Category Archives: SolarWinds hack
While tempting, most experts agree that hack-back strategies are a bad idea for companies. But there are tactics that can help deter nation-state actors and limit their ability to penetrate networks.
The post Does SolarWinds change the rules in offensive cyber? Experts say no, but offer alternatives appeared first on SC Media.
Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.
The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.
Tactics expose the need for organizations to develop cohesive playbooks for breaches affecting hybrid environments.
The post SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach appeared first on SC Media.
The number of SolarWinds victims will likely grow in the upcoming months, but direct insured costs should remain close to the current estimate since many of the organizations hit – particularly federal agencies – do not carry insurance against cyber risks.
The post With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity? appeared first on SC Media.
Software company says 2 customer inquires, in hindsight, appear linked to supply-chain attack
The post Sunspot malware scoured servers for SolarWinds builds that it could weaponize appeared first on SC Media.
While researchers may want to invest time and energy towards attributing the latest high-profile attack to a particular adversary, more productive is the ability to see similarities in the underlying techniques employed in the attack were to prior attacks.
The post Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group appeared first on SC Media.
Experts disagree that election security efforts detracted from supply chain security. But there are still lessons to be learned.
The post SolarWinds hack: Amid hardened security, attackers seek softer targets appeared first on SC Media.
The SolarWinds hack endangers not just organizations’ on-premises systems but also their cloud-based infrastructure.
The post SolarWinds hack poses risk to cloud services’ API keys and IAM identities appeared first on SC Media.
Stockholders who purchased company shares in 2020 are suing the IT management software company for materially misleading investors about their security practices.
The post SolarWinds, top executives hit with class action lawsuit over Orion software breach appeared first on SC Media.