SolarWindsに対するサイバー攻撃では、SolarWinds Orionソフトウェアの脆弱性を悪用してサプライチェーン攻撃が行われました。デジタル署名付きソフトウェアにマルウェアが仕掛けられ、結果として多くの組織が侵害を受けました。
As for the remaining securities filings, the court found that SolarWinds properly disclosed the December 2020 cyberattack in its Form 8-K, which was filed just two days after the SolarWinds’ CEO was notified of the vulnerability.9Such prompt disclosure appears largely consistent wi...
Here, we provide everything you need to know about the SolarWinds breach, how it infiltrates systems, and the ongoing response from infosec industry experts and vendors. 1The latest SolarWinds breach news Victims of the SolarWinds backdoor attack continue to be revealed as big tech companies ...
In a recent interview withCBS News’ 60 MinutesMicrosoft president Brad Smith answered many questions as to the scale of the attack and Microsoft’s unprecedented response to the incident. As to the scale, Smith and many others believe that the attack may have been the largest and most sophist...
Cisco Response Following the SolarWinds cyberattack announcement, Cisco Security immediately began our established incident response processes. We have isolated and removed Orion installations from a small number of Cisco assets. At this time, there is no known impact to Cisco products, services, or ...
Currently known in depth attack details have been provided by the M365 and MSTIC teams via the deep dive analysis blog. Updated 12/21/2020 Current advice for incident responders on recovery from systemic identity compromises has been provided by Microsoft Detection and Response Team. Updated 12/...
While nearly every attack is called “sophisticated” by victims who try and shield themselves from criticism, the security community is nearly unanimous in its verdict that the term is merited in this case. The speed, scope and scale of Microsoft’s response were unprecedented. Specificall...
Details of the attack are still emerging, and will likely still emerge for some time, but a summary of the attack is needed before a dive into the how is done. On Monday, December 14, 2020, the US governmentorderedseveral emergency measures to be taken to recover from potentially the most...
Prior to releasing this guidance update, CISA has also released a free tool for IT and security experts working incident response (IR) on the SolarWinds supply chain attack. The tool, a PowerShell script, helps detect possible compromised accounts and applications in an Azure or Microsoft ...
The attribution of the SolarWinds attack comes as the Biden administration issued sanctions against Russia in response to what's described as "harmful activities by the Government of the Russian Federation". The financial sanctions specifically mention "malicious" cyber activities by Russian ac...