CEO Has Ideas Too (IIOT Connection)
- SolarWinds Hack Grabs Senate Spotlight With CEO in the Hot Seat (Bloomberg)
- SolarWinds hackers targeted NASA, Federal Aviation Administration networks (TechCrunch)
- Microsoft says it notified 60 customers of SolarWinds breach (U.S. Senate panel hearing)
- SolarWinds, Microsoft, FireEye, CrowdStrike executives face Senate grilling (Reuters)
- Biden administration plans to sanction Russia for SolarWinds hacks, poisoning of opposition leader (The Boston Globe)
- SolarWinds, Microsoft, FireEye, CrowdStrike executives face U.S. Senate grilling (Nasdaq)
- US to sanction Russia for mass hack, Navalny poisoning
- SolarWinds, Microsoft, FireEye, CrowdStrike Executives Face Senate Grilling
- Paramount Defenses Opens Online Store to Empower Organizations Worldwide
- U.S. Senators: AWS Infrastructure Used In SolarWinds Attack
- CISA, DHS Bolster State and Local Cybersecurity Programs (Nextgov)
- FireEye (NASDAQ:FEYE), (CRWD) - SolarWinds, Microsoft, FireEye, CrowdStrike To Testify In Senate In Russian Cyber Hack Case (Benzinga)
- SolarWinds Hack: Vital Lessons for Integrators SoloarWinds Hack
- WATCH LIVE: Senate committee hears testimony on SolarWinds hack | WPBS (Serving Northern New York and Eastern Ontario)
- Broadband Breakfast: SolarWinds CEO Says Hack Shows Need for Information (Sharing Between Industry and Government)
- Hillicon Valley: Companies urge action at SolarWinds hearing | Facebook lifts Australian news ban | Biden to take action against Russia in 'weeks' (hill)
- Palo Alto Networks Posts First $1 Billion Sales Quarter (DCN)
- Executives testify SolarWinds hack was of unprecedented scale, scope (UPI)
- The Scale of the SolarWinds Breach Is Still Unclear, Executives Say (nyt)
- SolarWinds hack worse than thought (Senate panel)
- Today’s Headlines and Commentary (Lawfare)
- The Compromise of SolarWinds Orion
- SolarWinds Shareholder Alert
- Network Monitoring Software Market Global Outlook 2021-2026: CA Technologies, GFI Software, IBM, Solarwinds, Auvik Networks, Manage Engine – KSU (Sentinel)
- Sensitive Data Discovery Market 2020:Global Industry Size, Analysis, Growth Factors, Key Companies, Regional Outlook, Future Insights Till 2026 | IBM, Microsoft, Oracle, AWS, Proofpoint, Google, SolarWinds, – KSU (Sentinel)
- Network Optimization Services Market 2021 to Global Forecast 2026 By Major Players – Solarwinds, Cisco Systems, Huawei, Nokia, ZTE, Infovista, Citrix, Fatpipe Networks, Netscout Systems, Silver Peak, Array Networks (The Bisouv Network)
- SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate | Technology (Guardian)
- Solarwinds hearing stresses breach disclosure mandates (scmedia)
- SolarWinds Hack Bigger, More Dangerous than Previously Thought, Tech Execs Warn (VOA)
- Microsoft, FireEye push for breach reporting rules after SolarWinds hack (hill)
- Tech Executives Call for Improved Public (Private Coordination After SolarWinds Hack)
- Essays: Why Was SolarWinds So Vulnerable to a Hack? (Schneier)
- Committee on Homeland Security (Letter from John Katko)
- Microsoft exec Brad Smith praises FireEye in SolarWinds hack testimony
- Biden administration prepares to impose sanctions on Russia over Navalny poisoning and SolarWinds hack (CNNPolitics)
- Understanding the Results of the Audit of the DoD FY 2020 Financial Statements > Department of Defense Office of Inspector General > DoD OIG Reports
Date 2021-02-24
- SolarWinds attack could have happened to anyone, CEO says - (GCN)
- The US Senate is grilling Microsoft and SolarWinds over last year's historic cyberattack (Markets Insider)
- STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R) (SANS Institute)
- SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack (U.S. Senate hearing)
- Google trying to put Microsoft on the spot at SolarWinds hearing
- SolarWinds hack worse than thought (Senate panel)
- After Russian Cyberattack, Looking for Answers and Debating Retaliation (nyt)
- A digital strategy to defend the nation (Microsoft On the Issues)
- Capitol Hill’s busy day: Confirmation hearings, updates on the Russian hacking attack and more. (nyt)
- Tech firms say there's little doubt Russia behind major hack
- SolarWinds, Microsoft, FireEye, CrowdStrike executives face U.S. Senate grilling | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
- SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack - U.S. Senate hearing (Reuters)
- SolarWinds hack worse than thought -Senate panel (Reuters)
- Tech firms say there's little doubt Russia behind major hack (StarTribune)
- Hearings (Intelligence Committee)
- SolarWinds cybersecurity breach: How it happened and Biden’s response (The Anchor)
- The US Senate just grilled Microsoft and SolarWinds over last year's historic cyberattack. Here's what happened.
- Global Deep Packet Inspection And Processing Market Analysis, Size, Share, Growth, Trends And Forecast 2027 (IBM Corporation; Cisco; Juniper Networks, Inc.; Broadcom.; SolarWinds Worldwide, LLC.; VIAVI Solutions Inc.; NETSCOUT; LogRhythm, Inc.; Qosmos Te)
- List of 1213 SolarWinds Employees - Find Emails & Phones - SignalHire (Page 6)
- SolarWinds to Showcase Database Management Solutions at Microsoft Ignite 2021
- Senate Intelligence Committee Examines SolarWinds Hack (UPI)
- 'Russian' hackers targeted NASA as part of SolarWinds attack (MENAFN.COM)
- Cyber Risk Management in the Wake of SolarWinds (USC Event Calendar)
- Malicious Life: Special: The SolarWinds Hack on Apple Podcasts
- Ryuk Ransomware Gang, Cryptocurrency Fortunes & SolarWinds - InfoSec Round-Up Jan 17th | InfoSec Round-Up by Hut Six Security | Podcasts on Audible (Audible.com)
- SolarWinds Attackers Lurked for 'Several Months' in ...
- SolarWinds not the only company used to hack targets, tech execs say at hearing (CNET)
- More SolarWinds Hack Victims Yet to Be Publicly Identified, Tech Executives Say (WSJ)
- Massive SolarWinds Hack Prompts Calls for U.S. Law Requiring Cyber Breach Reporting
- CrowdStrike Slams Microsoft Over SolarWinds Hack (Infosecurity Magazine)
- 10 Boldest Statements From The SolarWinds Senate Hearing
- Lawmakers urge notification law in wake of Russia SolarWinds hack
- Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries
- Senate SolarWinds Hearing: 4 Key Issues Raised
- Partners: AWS Must Come Clean On Role In SolarWinds Hack
- FireEye CEO on how the SolarWinds hack was discovered (CNN Video)
- SWI Shareholder Alert: Bronstein, Gewirtz & Grossman, LLC Reminds SolarWinds Corporation Shareholders of Class Action and Encourages Shareholders to Contact the Firm
- SolarWinds hack was work of more than 1,000 engineers: Microsoft, World News (wionews.com)
- The big takeaway from the Senate's SolarWinds hearing (Axios)
- SolarWinds fallout sparks calls for mandatory incident reporting, repercussions after cyber attacks (FRN)
- SolarWinds attackers lurked for ‘several months’ in FireEye’s network (Urgent Comms)
- Sens. Mull Cyberattack Reporting Law At SolarWinds Hearing (Law360)
- Google’s been lobbying for more scrutiny into Microsoft’s liability for SolarWinds hack » OnMSFT.com
- DDoS in hybrid war. Accellion compromise attributed. Initial access brokers. Agile C2 for botnets. US Senate’s SolarWinds hearing. US DHS cyber strategy. Shiny new phishbait.
- US to impose sanctions on Russia over Navalny poisoning, SolarWinds hack (Business Standard News)
- Marco Rubio on SolarWinds Hack: ‘Many Concerning Aspects to This Operation That Raise Significant Questions’ (Florida Daily)
- Senators, Tech Execs Recommend Hack Reporting Requirement (DCN)
- Microsoft, FireEye, CrowdStrike, and SolarWinds Speak at US Senate Hearing Into Massive Cyberattack
- Amazon Defends Itself After Skipping SolarWinds Hearing
- SolarWinds & Solorigate: What Happened, Why it Matters & What Happens Next (The Devolutions Blog)
- Tech Among Top Priorities for Biden’s CIA Director Pick (Nextgov)
- Senate grills tech executives on SolarWinds hack (One America News Network)
- Biden signs executive order demanding supply chain security review (CyberScoop)
- CISA looks inward to stop future supply chain attacks - (Defense Systems)
- SolarWinds, Microsoft, and executives of more firms face Senate grilling (TechStory)
- Early Edition: February 24, 2021 (Just Security)
- SolarWinds Hack Leaves Entire Industry In Panic (Research Snipers)
- Tech Talk: SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack: US Senate hearing
- SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate
- SolarWinds Corporation Investors: Last Days to Participate Activ (The Cowboy Channel)
- Infosec expert says mandatory cyber incident reporting is worth considering in Canada (IT World Canada News)
- Guest post: Kurt Sanger on “The ‘SolarWinds’ Hack and the Need to Reframe U.S. Cybersecurity Information Sharing” (Lawfire)
- At least 1,000 engineers worked on supply chain hack, tech exec says - (GCN)
- Biden administration prepares to impose sanctions on Russia over Navalny poisoning, SolarWinds hack (english.lokmat.com)
- DEADLINE ALERT: Bragar Eagel & Squire, P.C. Reminds Investors That a Class Action Lawsuit Has Been Filed Against SolarWinds Corporation and Encourages Investors to Contact the Firm (bizwire)
- Microsoft president asks Congress to force private (sector orgs to publicly admit when they've been hacked • The Register)
- DOJ could start looking closer at cybersecurity fraud on government technology providers (FRN)
- More Money Won’t Prevent the Next SolarWinds (But Better Detection Strategies Will)
- Senator Collins Questions Technology Leaders on SolarWinds Hack That Compromised Data Across Multiple Federal Agencies (Senator Susan Collins)
- Microsoft: SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack: U.S. Senate hearing, Telecom News, ET Telecom
Date 2021-02-20
- Neuberger: Private (Sector Partnership ‘Core’ in Fixing Huge Hack, Building Better Defenses – Homeland Security Today)
- BREAKING ALERT: ROSEN, A LEADING AND LONGSTANDING LAW FIRM, Encourages SolarWinds Corporation Investors with Large Losses to Secure Counsel Before Important March 5 Deadline (SWI)
Date 2021-02-22
- New York issues cyber insurance framework as ransomware, SolarWinds costs mount (CSO Online)
- U.S. House committees to hold Feb 26 hearing on ‘SolarWinds’ hack | The Mighty 790 KFGO (KFGO)
- Hiding in plain sight: What the SolarWinds attack revealed about efficacy (Urgent Comms)
- SolarWinds Announces Earnings Call Time Change: Fourth Quarter and Full Year 2020 Earnings Call to Occur on Thursday, February 25 at 7:30 AM CT
- In the SolarWinds Hack Microsoft Lost The Source Code For 3 Products
- SolarWinds hearings will test cybersecurity cooperation, experts say
- U.S. House committees to hold Feb 26 hearing on 'SolarWinds' hack (Reuters)
- SolarWinds hearing announced by House committees (CNET)
- U.S. House committees to hold Feb 26 hearing on 'SolarWinds' hack (Reuters)
- Microsoft: SolarWinds Hackers Viewed, Downloaded Source Code for Azure, Intune, Exchange Components (My TechDecisions)
- N-able: The Path Forward for the Former SolarWinds MSP (ChannelE2E)
- SolarWinds CEO Recommends Liability Protections for Sharing Information about Incidents (Nextgov)
- SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings
- Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report (tpost)
- Cyber Attacks on U.S. Need to Be Handled Differently, Says Sen. Warner (Bloomberg)
- Senate Committee to Hear Testimony Surrounding Major SolarWinds Cybersecurity Breach on Cheddar
- Palo Alto Networks CEO: XDR Protected Us From SolarWinds Attack (SDxCentral)
- Biden Wants International “Rules” to Combat Alleged Russian, Chinese Cyberattacks (MSSP Alert)
- Lessons Learned from a Cyberattack: A Conversation with SolarWinds (Part 1 of 2) (Center for Strategic and International Studies)
- Shareholder Alert: Robbins LLP is Investigating SolarWinds Corporation (SWI) on Behalf of Shareholders (bizwire)
- Biden speech pledges international cooperation on cyber - (Washington Technology)
- Anatomy of the SolarWinds Attack: Five Types of Malware (Blumira)
- SolarWinds Cyber Attack: February 24 Webinar Will Address Lessons Learned
- The SolarWinds Breach Is a Wakeup Call to CISOs (InfoSystems)
- Mayorkas Announces Initial Plans To Bolster U.S. Cyber Security; SolarWinds CEO Has Ideas Too
- VMware Marketplace: SolarWinds Content Pack
- SolarWinds Deadline Alert
- Implications of SolarWinds Hack on Your Cyber Practices
- SolarWinds Cyberattack Cleanup Costs: SWI Earnings, Senate & House Hearings May Provide Clues (MSSP Alert)
- SolarWinds CEO: This could have happened to anyone - (FCW)
- US House Committees to Hold Hearing on SolarWinds Hack on 26 February (Sputnik)
- SHAREHOLDER ALERT: SWI PEN OTGLY: The Law Offices of Vincent Wong Reminds Investors of Important Class Action Deadlines
- Investigation of SolarWinds Corporation (Robbins LLP)
- SolarWinds N-central vs EuVantage (2021 Feature and Pricing Comparison)
- Orion SDK - The Orion Platform (THWACK)
- Cisco Application Policy Infrastructure Controller vs SolarWinds - Overview, H2H, and More (Slintel)
- New York issues cyber insurance framework as ransomware, SolarWinds costs mount (TechCentral.ie)
Date 2021-02-19
- Massive breach fuels calls for US action on cybersecurity (WAVY.com)
- Network Traffic Analyzer Industry- Exclusive Market Research Report (SolarWinds, Netscout and more. – NeighborWebSJ)
- 5 minutes with Michael Bahar - The aftermath of the SolarWinds Orion breach | 2021-02-19 (Security Magazine)
- Massive breach fuels calls for US action on cybersecurity - U.S. (Stripes)
- Suspected Russian hack fuels new US action on cybersecurity (ABC News)
- SolarWinds cyberhack is a blow. The US must prioritize cybersecurity now | Columns (idahostatejournal.com)
- Microsoft Concludes Its SolarWinds Investigation (Thurrott.com)
- Microsoft suggest companies “adopt a zero trust mindset” as it closes SolarWinds internal investigation » OnMSFT.com
- Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code (tpost)
- Microsoft posts final update on Solarwinds attack, reveals which Microsoft product source code hackers were targeting (MSPoweruser)
- US Senate Intelligence Committee To Hold Hearing On SolarWinds Hack February 23 - Notice (UrduPoint)
- Microsoft Conclusion on SolarWinds Hack 'Conflicts' with Other Messages
- Microsoft: SolarWinds hackers studied Microsoft source code for authentication and email, Telecom News, ET Telecom
Date 2021-02-12
- On SolarWinds, Supply Chains and Enterprise Networks
- Arctic Security (SolarWinds: Going beyond attribution - all in a day’s work for a Bicycle Repair Man)
- US Court system demands massive changes to court documents after SolarWinds hack (TechRepublic)
Date 2021-02-16
- CyberArk Virtual Event - (The Anatomy of the SolarWinds Attack)
- SolarWinds: Microsoft Reveals New Details About Sophisticated Mega (Breach)
- France Just Suffered A Very 'Solar Winds' (Like Cyberattack)
- The "largest and most sophisticated hack ever" - The Backstory with Matt Bevan - RN Breakfast (ABC Radio National)
- SolarWinds: Microsoft Reveals New Details About Sophisticated Mega (Breach)
- SolarWinds Hack and the Case of DNS Security (secblvd)
Date 2021-02-17
- Press Briefing by Press Secretary Jen Psaki and Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger, February 17, 2021 (The White House)
- SolarWinds Investor Relations: Berger Montague Announces Expanded Class Period for Investigation of Alleged Securities Fraud Against SolarWinds Corporation (NYSE: SWI); Encourages Investors with Losses in Excess of $100,000 to Secure Counsel; Lead Plainti
- SolarWinds Shareholder Alert
- Risk & Repeat: SolarWinds and the hacking back debate
- Suspected Russian Hackers Used U.S. Networks, Official Says (Bloomberg)
- The U.S. Needs a Cyber State of Distress to Withstand the Next SolarWinds (Lawfare)
- SWI BREAKING ALERT: ROSEN, A TRUSTED AND LEADING LAW FIRM, Encourages SolarWinds Corporation Investors with Large Losses to Secure Counsel Before Important Deadline – SWI | Business (valdostadailytimes.com)
- SolarWinds (style email compromise attacks go mainstream)
- The Solarwinds Hack Is A One Of A Kind And Not The Norm (Information Security Buzz)
- Biden to take 'executive action' to address SolarWinds breach (hill)
- Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)
- Thread by @NatashaBertrand on Thread Reader App (Thread Reader App)
- SolarWinds Hacked From Inside U.S., 100+ Orgs Compromised
- CyberArk Labs: The Anatomy of the SolarWinds Attack (Techwire)
Date 2021-02-11
- Zero Day Initiative — Three More Bugs in Orion’s Belt
- Software supply chain attacks – everything you need to know (The Daily Swig)
- SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover (tpost)
- White House Names SolarWinds Response Leader Amid Criticism (SecurityWeek.Com)
- Symantec Enterprise Podcasts
- 7 Things We Know So Far About the SolarWinds Attacks
- The Hack Roundup: White House Says Neuberger Leading Federal Response (Nextgov)
Date 2021-02-09
- SolarWinds security to-do list post hack (Utility Dive)
- SolarWinds Recovery May Require Extreme Actions
- Senate Select Committee on Intelligence letter to DNI
- SolarWinds Shines Spotlight on Supply Chain Risks (CSO Online)
- Our systems weren’t the entry point for SolarWinds attackers, says Microsoft (Channel Daily News)
- Senators: U.S. response to huge SolarWinds hack has been 'disjointed and disorganized'
- Essential Threat Intelligence: Importance of Fundamentals in Identifying IOCs (Webroot)
- Experts laud SolarWinds post-attack efforts, but why’d it take a massive cyber incident to make changes? (FRN)
Date 2021-02-10
- Supply chain security is actually worse than we think (ZDNet)
- US Coast Guard orders maritime facilities to report SolarWinds breaches
- White House Names Cybersecurity Expert to Lead Response to SolarWinds Hack (WSJ)
- New cyber panel chair zeros in on election security, SolarWinds hack (hill)
- CISA, SolarWinds up interest in security scoring (scmedia)
- VirusTotal
- White House Announces Senior Official Is Leading Inquiry Into SolarWinds Hacking (nyt)
- SOLARWINDS INVESTOR ALERT: Shareholder Lawsuit Filed
- Experts Tell Lawmakers to Give CISA 'Operational' Federal Information Security Role (Nextgov)
Date 2021-02-05
- SolarWinds fallout could last for years, as power industry secures vulnerable equipment: Dragos CEO (Utility Dive)
- Multiple new SolarWinds vulnerabilities have been uncovered (TechRadar)
- Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
- Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
- Microsoft warns of increasing OAuth Office 365 phishing attacks
- Multiple new flaws uncovered in SolarWinds software just weeks after high-profile supply chain attack (The Daily Swig)
- Microsoft: No Evidence SolarWinds Was Hacked Via Office 365
- Secure by Design: Our Plan for a Safer SolarWinds and Customer Community (Orange Matter)
Date 2021-02-07
- SOLARWINDS UPDATE
- SolarWinds CEO: “SolarWinds Orion Development Program was Exploited by the Hackers” - E Hacking News (Latest Hacker News and IT Security News)
Date 2021-01-08
- solarwinds customers
- SolarWinds to pay former CEO US$312K to assist with investigations - Software (CRN Australia)
- The SolarWinds Hack
- SolarWinds hires former Trump cyber security chief Chris Krebs
- SolarWinds Hires Chris Krebs and Alex Stamos for ...
- A Golden SAML Journey: SolarWinds Continued (Splunk)
- CEO Refutes Reports of Involvement in SolarWinds Campaign (Infosecurity Magazine)
- CISA: SolarWinds hackers also used password guessing to breach targets (ZDNet)
- SolarWinds Fights Back With Chris Krebs, Alex Stamos Hires
- Disturbing trend: Recent nation state attacks (Cybersecurity Tech Accord)
- Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek.Com)
- January 8th Update on SolarWinds (JetBrains Blog)
- Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments (CISA)
- Sealed U.S. court records possibly accessed by SolarWinds attackers (Help Net Security)
- SolarWinds Government Data Breach Leads to Securities Action (Proskauer - Corporate Defense and Disputes - JDSupra)
Date 2021-02-03
- 3 New Severe Security Vulnerabilities Found In SolarWinds Software
- Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities (Trustwave)
- More SolarWinds News (Schneier)
- Mimecast To Lay Off 80 Workers Weeks After Disclosing Hack
- Findings From Our Ongoing Investigations (Orange Matter)
- Continuing Our Journey to Becoming Secure by Design (Orange Matter)
- More exploitable flaws found in SolarWinds software, says cybersecurity firm
- Second SolarWinds Attack Group Breaks into USDA Payroll — Report (tpost)
- FireEye stock falls as analysts debate effects of massive SolarWinds hack (MarketWatch)
- More SolarWinds News (secblvd)
- Chinese threat actor may have exploited SolarWinds. New SolarWinds vulnerabilities reported. Spyware in South Sudan. BEC gift card scams rise.
- Hackers had access to SolarWinds email system for months: report (hill)
- ‘Severe’ SolarWinds Vulnerabilities Allow Hackers To Take Over Servers
- Nearly One (Third of Attack Targets Weren’t Running SolarWinds)
- SolarWinds patches three newly discovered software vulnerabilities (ZDNet)
- The long tail of the SolarWinds breach (Axios)
Date 2021-02-02
- GitHub (cisagov/Sparrow: Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.)
- The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack — ProPublica
- Kevin Mandia: Discovering SolarWinds Hack ‘Validates Our Intelligence and Expertise’
- Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says (WSJ)
- US payroll agency targeted by Chinese hackers: report (hill)
- Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources (Reuters)
Date 2020-12-24
- Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)
- SolarWinds Hack Infected Critical Infrastructure
- Here's a simple explanation of the SolarWinds hack (BI)
- SolarWinds hack: Cybersecurity company calls for more transparency with what happened (KXAN Austin)
- CrowdStrike Fends Off Attack Attempted By SolarWinds Hackers
- Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)
- SUNBURST Additional Technical Details (fireeye)
- Russians Are Believed to Have Used Microsoft Resellers in Cyberattacks (nyt)
- Microsoft, FireEye confirm SolarWinds supply chain attack (ZDNet)
- Hack of Federal Agencies Shows Cyber Dangers to Supply Chains (WSJ)
- Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)
- Emergency directive: Global governments issue alert after FireEye hack is linked to SolarWinds supply chain attack (The Daily Swig)
- SolarWinds Attack Could Have Been Much Worse, Former NSA Chief Says | National News (US News)
- Veterans Affairs Officials Blow Off Briefing on SolarWinds Hack
Date 2021-01-28
- Russia’s SolarWinds Attack and Software Security (Schneier)
- Most Tools Failed to Detect the SolarWinds Malware. Those That Did Failed Too (CoFR)
- CISA Warns of New Malware Threat to Vulnerable SolarWinds Orion Tech
- SolarWinds Hackers Hit Qualys, Other Cybersecurity Vendors (SDxCentral)
Date 2021-01-06
- Justice Department also hit by Russian hackers (wapo)
- Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)
- FBI probe of major hack includes project-management software from JetBrains: sources (Reuters)
- Statement on the story from The New York Times regarding JetBrains and SolarWinds (JetBrains Blog)
- Department of Justice Statement on Solarwinds Update | OPA (DOJ)
- SolarWinds Government Data Breach Leads to Securities Action (Lexology)
- Faulty enterprise software, like SolarWinds, $2 trillion problem (BI)
- Life After the SolarWinds Supply Chain Attack
- How to prepare for and respond to a SolarWinds-type attack (CSO Online)
- SolarWinds Sued Over Russian Hack (SDxCentral)
- SWI INVESTOR FRAUD LAWSUIT FILED: Hagens Berman Encourages SolarWinds (SWI) Investors with Losses to Contact Firm Now
- SHAREHOLDER ALERT: Block & Leviton LLP Investigating SolarWinds Corp. and Pluralsight, Inc. for Possible Breaches of Fiduciary Duty; Shareholders Should Contact the Firm
- SolarWinds Hack, Ransomware, Regulations Figure Prominently as Virtual Cybersecurity Summits Resume in 2021
- We Should Have Known SolarWinds Would Be a Target (CoFR)
- Scott+Scott Attorneys at Law LLP Continues Investigating SolarWinds Corporation’s Directors and Officers for Breach of Fiduciary Duties (SWI)
- Judiciary Addresses Cybersecurity Breach: Extra Safeguards to Protect Sensitive Court Records (US Courts)
- DoJ says SolarWinds hackers breached its Office 365 system and read email (ars)
- SOLARWINDS INVESTORS: ALERT BY FORMER LOUISIANA ATTORNEY GENERAL - Kahn Swick & Foti, LLC Reminds Investors of Lead Plaintiff Deadline in Class Action Lawsuit Against SolarWinds Corporation (SWI)
- The Trends At SolarWinds (NYSE:SWI) That You Should Know About (Simply Wall St News)
- SolarWinds Hack Breached Justice Department System (WSJ)
- DOJ says it was hit by SolarWinds hackers - (FCW)
Date 2021-01-26
- Four security vendors disclose SolarWinds-related incidents (ZDNet)
- Important Security Update (Mimecast Blog)
- Ongoing Analysis of SolarWinds Impacts (Fidelis Cybersecurity)
- Adam Orton on Twitter: "@mikko @netresec @craiu Does "this was a lab machine" not pass anyone elses sniff test? Or just me?" / Twitter
- Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access
Date 2021-01-18
- Raindrop: New Malware Discovered in SolarWinds Investigation (Symantec Blogs)
- Google Cloud: We do use some SolarWinds, but we weren't affected by mega hack (ZDNet)
Date 2021-01-22
- ConnectWise Control MSP Security Vulnerabilities Are ‘Severe:’ Bishop Fox
- President Biden Orders SolarWinds Intelligence Assessment
- New malware uncovered by experts examining SolarWinds strike Blog (Galaxkey)
Date 2021-02-04
- Another SolarWinds Orion Hack (Schneier)
- SolarWinds CEO Confirms Office 365 Email ‘Compromise’ Played Role In Broad (Based Attack)
- Alex Stamos Attributes SolarWinds Hack To Russian Intel Service
- SolarWinds chases multiple leads in breach investigation
Date 2021-01-20
- President Biden Announces American Rescue Plan (The White House)
- SolarWinds Hackers Access Malwarebytes’ Office 365 Emails
- Microsoft Releases New Info on SolarWinds Attack Chain
- Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop (MS Security)
Date 2021-01-21
- Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
- Biden administration to seek five-year extension on key nuclear arms treaty in first foray with Russia (wapo)
- Biden Orders Sweeping Assessment of Russian Hacking, Even While Renewing Nuclear Treaty (nyt)
- Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so long (ZDNet)
- Takeaways for Microsoft cloud customers and partners after the SolarWinds breach (MSCloudNews)
- Here's How SolarWinds Hackers Stayed Undetected for Long Enough
- Spared Direct Hit, Law Firms Could Still Face SolarWinds Cyber Fallout (Legaltech News)
Date 2021-01-15
- DoJ confirms email accounts breached by SolarWinds hackers | Hacking (Guardian)
- Sunburst Malware Information (FireEye)
- Google’s approach to secure software development and supply chain risk management (Google Cloud Blog)
- Some UW Campuses That Contract With SolarWinds IT Provider Exploited In National Cyberattack (Wisconsin Public Radio)
- Understanding third-party hacks in the aftermath of the SolarWinds breach (Help Net Security)
- SolarWinds Close to Figuring Out How Cyberattack Occurred
- SolarWinds Cyber-Attack Has Significant Implications for Developers and Contractors (Robinson+Cole Data Privacy + Security Insider - JDSupra)
- SolarWinds Says It’s Closer to Finding Source of Cyberattack
- SWI INVESTOR FRAUD LAWSUIT: Hagens Berman Alerts SolarWinds (SWI) Investors to Securities Fraud Lawsuit and Encourages Investors with Losses to Contact Firm Now
- SolarWinds fallout makes secure communications a critical first line of defense - (FCW)
- SOLARWINDS INVESTORS: March 5, 2021 Filing Deadline in Shareholder Class Action – Contact Lieff Cabraser (bizwire)
- SolarWinds Supply Chain Hack: Investigation Update
- The Cybersecurity 202: Sen. Mark Warner plans breach-notification debate in wake of SolarWinds hack (wapo)
- IOTW: As The SolarWinds Hack Investigation Continues, New Insights Reveal A New Suspect (Cyber Security Hub)
- Cyber ‘Deterrence’: A Brexit Analogy (Lawfare)
Date 2021-01-16
- Hackers abusing Mimecast certs to target Microsoft 365 users
- Mimecast Cert Compromised to Target Inboxes in “Sophisticated” Attack (Infosecurity Magazine)
- Cybersecurity Stocks that Lagged in 2020 Could Get Boost from SolarWinds Hack (RealMoney)
- SolarWinds Update
- American Public Reticent to Retaliate Against SolarWinds Hack (The National Interest)
- A closer look at the SolarWinds hack (Cyprus Mail)
Date 2021-01-19
- Azure-Sentinel/FirstAppOrServicePrincipalCredential.yaml at master · Azure/Azure (Sentinel · GitHub)
- Malwarebytes said it was hacked by the same group who breached SolarWinds (ZDNet)
- The aftermath of the SolarWinds breach: Organizations need to be more vigilant (TechRepublic)
- A New SolarWinds Malware Strain Is Discovered
- Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack
- Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (fireeye)
- Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
- Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments - Malwarebytes Labs (Malwarebytes Labs)
- Malwarebytes says SolarWinds hackers accessed its internal emails
- SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm
- Injecting a Backdoor into SolarWinds Orion (Schneier)
- Fourth malware strain discovered in SolarWinds incident (ZDNet)
- SolarWinds Attack Underscores 'New Dimension' in ...
- After SolarWinds, the U.S. can trust no one (Fortune)
- Incoming Biden administration looks to shake up US cybersecurity policy (The Daily Swig)
- Defense nominee favors proactive cyber posture
- SolarWinds: 9 federal agencies and about 100 companies hit by SolarWinds hack: The White House, Telecom News, ET Telecom
Date 2021-01-13
- Sunspot malware scoured servers for SolarWinds builds to trojanize them
- Top SolarWinds risk assessment resources for Microsoft 365 and Azure (CSO Online)
- SolarWinds Hack Followed Years of Warnings of Weak Cybersecurity (Bloomberg)
- Mimecast compromised by a threat actor | 2021-01-13 (Security Magazine)
- Mimecast: Hackers Compromised A Digital Certificate (My TechDecisions)
- SolarWinds Attackers May Have Hit Mimecast, Driving ...
- Miscreants Manipulate Mimecast Certificate -> Microsoft 365 Exchange Web Services: Welcome To The Pew Pew (secblvd)
- Mimecast shares tumble as company reports cyberthreat to some customers (Boston Business Journal)
- Mimecast Says Hackers Compromised Digital Certificate
- Mimecast Says Attackers Stole Certificate, Targeted Customers' Email (Decipher)
- Hackers hijacked email security firm Mimecast to spy on customers (VentureBeat)
- Mimecast hit by “sophisticated threat actor”
- SolarWinds aftermath continues with SolarLeaks (secblvd)
- SolarWinds aftermath continues with SolarLeaks (Blueliv)
- SolarWinds: Between The Clouds (secblvd)
- Microsoft President Brad Smith: SolarWinds Attack Violated ‘Norms And Rules’ Of Government Activities
- SWI INVESTORS ACT FAST: Hagens Berman Alerts SolarWinds (SWI) Investors to Securities Fraud Lawsuit and Encourages Investors with Losses to Contact Firm Now
- Expect more SolarWinds victims, national security official says - (GCN)
- SOLARWINDS INVESTOR ALERT: Class Action Lawsuit Filed
- SHAREHOLDER ALERT: WeissLaw LLP Investigates SolarWinds Corporation
- Brazen SolarWinds Hackers Offer Alleged Windows 10 Source Code For $600,000 (HotHardware)
- Mimecast breach investigators probe possible SolarWinds connection (CyberScoop)
- Preventing Supply Chain Attacks like SolarWinds (Linux Foundation)
Date 2021-01-12
- SolarWinds: What Hit Us Could Hit Others — Krebs on Security
- SolarWinds Says It Has Found Source of Massive Cyberattack (TheStreet)
- SolarLeaks site claims to sell data stolen in SolarWinds attacks
- The Hack Roundup: SolarWinds Shares Details on How Attackers Inserted Backdoor (Nextgov)
- Email security firm Mimecast says hackers hijacked its products to spy on customers (Reuters)
- Important Update from Mimecast (Mimecast Blog)
- SolarWinds Hackers' Attack on Email Security Company Raises New Red Flags (MarketScreener)
- Evanina: Number of known SolarWinds victims 'will continue to grow' - (FCW)
- Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.
- Austin's SolarWinds closer to understanding source of massive breach
- Autocracy ascends the cracks of democracy (Great Power)
- Email security firm Mimecast says hackers hijacked its products to spy on customers (Reuters)
- Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes (tpost)
- Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
- Lessons from the SolarWinds Hack: Robust Cybersecurity Requires Leadership (Toka)
- SolarWinds malware was sneaked out of the firm's Orion build environment 6 months before anyone realised it was there (report • The Register)
- UNC2452: What We Know So Far
- OODA Loop - If SolarWinds Is a Wake (Up Call, Who’s Really Listening?)
- SolarWinds Hackers’ Attack on Email Security Company Raises New Red Flags (WSJ)
- SolarWinds Discloses Earlier Evidence of Hack (WSJ)
- Cisco Event Response: SolarWinds Orion Platform Software Attack
- Hackers Compromise Mimecast Certificate For Microsoft Authentication
- Mimecast Certificate Hacked in Supply-Chain Attack (tpost)
- 5 Things To Know About The Mimecast Hack And Stock Drop
- Email Security Firm Mimecast Says Hackers Hijacked Its Products to Spy on Customers | Technology News (US News)
- Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
- Three Steps to Ensure Your Supply Chain Isn’t Your Weak Link (Legaltech News)
- Kaspersky Lab autopsies evidence on SolarWinds hack (Register)
Date 2021-01-11
- SUNSPOT Malware: A Technical Analysis (CrowdStrike)
- New Findings From Our Investigation of SUNBURST (Orange Matter)
- Robust Indicators of Compromise for SUNBURST (NETRESEC Blog)
- Hackers Didn’t Only Use SolarWinds to Break In, Says CISA (secblvd)
- Sunburst backdoor – code overlaps with Kazuar (Securelist)
- SolarWinds CEO: Attack Was ‘One Of The Most Complex And Sophisticated’ In History
- SolarWinds Hack Lessons Learned: Finding the Next ...
- SolarWinds Hack Lessons Learned: Finding the Next ...
- SolarWinds hackers linked to known Russian spying tools, investigators say (Reuters)
- Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources (Reuters)
- SolarWinds hackers linked to known Russian spying tools, investigators say (Reuters)
- New SolarWinds CEO sets out rescue plan
- More federal victims of SolarWinds hacking likely to come forward, CISA chief says
- Researchers Find Links Between Sunburst and Russian Kazuar Malware
- SolarWinds hack is the perfect foreword to new book on biggest breaches
- SolarWinds Hack Potentially Linked to Turla APT (tpost)
Date 2020-12-18
- Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers (MS Security)
- OODA Loop (Microsoft says it found malicious software in its systems)
- Microsoft president calls SolarWinds hack an “act of recklessness” (ars)
- Hackers last year conducted a 'dry run' of SolarWinds breach
- Microsoft identifies more than 40 organizations targeted in massive cyber breach (CNNPolitics)
- US cyber-attack: Cybersecurity agency warns suspected Russian hacking campaign broader than previously believed (CNNPolitics)
- SolarWinds hackers broke into U.S. cable firm and Arizona county, web records show (Reuters)
- Tech Tent: Hacking the heart of the US government (BBC News)
- SolarWinds: UK assessing impact of hacking campaign (BBC News)
- Five Russian hacks that transformed US cyber-security (BBC News)
- US cyber-attack: US energy department confirms it was hit by Sunburst hack (BBC News)
- Sygnia Advisory: Detection of Golden SAML attacks
- Industry Letter - December 18, 2020: Supply Chain Compromise Alert (Department of Financial Services)
- Cisco Hacked Through SolarWinds As Tech Casualties Mount
- VMware Flaw Used To Hit Choice Targets In SolarWinds Hack: Report
- VMware Flaw a Vector in SolarWinds Breach? — Krebs on Security
- Alex Stamos on Twitter: "@VickerySec So far, all of the activity that has been publicly discussed has fallen into the boundaries of what the US does regularly and what we explicitly excluded from the Obama (Xi deal. If we are going to set new red lines, th)
- Alex Stamos on Twitter: "There is a long history of "trickle down" effects in cyber, where a technique honed by a major player becomes commonplace. China's 2000s APTs -> Iran/DPRK/teenagers in the 2010s. Stuxnet ->smart ransomware. If supply (chain a)
- DOE confirms its systems were compromised by SolarWinds hack (Utility Dive)
- The Strategic Implications of SolarWinds (Lawfare)
- SolarWinds Hack Throws Wrench In Private Equity’s Most Profitable Market
- Datto Offers All MSPs Free Scanner To Find Signs Of FireEye, SolarWinds Hack
- DATA443 RELEASES STATEMENT ON FIREEYE AND SOLARWINDS HACK AND BREACH OTC Markets:ATDS
- SolarWinds Should Have Been More ‘Vigilant’: Palo Alto Networks CEO
- SolarWinds Scandal Calls Attention to Supply Chain Security
- FireEye, SolarWinds Breaches: Implications and Protections (eSecurityPlanet)
- DOE Update on Cyber Incident Related to Solar Winds Compromise (DOE)
- "Strategic Silence" and State (Sponsored Hacking: The US Gov't and SolarWinds)
- Erlang Authenticated Remote Code Execution :: malicious.link — welcome
- 'Very, very large' telecom organization and Fortune 500 company breached in SolarWinds hack (scmedia)
- Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)
- 40 Of Microsoft's Customers Impacted By SolarWinds Hack : NPR
- Bill That Trump Is Vowing to Veto Strengthens Hacking Defenses, Lawmakers Say (nyt)
- Federal Reserve Board (Agencies propose requirement for computer security incident notification)
- Sunburst: connecting the dots in the DNS requests (Securelist)
- Hackers last year conducted a 'dry run' of SolarWinds breach
- GitHub (fireeye/sunburst_countermeasures)
- SolarWinds Likely Hacked at Least One Year Before Breach Discovery (SecurityWeek.Com)
- Reassembling Victim Domain Fragments from SUNBURST DNS (NETRESEC Blog)
- SolarWinds SUNBURST Backdoor: Inside the APT Campaign (SentinelLabs)
- Microsoft warns UK companies were targeted by SolarWinds hackers
- VMware Falls on Report Its Software Led to SolarWinds Breach (Bloomberg)
- What we know – and still don’t – about the worst-ever US government cyber-attack | Hacking (Guardian)
- Microsoft says it found malicious software in its systems (CNA)
- NSA on Authentication Hacks (Related to SolarWinds Breach) (Schneier)
- VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
- Protecting Microsoft 365 from on-premises attacks (Microsoft Tech Community)
- Tech Tent - Hackers breach US government (BBC Sounds)
- Microsoft falls prey to SolarWinds supply chain cyber-attacks (The Daily Swig)
- SANS Institute (Newsletters - NewsBites)
- Mitigating Cloud Supply-chain Risk: Office 365 and Azure Exploited in Massive U.S. Government Hack (CipherCloud)
Date 2021-01-09
- How to Understand and Defend Against SolarWinds (Type Attacks)
- The SolarWinds Investigation Ramps Up (WIRED)
- Industry urges agencies to accelerate zero trust adoption after SolarWinds hack (FedScoop)
- SolarWinds Malware Arsenal Widens with Raindrop (tpost)
Date 2021-01-10
- The Colorado Division of Securities alerts securities firms to be aware of any impact of SolarWinds hack (WesternSlopeNow.com)
- Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News (Latest Hacker News and IT Security News)
Date 2021-01-07
- Implications of Russian Hacking of SolarWinds
- CISA: SolarWinds Hackers Got Into Networks by Guessing Passwords (Nextgov)
- NSA Warns That Russian Hackers Are Targeting Virtual Workspaces (Nextgov)
- Gossamer tool aims to defend open source projects against SolarWinds-style supply chain attacks (The Daily Swig)
- Sealed U.S. Court Records Exposed in SolarWinds Breach — Krebs on Security
- The Cybersecurity 202: Riot in the Capitol is a nightmare scenario for cybersecurity professionals (wapo)
- SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack
- Krebs Stamos Group
- Our Plan for a Safer SolarWinds and Customer Community (Orange Matter)
- CISA: Hackers access to federal networks without SolarWinds - (FCW)
- SolarWinds Hackers Compromise Confidential Court Filings
- SolarWinds hack: Who’s to blame? It’s complicated. (TechBeacon)
- Meet The Super Rich Czech Tech Company — And Its Russian CEO —Denying Links To The Huge SolarWinds Hack
- An Update on SolarWinds (JetBrains Blog)
- Hacking victim SolarWinds hires ex-Homeland Security official Krebs as consultant (Reuters)
- CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks (scmedia)
- SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar (Symantec Blogs)
- FireEye's Mandia: 'Severity (Zero Alert' Led to ...)
Date 2021-01-05
- SolarWinds hack continues to spread: What you need to know (CNET)
- Severe SolarWinds Hacking: 250 Organizations Affected?
- Latest on the SVR’s SolarWinds Hack (Schneier)
- SolarWinds hack endangering cloud services’ API keys (DevOps Online)
- Researchers say cloud deployments of SolarWinds Orion could put API keys at risk (IT World Canada)
- The Cyberlaw Podcast: The Grim Lessons of the SolarWinds Breach (Lawfare)
- Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds
- SolarWinds attack: CrowdStrike says no impact
- ALERT FOR SWI INVESTORS WITH LOSSES: Bernstein Liebhard is Investigating SolarWinds Corporation For Violations of the Securities Laws
- SolarWinds hack officially blamed on Russia: What you need to know (CNET)
- HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Encourages SolarWinds (SWI) Investors with Losses to Contact Firm Now, Securities Fraud Lawsuit Filed
- SolarWinds Breach is the Rule, Not an Exception (secblvd)
- Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA) (CISA)
- SolarWinds Hit With Class (Action Lawsuit Following ...)
- Bucking Trump, NSA and FBI say Russia was “likely” behind SolarWinds hack (ars)
- Hacking ‘Likely’ Came From Russia, US Says (nyt)
- Essays: The Solarwinds Hack Is Stunning. Here’s What Should Be Done (Schneier)
- Opinion: The SolarWinds hack is stunning. Here's what should be done (CNN)
- Azure-Sentinel/ADFSDomainTrustMods.yaml at master · Azure/Azure (Sentinel · GitHub)
- Feds: SolarWinds Breach Is Likely Russian Intel Gathering Effort
Date 2021-01-01
- GitHub - Azure/Azure-Sentinel: Cloud (native SIEM for intelligent security analytics for your entire enterprise.)
- Gossamer: Supply Chain Security for Open (Source Software)
- SolarWinds Take Control Alternative (Splashtop SOS)
- SolarWinds hackers accessed Microsoft source code, the company says
- CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds (SecurityWeek.Com)
- Swap SolarWinds Orion for Intact Scorpio NOW
- SolarWinds Alternative (OpManager VS SolarWinds NPM - ManageEngine)
- SolarWinds Alternative - Get Modern Monitoring (Zenoss)
- Top SolarWinds Competitors and Alternatives - Gartner 2021 (IT Infrastructure Monitoring Tools)
- SolarWinds Network Performance Monitor Alternatives & Competitors (G2)
- List of Best SolarWinds NPM Alternatives & Competitors 2021
- Best SolarWinds Orion Platform Alternatives & Competitors
- SolarWinds Alternative (OpManager VS SolarWinds NPM - ManageEngine)
- SolarWinds NPM Competitors and Alternatives (IT Central Station)
- SolarWinds Alternative (Compare Site24x7 vs SolarWinds)
- SolarWinds Server & Application Monitor Alternatives and Similar Software (AlternativeTo)
- Top 15 SolarWinds Alternatives & Similar Tools (eBool)
- Nagios XI (Your Solarwinds Alternative Network Monitoring Solution)
- A Better Monitoring Alternative (LogicMonitor)
- Network Monitoring | NMIS (Opmantek)
- RMM Software - Atera - RMM software (PSA & Remote Access for MSPs)
- SolarWinds Network Performance Monitor Alternatives, Competitors & Similar Software (GetApp®)
- Fed up with Solarwinds, open source options? : sysadmin
- Nagios Alternatives - Nagios Replacement for Monitoring (SolarWinds)
- SolarWinds Alternatives (Guide Top 9 SolarWinds Alternatives)
- Open Source SolarWinds Server & Application Monitor Alternatives (AlternativeTo)
- Solarwinds alternative: a comparison in depth between Solarwinds and Pandora FMS
- SolarWinds Alternative (Alternatives to SolarWinds for Network and Server)
- SolarWinds Alternative - Get Modern Monitoring (Zenoss)
- 50 Best SolarWinds Alternatives & Competitors in 2021
- What are some alternatives to Solarwinds? (StackShare)
- Unryo (Performance Monitoring & Observability)
- Top SolarWinds Competitors and Alternatives (Craft.co)
- 20 best alternatives to SolarWinds Log & Event Manager as of 2021 (Slant)
- 50 Best SolarWinds Alternatives & Competitors in 2021
- Nagios Alternatives: Best Commercial & Open Source of 2021
- Best SolarWinds RMM Alternatives 2021 (Capterra)
- SolarWinds supply chain breach threatens government agencies and enterprises worldwide (ScienceDirect)
Date 2020-12-31
- Security Advisory (SolarWinds)
- The Real Culprit Behind SolarWinds: Remote Code Execution
- Microsoft Internal Solorigate Investigation Update (Microsoft Security Response Center)
- SolarWinds MSP Rebranding As N-able Amid Spin-Out Plan (ChannelE2E)
- This Week In Security: Deeper Dive Into SolarWinds, Bouncy Castle, And Docker Images (Hackaday)
- Canada Pension Plan Investment Board’s purchase of SolarWinds stock likely to fall under scrutiny (wapo)
- Microsoft Hacked in Russia-Linked SolarWinds Cyberattack (WSJ)
- SolarWinds hackers accessed Microsoft source code, the company says (Reuters)
- SolarWinds hackers accessed Microsoft source code (ZDNet)
- The SolarWinds Hack Doesn’t Demand a Violent Response (Defense One)
Date 2020-12-28
- How did SolarWinds' massive data breach go undetected for months? (YouTube)
- How hacked is hacked? Here’s a ‘hack scale’ to better understand the SolarWinds cyberattacks (GeekWire)
- SolarWinds SUNBRUST backdoor investigation using ShiftLeft’s Code Property Graph (secblvd)
- Analysis: The Impact of SolarWinds Hack (BankInfoSecurity)
- In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021 (scmedia)
- Russia’s SolarWinds Attack (Schneier)
- Using Microsoft 365 Defender to protect against Solorigate (MS Security)
- CISA releases Azure, Microsoft 365 malicious activity detection tool
Date 2020-12-23
- SolarWinds roundup: Fixes, new bad actors, and the company knew (Network World)
- SolarWinds Compromise May Have Begun 5 Months Earlier Than Suspected
- Bloodhound walkthrough. A Tool for Many Tradecrafts (Pen Test Partners)
- solorigate_sample_source/OrionImprovementBusinessLayer.cs at main · Shadow0ps/solorigate_sample_source (GitHub)
- Syxsense Confirms There is Zero SolarWinds® Orion® in its Environment and is Not a SolarWinds Customer
- SolarWinds hack exploited weaknesses we continue to tolerate (FT)
- Joe Biden Blames Russia For Huge SolarWinds Hack (HuffPost)
- Experts say SolarWinds hack could impact Kern County businesses
- The Facts and Mysteries About Russia’s Hack of the U.S.
- Massive data breach may have been discovered due to 'unforced error' by suspected Russian hackers (CNNPolitics)
- Opinion (With Hacking, the United States Needs to Stop Playing the Victim - The New York Times)
- List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors
- How the SolarWinds hackers are targeting cloud services in unprecedented cyberattack (GeekWire)
- CrowdStrike Launches Free Tool to Identify & Mitigate Risks in Azure Active Directory (CrowdStrike)
- Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they are (CyberScoop)
- Five Solution Providers Breached By SolarWinds Hackers: Researchers
- Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)
- 'No evidence' IRS taxpayer information exposed by SolarWinds hack (FedScoop)
- Cloud infrastructure is not immune from the SolarWinds Orion breach (secblvd)
- How we protect our users against the Sunburst backdoor (Securelist)
- SolarWinds roundup: Fixes, new bad actors, and what the company knew (Network World)
- From the Solarwinds supply chain attack (Golden Chain Bear) to see the covert operations in APT operations
- SolarWinds (Understanding & Detecting the SUPERNOVA Webshell Trojan - SentinelLabs)
- Q:CYBER spots lateral movement as used in the SolarWinds (Sunburst) calamity | State (insidenova.com)
- Who Broke SolarWind with Mat and Mike - S3E8 | The Cyber Tap | Podcasts on Audible (Audible.com)
Date 2020-12-22
- Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead (Prevailion)
- SolarWinds Claims Execs Unaware of Breach When They Sold Stock (SecurityWeek.Com)
- SolarWinds victims revealed after cracking the Sunburst malware DGA
- How SolarWinds could’ve been prevented (FRN)
- SolarWinds Campaign Focuses Attention on 'Golden ...
- HPE: ‘No Evidence’ It Has Been ‘Impacted’ By SolarWinds (Based Attack)
- Anexinet Exec: Lack Of Monitoring In SolarWinds Hack Is ‘Scary’
- SolarWinds: What It Means & What’s Next
- Everything we know about the Solarwinds Hack! (Updated!) (YouTube)
- SolarWinds Orion/SUNBURST – Armis Can See Impacted Devices & Attacks (secblvd)
- CISA updates emergency directive for SolarWinds Orion compromise | 2020-12-22 (Security Magazine)
- The SolarWinds Compromise and the Strategic Challenge of the Information and Communications Technology Supply Chain (CoFR)
- Qualys Researchers Identify 7+ Million Vulnerabilities Associated with SolarWinds/FireEye Breach by Analyzing Anonymized Vulnerabilities across Worldwide Customer Base (secblvd)
- The SolarWinds hack, and the danger of arrogance (scmedia)
- Florida Investigating Server Hacking Through SolarWinds Software
- All SentinelOne Customers Protected from SolarWinds SUNBURST Attack (bizwire)
- Prevasio: Sunburst Backdoor, Part III: DGA & Security Software
- Azure AD workbook to help you assess Solorigate risk (Microsoft Tech Community)
- A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says
- Loptr CEO Discusses Solarwinds Breach and How to Stay Safe
- Coast Guard releases bulletin on SolarWinds hack (WorkBoat)
- Infosec pros warned of second SolarWinds Orion vulnerability (IT World Canada News)
- Biden Assails Trump Over Handling of Russia Hacking (nyt)
- Sunburst Malware Optics Rules
- Cyberattack Hit Key US Treasury Systems: Senator (SecurityWeek.Com)
- SolarWinds Orion Data Security Update
- Another Hacking Group Has Targeted SolarWinds Systems
Date 2021-01-24
- Validating the SolarWinds N-central “Dumpster Diver” Vulnerability | by Kyle Hanslovan (Huntress)
- SolarWinds Corporation (NYSE: SWI)
Date 2020-12-17
- SolarWinds’ Customers (Pastebin)
- Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations (CISA)
- Federal investigators find evidence of previously unknown tactics used to penetrate government networks (wapo)
- Exclusive-Suspected Russian hacking spree reached into Microsoft -sources (Reuters)
- Nuclear weapons agency breached amid massive cyber onslaught (POLITICO)
- Microsoft says it was hit in SolarWinds attack, but customer data safe (BI)
- Microsoft identifies more than 40 organizations targeted in massive cyber breach (CNNPolitics)
- Russian Hackers Have Been Inside Austin Network for Months
- The SolarWinds Orion SUNBURST supply-chain Attack (TRUESEC Blog)
- DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors (fireeye)
- SUPERNOVA: A Novel .NET Webshell, an Analysis
- A moment of reckoning: the need for a strong and global cybersecurity response (Microsoft On the Issues)
- SolarWinds hackers breach US nuclear weapons agency
- CISA: SolarWinds Not the Only Initial Attack Vector ...
- Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps
- GitHub (cyberark/shimit: A tool that implements the Golden SAML attack)
- SolarWinds Deploys CrowdStrike To Secure Systems After Hack
- Hack Suggests New Scope, Sophistication for Cyberattacks (WSJ)
- SolarWinds MSP To Revoke Digital Certificates For Tools, Issue New Ones As Breach Fallout Continues
- More Hacking Attacks Found, Officials Warn of Risk to U.S. Government (nyt)
- Senators Ask IRS Whether Taxpayer Data Hit in SolarWinds Hack (Bloomberg)
- SolarWinds, GitHub Leaks and Securing the Software Supply Chain (secblvd)
- SolarWinds breach raises stakes for NDAA Trump still threatens to veto (FRN)
- NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources > National Security Agency Central Security Service > Article View
- Senators Press IRS for SolarWinds Hack Briefing (WSJ)
- Hackers Tied to Russia Hit Nuclear Agency; Microsoft Is Exposed (Bloomberg)
- Cyber attack may be ‘worst in the history of America’ (LV Jrnl)
- US under major active cyberattack from Russia, Trump’s former security adviser warns (The Independent)
- More on the SolarWinds Breach (Schneier)
- Supply Chain Attack: CISA Warns of New Initial Attack Vectors Posing 'Grave Risk' (SecurityWeek.Com)
- Feds: SolarWinds Attack ‘Poses a Grave Risk’ To Government, Business
- SolarWinds Hack ‘One Of The Worst In The Last Decade’: Analyst
- SolarWinds Alternatives (MetricFire Blog)
- Microsoft president sounds alarm on ‘ongoing’ SolarWinds hack, identifies 40 more precise targets (Verge)
Date 2020-12-21
- Solorigate AzureAd IOCs
- SolarWinds Hack Victims: From Tech Companies to a Hospital and University (WSJ)
- Microsoft identifies second hacking group affecting SolarWinds software
- SolarWinds Adviser Warned of Lax Security Years Before Hack (Bloomberg)
- Top Expert Backgrounder: Russia’s SolarWinds Operation and International Law
- SolarWinds incident should be a catalyst to rethink federal cybersecurity (FRN)
- Kevin Mandia: 50 Firms ‘Genuinely Impacted’ By SolarWinds Attack
- SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security (secblvd)
- CISA warns that SolarWinds software may not be only entry point in latest breaches - (GCN)
- The Solarwinds breach — What do CIOs need to do now?
- Continue Clean (up of Compromised SolarWinds Software)
- Advice for incident responders on recovery from systemic identity compromises (MS Security)
- A second hacking group has targeted SolarWinds systems (ZDNet)
- The Law Offices of Frank R. Cruz Continues Its Investigation of SolarWinds Corporation (SWI) on Behalf of Investors (bizwire)
- Solorigate Resource Center – updated December 31st, 2020 (Microsoft Security Response Center)
- After the FireEye and SolarWinds breaches, what’s your failsafe? (TechCrunch)
- Trump's reluctance to name Russia in SolarWinds hack will hamper recovery (Axios)
- Advisory for SolarWinds Orion Vulnerabilities (secblvd)
- Microsoft: A 2nd Group May Have Also Breached SolarWinds
- SHAREHOLDER ALERT: SolarWinds Corp. Investigated for Possible Breaches of Fiduciary Duty After Insiders Sold $285 Million Worth of Company Stock; Investors Should Contact Block & Leviton LLP
- Advanced Persistent Threat Actors Leverage SolarWinds Vulnerabilities
- All about the suspected Russian cyberattack that Microsoft has called ‘moment of reckoning’
- Russian Hacking Targeted Treasury Department’s Senior Leaders (nyt)
- Partial lists of organizations infected with Sunburst malware released online (ZDNet)
- SolarWinds Hack Hit Office Home to Top Treasury Department Officials (WSJ)
- Federal Acquisition Supply Chain Security Act
- VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
- SolarWinds Hack: Is NSA Doing the Same to Russia?
- Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack (Verge)
- The SolarWinds Sunburst Attack: How to Protect Yourself from 5th Generation Cyberattacks (Secure Ops)
Date 2020-12-20
- SolarWinds Hack Could Affect 18K Customers — Krebs on Security
- FireEye CEO: Hack was "totally unique," "utte... (CBS News)
- Former US cybersecurity chief Chris Krebs says officials are still tracking 'scope' of the SolarWinds hack
- Biden team and lawmakers raise alarms over Russian cybersecurity breach (wapo)
- CNN.com (Transcripts)
- Azure-Sentinel/SolarWindsPostCompromiseHunting.json at master · Azure/Azure (Sentinel · GitHub)
- SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security (YouTube)
Date 2020-12-19
- Second hacking team was targeting SolarWinds at time of big breach (Reuters)
- Second hacking team was targeting SolarWinds at time of big breach (Reuters)
- How U.S. agencies' trust in untested software opened the door to hackers (POLITICO)
- NATO Checking Systems After US Cyberattack (SecurityWeek.Com)
- Massive SolarWinds hack has big businesses on high alert (CNN)
- US cyber-attack: Russia 'clearly' behind SolarWinds operation, says Pompeo (BBC News)
- SolarWinds hack shows we need a 'whole of society' national cyber strategy (hill)
- FireEye, Crowdstrike enjoy record days as SolarWinds hack leads to soaring security stocks (MarketWatch)
- It’s A Twister! Will SolarWinds Blow Cybersecurity Governance Reform Into The Boardroom?
- Prevasio: Sunburst Backdoor, Part II: DGA & The List of Victims
- SHAREHOLDER ALERT: Kaskela Law LLC Announces Investigation of SolarWinds Corp. (SWI) and Encourages SWI Stockholders to Contact the Firm
- On the SolarWinds Hack or When Total Information Awareness is the Chainsaw Which Gently Buggers You Sidewise (An F... Again...)
- SolarWinds Hack: Cisco And Equifax Amongst Corporate Giants Finding Malware... But No Sign Of Russian Spies
- Russia's SolarWinds Hack Is the Big One (BoonWorks)
- At Least 200 Victims Identified in Suspected Russian Hacking (Bloomberg)
- Pompeo Blames Russia for Hack as Trump Casts Doubt on Widespread Conclusion (WSJ)
- Trump Contradicts Pompeo Over Russia’s Role in Hack (nyt)
- Hacked Networks Will Need to be Burned 'Down to the Ground' (SecurityWeek.Com)
- Pompeo Says Russia 'Pretty Clearly' Behind SolarWinds Cyberattack. : NPR
Date 2020-12-16
- How suspected Russian hackers outed their massive cyberattack (POLITICO)
- Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security
- GitHub (RedDrip7/SunBurst_DGA_Decode: SunBurst DGA Decode Script)
- (1) Itay Cohen on Twitter: "The attackers behind the #SUNBURST malware put a lot of effort into trying to avoid detection by analysts and security vendors. Not only this, but they also tried to make sure to stay under the radar of #SolarWinds develope
- SunBurst: the next level of stealth
- Thread by @megabeets_ on Thread Reader App (Thread Reader App)
- SolarWinds’ shares drop 22 per cent. But what’s this? $286m in stock sales just before hack announced? (Register)
- SolarWinds: Why the Sunburst hack is so serious (BBC News)
- InfoSec Handlers Diary Blog
- SUNBURST – SolarWinds® Orion® IT Management Platform Security Advisory (ServerCentral Turing Group)
- Hack May Have Exposed Deep US Secrets; Damage Yet Unknown (SecurityWeek.Com)
- Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack (nyt)
- SolarWinds Orion hack: Why cybersecurity experts are worried (CNN)
- SolarWinds said no other products were compromised in recent hack (ZDNet)
- Microsoft to quarantine SolarWinds apps linked to recent hack (ZDNet)
- The SolarWinds and US government breach is not a marketing opportunity (ZDNet)
- Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) (CISA)
- DOD has a leg up in mitigating potential SolarWinds breach, former officials say (FedScoop)
- Little (known SolarWinds gets scrutiny over hack, stock sales)
- SunBurst_DGA_Decode/decode.py at main · RedDrip7/SunBurst_DGA_Decode (GitHub)
- subdomain & #DGA domain names , #SolarWinds, attacked by #UNC2452 @0xrb (Pastebin.com)
- SolarWinds Post-Compromise Hunting with Azure Sentinel (Microsoft Tech Community)
- New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor
- Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach (GeekWire)
- SolarWinds' dominance became a liability in sprawling spy campaign (VentureBeat)
- Responding to the SolarWinds Breach: Detect, Prevent, and Remediate the Dark Halo Supply Chain Attack (Volexity)
- Sunburst Trojan (What You Need to Know)
- Opinion (I Was the Homeland Security Adviser to Trump. We’re Being Hacked. - The New York Times)
- U.S. Agencies Exposed in Attack by Suspected Russian Hackers (Bloomberg)
- Federal Agencies, Think Tank Targeted in Russian Hacking Spree
- SolarWinds Exposed GitHub Repository Publicly since 2018
- FireEye and SolarWinds Cyber Attack Information for Exabeam Customers and Partners
- Sunburst: Supply Chain Attack Targets SolarWinds Users (Symantec Blogs)
- SolarWinds Removes Customer List From Site as It Releases Second Hotfix (SecurityWeek.Com)
- We're not saying this is how SolarWinds was backdoored, but its FTP password 'leaked on GitHub in plaintext' (Register)
- Trend data on the SolarWinds Orion compromise
- FireEye, Microsoft create kill switch for SolarWinds backdoor
- Massive hack of US government launches search for answers as Russia named top suspect
Date 2020-12-15
- SolarWinds hackers have a clever way to bypass multi-factor authentication (ars)
- GitHub (fireeye/sunburst_countermeasures)
- Hackers at center of sprawling spy campaign turned SolarWinds' dominance against it (Reuters)
- SolarWinds' Update Server Could Be Accessed in 2019 Using Password 'solarwinds123': Report
- Richard Blumenthal on Twitter: "Stunning. Today’s classified briefing on Russia’s cyberattack left me deeply alarmed, in fact downright scared. Americans deserve to know what's going on. Declassify what’s known & unknown." / Twitter
- Giant U.S. Computer Security Breach Exploited Very Common Software (Scientific American)
- SolarWinds Orion: More US government agencies hacked (BBC News)
- Microsoft’s Role In SolarWinds Breach Comes Under Scrutiny
- Lessons on Identity Security From Recent High (Profile Breaches)
- Microsoft and industry partners seize key domain used in SolarWinds hack (ZDNet)
- Kyle Hanslovan on Twitter: "Although their string obfuscation techniques were anything but special, their codebase and domains successfully evaded security scrutiny for nearly a year ¯_(ツ)_/¯. Here are screenshots of some CryptoHelper and ZipHelper cl
- Ensuring customers are protected from Solorigate (MS Security)
- Orion Platform - Scalable IT Monitoring (SolarWinds)
- Was my workplace hit by SolarWinds hack? FAQ answers. (trib)
- Expert warned 'solarwinds123' password could expose firm: Report (BI)
- SolarFlare Release: Password Dumper for SolarWinds Orion (secblvd)
- CISA Warns Agencies of SolarWinds Orion Compromise via Emergency Directive (gcwire)
- Prevasio: Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware
- GitHub (mubix/solarflare: SolarWinds Orion Account Audit / Password Dumping Utility)
- SolarFlare Release: Password Dumper for SolarWinds Orion :: malicious.link — welcome
- HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Investigating SolarWinds (SWI) Knowledge of Hack in Orion Products, Encourages SWI Investors with Losses to Contact Firm Now
- Hackers used SolarWinds' dominance against it in sprawling spy campaign (Reuters)
- SolarWinds Breach Used to Infiltrate Customer Networks (Solarigate)
- FireEye Malware Optics Rules
- SolarWinds attack explained: And why it was so hard to detect (CSO Online)
- Group Behind SolarWinds Hack Bypassed MFA to Access Emails at US Think Tank (SecurityWeek.Com)
- Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk
- Suspected Russian Hack Said to Have Gone Undetected for Months (WSJ)
- Suspected Russian Cyberattack Began With Ubiquitous Software Company (WSJ)
- White House National Security Adviser O’Brien Cuts Trip Short to Address SolarWinds Hack (WSJ)
- New, free tool adds layer of security for the software supply chain
- What We Know (And Don’t) About The SolarWinds Orion Hack So Far
- Suspected Russia SolarWinds Hack Exposed After FireEye Cybersecurity Firm Found 'Backdoor'
- The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it. (wapo)
- How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication (Schneier)
- SolarWinds hides list of high-profile customers after devastating hack (Verge)
- Russian hack into Treasury, Commerce, DHS raises federal alarms (Axios)