SolarWinds, a trusted provider of IT management software that was rather unknown outside of IT circles, became a household name after it disclosed in December that advanced threat actors compromised certain versions of its Orion platform and carried out attacks against the U.S. government and other private sector technology companies. The company, along with other […]
The U.S. Cybersecurity and Infrastructure Agency has released a new tool designed to help IT and security professionals detect indicators of compromise associated with the SolarWinds and Active Directory/Microsoft 365 Compromise. The tool, CISA Hunt and Incident Response Program (CHIRP), scans for signs of compromise from an advanced persistent threat actor within an on-premises environment. […]
This winter has been a nightmare for cybersecurity and IT teams everywhere, with the most recent being the exploits of vulnerabilities in certain on-premises versions of Microsoft Exchange Server. According to experts and news reports, these attacks started sometime in early January and targeted a wide range of victims, including government, health care, law firms, […]
Microsoft and FireEye are disclosing new details about the hackers behind the massive compromise of the SolarWinds Orion platform, including three new pieces of malware being used in late-stage activity by the group, which Microsoft is calling NOBELIUM. According to both tech companies, the earliest known use of a newly discovered backdoor was in August […]
SolarWinds is preparing to incur significant costs related to the compromise of the company’s Orion IT management platform and has already spent more than $3 million to remediate the impacts of the massive hacking campaign. Going forward, the company expects to incur costs related to the attack of up to $25 million in 2021. That […]
Although Microsoft maintains that none of its tools were leveraged by the threat group behind the SolarWinds Orion compromise, the company did disclose that the hackers viewed source code for a small subset of Azure, Intune and Exchange components. In a Microsoft Security Response Center blog on the final update of the company’s internal investigation […]
The number of private sector companies that fell victim to the SolarWinds attack is now around 100, according to U.S. officials who gave a briefing on the large-scale sophisticated supply chain attack that used popular IT management software as an initial access. In a White House briefing Wednesday, Anne Neuberger, the deputy national security advisor […]
Cybersecurity experts and government officials from around the world are still putting the pieces together to understand the full scope of the SolarWinds supply chain compromise. We’re getting a better idea of just how organized and sophisticated the attack was, thanks to people like Microsoft President Brad Smith. In a recent interview on “60 Minutes”, […]
According to new reports, a separate group of hackers are thought to have exploited a software flaw in SolarWinds’ products to break into U.S. government computers last year. Reuters, citing sources familiar with the investigations, reported Tuesday that suspected Chinese hackers used SolarWinds to hack into the National Finance Center, a federal payroll agency within […]
According to new reports, close to a third of the victims of a sophisticated threat actor leveraging the compromised SolarWinds’ Orion IT management platform didn’t run the popular network management software, raising fear that the hack goes deeper and into other software providers. The Wall Street Journal reports that about 30% of the private sector […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!