The Cybersecurity and Infrastructure Security Agency released an advisory Wednesday warning that a Russian military intelligence unit has been actively exploiting a
Singtel is among the latest victims of a breach tied to Accellion s File Transfer Appliance.
Two more breaches have been tied to the vulnerable 20-year-old Accellion File Transfer Appliance. The latest victims are Singapore telecom company Singtel and Australian medical research institute QIMR Berghofer.
Singtel reports that it s working closely with the Cyber Security Agency of Singapore after a breach of its Accellion FTA system, which it uses to share information internally and externally.
In a blog post on Thursday, Singtel said it was informed by Accellion that FTA had been attacked by unidentified hackers. We are currently conducting an impact assessment with the utmost urgency to ascertain the nature and extent of data that has been potentially accessed. Customer information may have been compromised, Singtel says.
Anne Neuberger will now oversee the investigation into the SolarWinds supply chain attack.
The Biden administration has appointed Anne Neuberger, the deputy national security adviser for cyber and emerging technology, to coordinate the investigation into the cyberattack that targeted SolarWinds and other organizations, following criticism from two senators that the probe has lacked coordination and transparency.
On Wednesday, Emily Horne, a spokeswoman for the National Security Council. confirmed Neuberger was coordinating the ongoing investigation by the Cyber Unified Coordination Group, which includes four agencies. In the first weeks of the Biden administration, Neuberger has held a series of consultations with both Democratic and Republican members of Congress on our approach to SolarWinds specifically and our cybersecurity strategy broadly, she said. We look forward to continuing to work with Congress on these issues.
Democratic Sen. Mark Warner of Virginia (left) and Republican Sen. Marco Rubio of Florida
See update on the Biden administration s appointment of a leader for SolarWinds supply chain attack investigation.
Citing a lack of coordination and transparency, U.S. Sens. Mark Warner and Marco Rubio of the Intelligence Committee are urging the four federal agencies investigating the cyberattack that targeted SolarWinds and other organizations to designate a leader for their investigative efforts. The threat our country still faces from this incident needs clear leadership to develop and guide a unified strategy for recovery, in particular a leader who has the authority to coordinate the response, set priorities and direct resources to where they are needed, the two senators say.
Get Permission Microsoft s security team says the company s Office 365 suite of products did not serve as an initial entry point for the hackers who waged the SolarWinds supply chain attack.
And SolarWinds CEO, in a new blog, says the company has not identified a specific vulnerability in Office 365 that would have allowed the threat actor to enter our environment. The incident, he says, involved the compromise of an email account through the theft of credentials.
Microsoft also points to credential theft. In our investigations to date, data hosted in Microsoft services - including email - was sometimes a target in the [SolarWinds-related] incidents, but the attacker had gained privileged credentials in some other way, according to Microsoft s security team, which published a blog Thursday.