TechTalk

MAY 7, 2021

SolarWinds attack renews push for a federal breach notification law The coming into effect of the EU’s GDPR across the pond gave fresh impetus to calls for a federal breach notification law in the United States. Those calls are only growing louder in the aftermath of the unprecedented and massive SolarWinds attack.

Data 64

Data 64

Palo Alto Networks

DECEMBER 17, 2020

Since learning of the SolarWinds supply chain attack last weekend, security teams everywhere have been scrambling to determine whether they were compromised by the “SolarStorm” attacks. Recently, we experienced an attempt to download Cobalt Strike on one of our IT SolarWinds servers. They’re right to pay attention.

Network 98

Network Infrastructure Resources Government 98

Kaseya

JUNE 2, 2020

However, in this blog, we’ll be looking at some key features of Kaseya VSA that gives it an edge over its peers. The level of what you can automate in VSA is far superior to SolarWinds N-central”, says Elliot Stirn, IT Managed Services Supervisor at Circle Computer Resources. “The Is it the best RMM out there? Powerful Automation.

Backup 99

Backup Mobile Scalability Software Review 99

Tenable

DECEMBER 16, 2020

The most profound fallout from the SolarWinds hack can't be measured by the number of companies affected or the number of records stolen. Tenable does not use the SolarWinds Orion platform. The ripple effects of the SolarWinds breach will be felt across our industry for some time to come. Here's what I've learned so far. .

Software Review 98

Software Review Systems Review Technical Review Software Development 98

TechSoup

DECEMBER 23, 2020

The attack occurred as a result of a compromise in the SolarWinds Orion IT monitoring and management software. This blog post is intended to provide our community a summary of the incident and some helpful resources to understand the potential impact on your organization and your network.

Nonprofit 94

Nonprofit Resources Network Software 94

TechTalk

DECEMBER 22, 2020

With the recent directive issued by the US CISA to disconnect or power down SolarWinds Orion, it is important to note that simply powering down does not help in the continued protection of the networks, operating systems, and applications which run on these networks.

Operating System 69

Operating System Network Applications System 69

Ivanti

APRIL 4, 2021

The SolarWinds exploits have been widely reported, fully covered, and basically as we would say in Aussie – Done to Death Mate. Exhibit A is of course the SolarWinds attack. Implementing the above rules will stop attacks like the SolarWinds one in its tracks. Trusted Applications can still do bad stuff.

Windows 52

Windows Applications System Training 52

Palo Alto Networks

DECEMBER 21, 2020

Instead of winding down at the end of the year, already strapped security teams were scrambling over the last week to ensure their organizations are safe in the wake of the SolarWinds disclosure. Attackers got in via a compromise of the Orion software build system – up to 18,000 customers of SolarWinds then unknowingly let them in.

Pharmaceuticals 96

Pharmaceuticals Government Infrastructure Firewall 96

Samanage

DECEMBER 16, 2019

Starting, well, as of this post you’re currently reading, there will be no new blog content on this site. Moving forward, you can find your regular supply of ITSM best practices, industry trends, insights, and more on our brand new ITSM section of the SolarWinds tech blog, Orange Matter. Don’t shed a tear just yet.

Systems Administration 10

Systems Administration Resources Trends Network 10

Darktrace

JANUARY 7, 2021

This blog explains how activity related to the SolarWinds hack can be detected without the use of signatures, and why a self-learning approach is the best possible mechanism to catch this Advanced Persistent Threat.

59

59

Tenable

MAY 9, 2023

In this blog, we examine one of those blind spots: the gap in time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database (NVD). 298 Solarwinds 12 67 18% 69 Suse Linux 216 3,5611 6.1% 298 Solarwinds 12 67 18% 69 Suse Linux 216 3,5611 6.1% 21 Amazon 368 5,342 6.9%

Organization 52

Organization Research Linux Software 52

SecureWorks

JANUARY 5, 2021

Update to SolarWinds Threat: Identity is the New Perimeter Update to our December 15th blog: Secureworks’ Response to Recent Nation-State Cyberattacks. Update to our December 15th blog: Secureworks’ Response to Recent Nation-State Cyberattacks.

56

56

Tenable

JANUARY 19, 2022

In 2020 we were disrupted by the NOBELIUM cyberespionage campaign that targeted organizations through SolarWinds in December , and of course in 2021 it was the exposition of the Log4Shell vulnerability. Context surrounding the surge in supply chain attacks in the wake of the NOBELIUM SolarWinds incident. Get more information.

Systems Review 52

Systems Review Report Windows Metrics 52

Darktrace

JANUARY 6, 2021

This blog explains how activity related to the SolarWinds hack can be detected without the use of signatures, and why a self-learning approach is the best possible mechanism to catch this Advanced Persistent Threat.

52

52

SecureWorks

JANUARY 5, 2021

Update on SolarWinds Threat: Identity is the New Perimeter Update to our December 15th blog: Secureworks' Response to Recent Nation-State Cyberattacks. Update to our December 15th blog: Secureworks’ Response to Recent Nation-State Cyberattacks.

49

49

Palo Alto Networks

FEBRUARY 9, 2021

Still, we urge organizations to remain vigilant against attackers utilizing advanced tactics to remain undetected, as exhibited by the SolarWinds attacks. The post Exposing the Sophisticated Cyber Espionage Tool Known as BendyBear appeared first on Palo Alto Networks Blog.

Tools 97

Tools Malware Software Review Firewall 97

Palo Alto Networks

JUNE 1, 2023

Devin explains more in this short video clip: Johnstone also highlights the rise of supply chain attacks, such as the SolarWinds incident, where attackers target organizations connected to the true victims. The post Cracking the Code — How Machine Learning Supercharges Threat Detection appeared first on Palo Alto Networks Blog.

Artificial Inteligence 82

Artificial Inteligence Machine Learning Exercises ChatGPT 82

Cloudera

AUGUST 17, 2023

Binaries are extremely hard to take apart once assembled, making them a great place to inadvertently or even overtly hide malware, as proven by Solarwinds , Kaseya , and 3CX. The post How to Ensure Supply Chain Security for AI Applications appeared first on Cloudera Blog.

Artificial Inteligence 71

Artificial Inteligence Applications ChatGPT Open Source 71

Tenable

JULY 28, 2023

This blog is informational in nature and is not intended to replace the guidance of your organization's legal and governance teams. For example, last month the SEC sent a Wells notice to a number of SolarWinds executives, including the CISO, two-and-a-half years after the SolarWinds breach.

Technical Review 52

Technical Review Systems Review Compliance Report 52

Tenable

JUNE 14, 2021

In most cases (see SolarWinds and XingLocker), Active Directory (AD) is targeted so the attacker can easily distribute the ransomware after obtaining domain privileges. Read the Active Directory blog posts ?. There are, however, ways to help secure Active Directory to prevent ransomware from succeeding.

How To 101

How To Policies Groups Internet 101

Palo Alto Networks

MARCH 10, 2021

When watershed SolarWinds attacks hit in December, I urged organizations to redouble efforts to secure their networks. It was a wakeup call – SolarWinds exposed security weaknesses in organizations that would only be compounded now that we’re all so reliant on technology. . Less than three months later, here we are again.

Weak Development Team 60

Weak Development Team Guidelines Machine Learning Artificial Inteligence 60

Palo Alto Networks

MARCH 17, 2021

Although the recent attacks on SolarWinds and Microsoft Exchange users will go down in history, this report reminds us that ransomware remains the most pernicious cyberthreat. The post The Ransomware Threat: Bigger, Greedier, Attacking the Most Vulnerable appeared first on Palo Alto Networks Blog. Don’t Panic.

Technical Review 96

Technical Review Systems Review Report Malware 96

Palo Alto Networks

MAY 13, 2021

SolarWinds Supply Chain Attack : Addressing one of the most nefarious cyberattacks in recent history, Cortex XDR successfully blocked the SolarStorm attack , leveraging our Behavioral Threat Protection engine. The post Cortex XDR Rides The Forrester Wave as a Leader appeared first on Palo Alto Networks Blog.

IoT 61

IoT Network Report Strategy 61

Tenable

APRIL 27, 2021

Recent events, including the SolarWinds breach and the Microsoft Exchange hack, emphasize the need for Active Directory security. Learn more: Read the blog: Disrupting the Pervasive Attacks Against Active Directory and Identities. Find out more about Tenable.ad here: [link].

Weak Development Team 100

Weak Development Team Malware Authentication Infrastructure 100

Palo Alto Networks

SEPTEMBER 28, 2021

With the growing threat of supply chain attacks, as evidenced by recent high-profile breaches like SolarWinds and Kaseya VSA , Palo Alto Networks Unit 42 cloud threat researchers sought to understand these types of attacks in order to help organizations protect against them. Unit 42 Cloud Threat Report, 2H 2021 Available Now.

Research 81

Research Cloud Software Exercises 81

Tenable

JULY 14, 2022

Attacks against the software supply chain, such as the 2020 breach of the SolarWinds Orion platform , have upped the ante by targeting the auto-update features of a vendor’s software. The recent attacks and threats discussed in this blog are critical and sophisticated. Remote code execution (RCE) vulnerability in the SolarWinds Serv-U.

Infrastructure 52

Infrastructure Transportation Internet System 52

Palo Alto Networks

JUNE 1, 2021

On May 27, 2021, Microsoft reported a wide scale spear phishing campaign attributed to APT29, specifically the associated group Nobelium, the same threat actor responsible for the SolarWinds campaign named SolarStorm. The post Cortex XSOAR for Nobelium Spear Phishing Attacks Rapid Response appeared first on Palo Alto Networks Blog.

Firewall 73

Firewall Games Network Research 73

Tenable

APRIL 16, 2024

But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. As has become crystal clear in recent years thanks to events like Log4j’s Log4Shell vulnerability and the SolarWinds breach, software supply chain security is critical.

Software Review 68

Software Review Software Systems Review Guidelines 68

Tenable

MAY 12, 2021

In a 2017 blog post , Kindervag wrote: "Trust is no different from a vulnerability in Apache Struts. security gaps in the software supply chain in order to prevent the next SolarWinds-style attack. . Read the blog: Tenable and the Path to Zero Trust. Learn more.

Exercises 73

Exercises Telecommunications Organization Research 73

Prisma Clud

MAY 18, 2023

From SolarWinds, CodeCov, Travis-CI and CircleCI, it’s clear that bad actors recognize the effectiveness of abusing the CI/CD pipeline. The post AppSec for the Modern Engineering Ecosystem appeared first on Palo Alto Networks Blog.

Engineering 52

Engineering Software Review Technical Review Weak Development Team 52

Tenable

MARCH 1, 2024

APT29, also known as the Dukes, CozyBear and Nobelium/Midnight Blizzard, was responsible for the SolarWinds supply chain attack and other high-profile hacks against targets including Microsoft and Hewlett-Packard Enterprise.

Artificial Inteligence 75

Artificial Inteligence Malware Generative AI Government 75

Kaseya

AUGUST 2, 2023

Because DNS information can be referenced for historical purposes, we can also see whether users or devices were previously exposed when threats are revealed, such as in the SolarWinds hack. DNS filtering from OpenText Cybersecurity At the end of the day, Managed Service Providers (MSPs) have more challenges than ever before with our new remote (..)

Wireless 52

Wireless Malware Network Firewall 52

Palo Alto Networks

JUNE 20, 2023

Threat Intelligence Sharing Success Stories Over the past few years, events such as the attacks on SolarWinds and Colonial Pipeline or the Log4j vulnerability inspired a new emphasis on operational collaboration. The post We Can’t Do It Alone: Sharing Threat Intelligence Makes Everyone Safer appeared first on Palo Alto Networks Blog.

Government 52

Government Network Policies Software Review 52

Lacework

FEBRUARY 7, 2024

In this blog, we’ll explore the motivations of bad actors, the top threats the Lacework Labs team is seeing, and practical ways to lock down your cloud and protect your data. Real-world incidents, such as the SolarWinds breach, have demonstrated the widespread and potentially devastating impact of these attacks.

Weak Development Team 109

Weak Development Team Malware Cloud Internet 109

Tenable

JULY 15, 2022

That’s the question Tenable Senior Research Manager Giuliana Carullo tackles in her blog “ Securing Critical Infrastructure: What We've Learned from Recent Incidents. Remote code execution (RCE) vulnerability in the SolarWinds Serv-U. The State of OT Security, a Year Since Colonial Pipeline ” (blog). “ Heartbleed. CVE-2020-1472.

Weak Development Team 53

Weak Development Team Government Infrastructure Architecture 53

Tenable

NOVEMBER 29, 2022

In this blog, we explore these eight common cloud security concerns: The shared responsibility model. In a previous blog post, Tenable CTO Glen Pendley detailed three key takeaways all infosec leaders should consider about the shared responsibility model to ensure organizations are meeting their security obligations as a part of the model.

Applications 52

Applications Cloud Software Review Systems Review 52

CTOvision

OCTOBER 2, 2013

Additionally, the report includes an interview with Dan Lohrmann, Chief Information Security Officer, Michigan, an overview of the federal government cybersecurity landscape, interviews with industry experts from Dell, Juniper Networks, SolarWinds and Symantec.

Security 77

Security Report Systems Review Technical Review 77