To print this article, all you need is to be registered or login on Mondaq.com.
On Sunday, December 13, 2020, SolarWinds announced that it had learned of a highly
sophisticated, manual supply chain attack by a nation state
affecting its Orion Platform, which is used by a wide variety of
public and private sector organizations for IT infrastructure
monitoring and management. In this attack, adversaries were able to
compromise the Orion software build system for certain versions of
the software, and trojanized software updates were distributed to
customers between March and June 2020. According to SolarWinds,
this attack may affect as many as 18,000 customers. As a result of
To embed, copy and paste the code into your website or blog:
On Sunday, December 13, 2020, SolarWinds announced that it had learned of a “highly sophisticated, manual supply chain attack” by a nation state affecting its Orion Platform, which is used by a wide variety of public and private sector organizations for IT infrastructure monitoring and management. In this attack, adversaries were able to compromise the Orion software build system for certain versions of the software, and trojanized software updates were distributed to customers between March and June 2020. According to SolarWinds, this attack may affect as many as 18,000 customers. As a result of this attack, several key government agencies have reported that hackers were able to break into their networks, including the Department of Homeland Security (DHS), as well as the Commerce and Treasury Departments. The Cybersecurity and Infrastructure Security Agency (CISA) within DHS has advised that both public and private
Kremlin-backed hackers breach US Treasury and Commerce: by Tyler Van Dyke ruthfullyyours.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from ruthfullyyours.com Daily Mail and Mail on Sunday newspapers.
FireEye made the shocking disclosure Tuesday that it suffered a security breach in what’s believed to be a state-sponsored attack designed to gain information on some of the company’s government customers. The attacker was able to access some of FireEye’s internal systems but apparently didn’t exfiltrate data from the company’s primary systems that store customer information, the threat intelligence vendor said.
The threat actor, however, stole FireEye’s Red Team security assessment tools, and FireEye said it isn’t sure if the attacker plans to use the stolen tools themselves or publicly disclose them.
This isn’t the first nation-state attack against a cybersecurity vendor or even the first hacker to get access to FireEye corporate documents. The attackers were focused on folks doing work across many different governments and not just the US Government, FireEye CEO Kevin Mandia told investors last week. But it is the first time in many years that powerful hacking
Russian government hackers are behind a broad espionage campaign that has compromised U.S. agencies, including Treasury and Commerce msn.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from msn.com Daily Mail and Mail on Sunday newspapers.