On Friday, America’s Cybersecurity and Infrastructure Security Agency revealed that the “threat actor” behind the massive breach of U.S. networks through compromised SolarWinds software also used password guessing and password spraying attacks, according to ZDNet. And they may still be breaching federal networks, reports GCN: “Specifically, we are investigating incidents in which activity indicating abuse of Security Assertion Markup Language (SAML)…
Tag: solarwinds
Sealed US Court Records Exposed In SolarWinds Breach
An anonymous reader quotes a report from Krebs On Security: The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts. The…
SolarWinds Hackers Accessed DOJ Emails, But there’s No Indication They Reached Classified Systems
Hackers who tapped into government networks through SolarWinds software potentially accessed about 3% of the Justice Department’s email accounts, but there’s no indication they accessed classified systems, a DOJ spokesperson said in a statement Wednesday. From a report: The DOJ Office of the Chief Information Officer learned of the hack the day of Christmas Eve, according to the statement, where agents…
Is the US Government’s Cybersecurity Agency Up to the Job?
CNN reports that some critics are now questioning whether America’s Cybersecurity and Infrastructure Security Agency (CISA) is equipped to protect the integrity of government systems from adversaries: Some of the nearly half-dozen government agencies affected by the hack have recently reached out to CISA for help with addressing the known vulnerabilities that were exploited in the attack but were told the…
Microsoft, SolarWinds Face New Criticism Over Russian Breach of US Networks
After Russia’s massive breach of both government and private networks in the U.S., American intelligence officials “have expressed anger that Microsoft did not detect the attack earlier But new criticisms are also falling on SolarWinds: Some of the compromised SolarWinds software was engineered in Eastern Europe, and American investigators are now examining whether the incursion originated there, where Russian intelligence operatives…
Microsoft Says SolarWinds Hackers Viewed Source Code
The hackers who carried out a sophisticated cyberattack on government agencies in the US and private companies were able to access Microsoft’s source code, the company said Thursday. From a report: A Microsoft investigation turned up “unusual activity with a small number of internal accounts” and that “one account had been used to view source code in a number of source…
CISA Updates SolarWinds Guidance, Tells US Govt Agencies To Update Right Away
The US Cybersecurity and Infrastructure Security Agency has updated its official guidance for dealing with the fallout from the SolarWinds supply chain attack. From a report: In an update posted late last night, CISA said that all US government agencies that still run SolarWinds Orion platforms must update to the latest 2020.2.1HF2 version by the end of the year. Agencies that…
Russians Are Believed To Have Used Microsoft Resellers in Cyberattacks
As the United States comes to grips with a far-reaching Russian cyberattack on federal agencies, private corporations and the nation’s infrastructure, new evidence has emerged that the hackers hunted their victims through multiple channels. From a report: The most significant intrusions discovered so far piggybacked on software from SolarWinds, the Austin-based company whose updates the Russians compromised. But new evidence from…
US Cyber Agency Says SolarWinds Hackers Are ‘Impacting’ State, Local Governments
The U.S. cybersecurity agency says that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details. From a report: The hacking campaign, which used U.S. tech company SolarWinds as a springboard to penetrate federal government networks, was “impacting enterprise networks across federal, state, and local governments, as well as…
How Do US Government Agencies Verify Security Software from Private Contractors?
A recent article at Politico argues that the U.S. government “doesn’t do much to verify the security of software from private contractors. And that’s how suspected Russian hackers got in.” The federal government conducts only cursory security inspections of the software it buys from private companies for a wide range of activities, from managing databases to operating internal chat applications. That…