Cybersecurity experts from Microsoft have released a long, detailed blog about the SolarWinds compromise that includes new information that helps IT professionals better understand how the attack transpired. The blog – a deep dive into how attackers moved from the initial backdoor and through customer networks – comes as the tech community continues to grapple […]
The Cybersecurity and Infrastructure Agency, the U.S. agency tasked with shoring up the country’s cyber defenses, is beginning a coordinated effort to encourage public and private sector organizations to mitigate the threat of ransomware. The Reduce the Risk of Ransomware Campaign aims to help companies implement best practices, tools and resources to help prevent ransomware […]
Anti-malware software company Malwarebytes company itself is a victim of the SolarWinds attack, the company announced this week. In a blog, CEO Marcin Kleczynski said the company has evidence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. Attackers gained access to a limited subset […]
As part of a $1.9 trillion COVID-19 relief plan, President Joe Biden plans to inject billions into the U.S.’s IT infrastructure and remediate the SolarWinds breach, according to text of the plan. In addition to stimulus checks, small business relief and vaccines, Biden’s plan calls for modernization of the country’s IT systems to protect against […]
Cybersecurity firm Symantec has uncovered an additional piece of malware used in the SolarWinds attacks, becoming the fourth piece of malware associated with the wide-ranging compromise of the popular IT management software. Symantec is calling this malware “Raindrop,” which is “a loader that delivers a payload of Cobalt Strike,” the company wrote in a blog […]
You never thought your company would be the target of a cyber attack. You’re a small, relatively obscure company with only a few dozen employees, and judging by your balance sheet, you don’t think you represent a big target for a hacker. As such, you don’t invest in adequate cyber defenses because you can’t justify […]
IT leaders need to do more to protect themselves from future supply chain attacks like the SolarWinds compromise, according to the Linux Foundation. In a new blog, David Wheeler, the Foundation’s open source supply chain security director, went through how the attack went undiscovered until months after the suspected Russian state-sponsored actors compromised the SolarWinds […]
In a new blog, SolarWinds’ CEO laid out what it is doing to respond to the compromise of its Orion IT management platform and what it knows so far about the attack. As many cybersecurity and IT experts have been saying, SolarWinds’ CEO Sudhakar Ramakrishna called the attack – which the company codenames Sunburst – […]
The FBI warns of a rise in “swatting attacks,” whereby hackers use compromised email accounts to access smart devices to make hoax calls to emergency services. The FBI issued the warning after smart home device manufacturers notified law enforcement that offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities […]
Cloud-based email security provider Mimecast says a sophisticated cyber actor has compromised a digital certificate it uses to authenticate connections between its products and Microsoft cloud servers. In a Tuesday post, the company said it was recently informed by Microsoft that “significant threat actor” compromised a certificate it issued to certain customers to authenticate Mimecast […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!
