Page 5 - Message Read News Today : Breaking News, Live Updates & Top Stories | Vimarsana

(Source: Mike via Flickr) The SolarWinds supply chain attack should prompt federal agencies and others to rethink how they approach security issues - especially identity and access management, according to a breakdown of the attack presented this week by the National Institute of Standards and Technology and the U.S. Cybersecurity and Infrastructure Security Agency. At NIST s Information Security and Privacy Advisory Board meeting, Jay Gazlay, a technical strategist with CISA who has been examining the attack since it was first disclosed in December 2020, presented an analysis of what the agency has learned about the attack to date. That included a detailed timeline of how the hackers implanted a backdoor in a software update for SolarWind s Orion network monitoring platform. The update with the backdoor was eventually installed by about 18,000 of the company s customers.

United statesSolarwind orionAttackscott fergusonBryan ormeJay gazlayOwner in exchangeMicrosoft officeAmazon web servicesNational checklist program repositoryExchange commissionNational institute of standardsInfrastructure security agencyLive oak bank tackles cloud securitySimple storage serviceRisk managementAccess management