The time it takes between when an attacker is able to gain access and the time an attack is actually discovered is often referred to as dwell time. According to a report released in January 2020 by security firm CrowdStrike, theaverage dwell timein 2019 was 95 days. Given that it took we...
As forensic evidence is slowly being unearthed in the aftermath of the SolarWinds supply chain attack, security researchers have discovered a second threat actor that has exploited the SolarWinds software to plant malware on corporate and government networks. Details about this second threat actor are...
Ives said he also thinks SolarWinds has the ability to bounce back and recover its reputation after the attack. He said the company has worked fast and been transparent throughout the aftermath of the attack. "This is going to be a chapter in history in terms of the supply chain book," ...
The original attack vector remains unknown but there are hints that might give us a clue of what originally happened. Since the first traces of backdoor being used date back to March 2020, it is very probable that SolarWinds was hacked at the beginning of 2020 or in late 2019. This is ...
The SolarWinds supply chain attack was one of the biggest cyber incidents there's ever been. Here's how the company has dealt with the aftermath.
The questions were built off of the first set of questions CISA asked SolarWinds in the immediate aftermath of the attack, Brown said. The company now recommends that other software developers use the screening questionnaire to assess the security of their suppliers, Brown said. ...