513 matches found
New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor
The investigation into how the attackers managed to compromise SolarWinds' internal network and poison the company's software updates is still underway, but we may be one step closer to understanding what appears to be a very meticulously planned and highly-sophisticated supply chain attack. A ne...
The SolarWinds Perfect Storm: Default Password, Access Sales and More
SECOND UPDATE A perfect storm may have come together to make SolarWinds such a successful attack vector for the global supply-chain cyberattack discovered this week. Researchers said that includes its use of a default password “SolarWinds123” that gave attackers an open door into its...
SolarWinds Hack Could Affect 18K Customers
The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affecte...
Nearly 18,000 SolarWinds Customers Installed Backdoored Software
SolarWinds, the enterprise monitoring software provider which found itself at the epicenter of the most consequential supply chain attacks, said as many as 18,000 of its high-profile customers might have installed a tainted version of its Orion products. The acknowledgment comes as part of a new...
Solorigate/Sunburst : FireEye Breach Leveraged SolarWinds Orion Software
Update Dec 23, 2020: Added new section describing how to reduce risk with File Integrity Monitoring. Update Dec 22, 2020: FireEye Red Team tools & Solorigate/SUNBURST On December 13, SolarWinds released a security advisory regarding a successful supply-chain attack on the Orion management platfor...
BSA-2020-1174
Security Advisory ID : BSA-2020-1174 Component : Theft of FireEye Red Team Tools Revision : 1.0 Brocade Security is aware of the news reporting the Theft of FireEye Red Team Tools by a highly sophisticated threat actor. More information atTheft of FireEye Red Team Tools...
SolarWinds advanced cyberattack: What happened and what to do now
We learned more about the sophisticated attack first disclosed on December 8 when security firm FireEye reported it had been the victim of a state-sponsored adversary that stole Red Team assessment tools. On December 13 there was a new development when IT company SolarWinds announced it had been...
DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report
The U.S. Department of Homeland Security DHS, plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were caught up in the attack, FireEye said, which was carried...
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. FireEye has given the campaign an identifier of UNC2452 and is further...
A week in security (December 7 – December 13)
Last week on Malwarebytes podcast we talked to Doug Levin, founder of the K12 cybersecurity resource center and advisor to the K12 Security Information Exchange, about how schools can plan for a cybersecure 2021. We also released a Malwarebytes Labs report revealing that 50 percent of schools did...
FireEye Breach Detection Guidance
Update 12/14: Cisco Talos has implemented additional blocks in relation to the supply chain attack on SolarWinds® Orion® Platform. The U.S. Cybersecurity and Infrastructure Security Agency has issued Emergency Directive 21-01 due to this campaign. Talos is continuing to investigate this matter. I...
US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration NTIA, and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The...
US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration NTIA, and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The...
Active Exploitation of SolarWinds Software
The Cybersecurity and Infrastructure Security Agency CISA is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020. CISA encourages affected organizations to read the SolarWinds and FireEye advisori...
Malwarebytes detects leaked tools from FireEye breach
Hello folks! If you have not heard yet, the security firm FireEye has had a breach of many red team assessment tools used for identification of vulnerabilities to help protect customers. While it is not known exactly who was behind this attack, a big concern is the sharing and use of these stolen...
Threat Source newsletter (Dec. 10, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Cyber security firm FireEye recently disclosed an incident that was reported to have resulted in the inadvertent disclosure of various internally developed offensive security tools OSTs that were used across FireEye red-team...
Solorigate/Sunburst : Theft of Cybersecurity Tools | FireEye Breach
Update Jan 5, 2021: New patching section with two new dashboard widgets showing the number of missing FireEye-related patches in your environment and the number of assets in your environment missing one of those patches. Update Dec 23, 2020: Added a new section on compensating controls. Update De...
Cyber Security giant FireEye hacked by a foreign government
By Sudais Asif FireEye has stated that they have been resetting the passwords of users for the previous 2 weeks as a part of its mitigatory actions. This is a post from HackRead.com Read the original post: Cyber Security giant FireEye hacked by a foreign government...
FireEye Hacked
FireEye was hacked by -- they believe -- "a nation with top-tier offensive capabilities": During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security. These tools mimic the behavior of many...
Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen
FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers. The company said it's...