#solarwinds

[ follow ]
#cybersecurity

Microsoft whistleblower says firm ignored early warnings about flaw exploited in SolarWinds breach

Harris warned Microsoft about a vulnerability named Golden SAML that became part of the SolarWinds attacks, affecting millions and potentially leaving minimal digital traces.

Protecting against software supply chain attacks

Software supply chain attacks are on the rise, with a 742% increase between 2019 and 2022.
These attacks have a widespread and enduring impact, impacting thousands of customers and potentially remaining undetected for years.

SolarWinds hardcoded credential bug exploited

A critical vulnerability in SolarWinds' Web Help Desk allows attackers to exploit hardcoded credentials, risking data integrity.
Users are urged to update to the latest patched version to mitigate security risks.

SEC fines four companies $7 million for 'misleading cyber disclosures' regarding SolarWinds hack | TechCrunch

The SEC charged four companies for misleading disclosures regarding the 2019 SolarWinds data breach, impacting investor awareness.

SEC Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures

Four companies misled investors about the SolarWinds cyber attack, leading to SEC charges and penalties for failing to disclose the incident's extent.

SolarWinds Help Desk software vulnerability added to CISA catalogue

Active exploitation of vulnerabilities poses a significant threat to both federal and private sectors as highlighted by CISA's recent additions to its catalogue.

Microsoft whistleblower says firm ignored early warnings about flaw exploited in SolarWinds breach

Harris warned Microsoft about a vulnerability named Golden SAML that became part of the SolarWinds attacks, affecting millions and potentially leaving minimal digital traces.

Protecting against software supply chain attacks

Software supply chain attacks are on the rise, with a 742% increase between 2019 and 2022.
These attacks have a widespread and enduring impact, impacting thousands of customers and potentially remaining undetected for years.

SolarWinds hardcoded credential bug exploited

A critical vulnerability in SolarWinds' Web Help Desk allows attackers to exploit hardcoded credentials, risking data integrity.
Users are urged to update to the latest patched version to mitigate security risks.

SEC fines four companies $7 million for 'misleading cyber disclosures' regarding SolarWinds hack | TechCrunch

The SEC charged four companies for misleading disclosures regarding the 2019 SolarWinds data breach, impacting investor awareness.

SEC Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures

Four companies misled investors about the SolarWinds cyber attack, leading to SEC charges and penalties for failing to disclose the incident's extent.

SolarWinds Help Desk software vulnerability added to CISA catalogue

Active exploitation of vulnerabilities poses a significant threat to both federal and private sectors as highlighted by CISA's recent additions to its catalogue.
morecybersecurity

SolarWinds left hardcoded credentials in helpdesk product

SolarWinds' Web Help Desk had a critical security flaw due to hardcoded credentials, necessitating an immediate update for users.

Russia's Cozy Bear spotted diving into cloud environments

Cozy Bear, responsible for the SolarWinds attack, has expanded to target cloud environments and diversified victim categories.
Five Eyes governments issue a joint advisory warning of Cozy Bear expanding targets and methods, including targeting organizations via cloud services.
#supply-chain-attack

How SolarWinds Responded to the 2020 SUNBURST Cyberattack

SolarWinds fell victim to a supply chain attack where hackers inserted malware into a software update, potentially compromising customer data.
General Counsel Jason Bliss had to lead the company's response without knowing the full extent of the attack or having the new CEO in place.

Judge mostly tosses SEC claims against SolarWinds security

Judge dismisses SEC lawsuit against SolarWinds post-SUNBURST attack claims; sustains securities fraud allegations for pre-SUNBURST statements about Orion product security.

How SolarWinds Responded to the 2020 SUNBURST Cyberattack

SolarWinds fell victim to a supply chain attack where hackers inserted malware into a software update, potentially compromising customer data.
General Counsel Jason Bliss had to lead the company's response without knowing the full extent of the attack or having the new CEO in place.

Judge mostly tosses SEC claims against SolarWinds security

Judge dismisses SEC lawsuit against SolarWinds post-SUNBURST attack claims; sustains securities fraud allegations for pre-SUNBURST statements about Orion product security.
moresupply-chain-attack

Kyivstar Says Internet Access Restored To More Than 90 Percent Of Subscribers

Russian hackers are targeting servers hosting vulnerable software made by Czech tech company JetBrains.
The cyberespionage technique used by Russian hackers in this case is similar to the one used in the SolarWinds attack.

Judge dismisses much of SEC suit against SolarWinds over cybersecurity disclosures

Judge dismissed most SEC claims against SolarWinds over cybersecurity breach.
[ Load more ]