TheSolarWinds supply chain attackhighlighted how vulnerable supply chains are tocyberattacks. Supply chain risk mitigation has since become an essential component of risk management strategies andinformation securityprograms. To support the success of this effort, we’ve listed the top 4 supply chain ...
In recent years, there have been several high-profile cyber attacks that have involved the abuse of digital certificates. Digital certificates are electronic credentials that verify the identity of an entity, such as a person, organization, or device, and establish trust between parties in onli...
Since learning of theSolarWinds supply chain attacklast weekend, security teams everywhere have been scrambling to determine whether they were compromised by the “SolarStorm” attacks. Every few hours a new compromised entity is identified. They’re right to pay attention. We will soon be talking ...
The SolarWinds hackers put in "painstaking planning" to avoid being detected on the networks of hand-picked targets. Written by Liam Tung, Contributing Writer Jan. 21, 2021 at 7:00 a.m. PT Play VideoIt's known that the hackers behind the SolarWinds supply chain attack we...
FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack Jan 06, 2021 The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. "This work indicates that an ...
APT29 also tracked as DarkHalo, is best known for the SolarWindssupply chain attack, has been busy stealthily compromising networks since the SolarWinds incident. This is according toBleeping ComputerandCrowdStrike. Security researchers discovered an attack campaign dropping a new variant of the GoldMa...
He points to the troubling trends of APTs moving to compromise upstream software and source code, as we have seen with the SolarWinds supply chain attack, which after much debate among U.S. government officials, was attributed to Russia-backed hackers.“Particularly troubling is the trend we ...
In January 2021, for the first time, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the DNI and the NSA publicly suggested Russian threat actors were responsible for theSolarWinds supply chain attack. ...
President Biden’s executive order on the security of the supply chain is perhaps the most telling evidence of the deep impact the SolarWinds attack has had on public and private organizations, but whether this order and the ensuing actions will trickle down and improve the state of sup...
CISA has previously published asecurity alertin which it said that “the SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged.” “We received information from the Microsoft Security Response Center on December 15 about suspicious activity from a...