Microsoft has had a rough few years of cybersecurity incidents. It found itself at the center of the SolarWinds attack nearly three years ago, one of the most sophisticated cybersecurity attacks we’ve …
SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures
On Monday the Securities and Exchange Commission (SEC) has filed charges against SolarWinds and its Chief Information Security Officer (CISO) Timothy G. Brown, alleging that the software company …
Continue Reading about SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures
SolarWinds Patches High-Severity Flaws in Access Rights Manager
SolarWinds released patches for eight high-severity vulnerabilities in its Access Rights Manager (ARM) software. Three of the vulnerabilities (CVE-2023-35182, CVE-2023-35185, and CVE-2023-35187) were …
Continue Reading about SolarWinds Patches High-Severity Flaws in Access Rights Manager
SolarWinds Faces Potential SEC Enforcement Act Over Orion Breach
The US Securities and Exchange Commission (SEC) is allegedly pursuing law enforcement action against SolarWinds due to an infamous data breach that impacted the company in 2019. According to the SEC, …
Continue Reading about SolarWinds Faces Potential SEC Enforcement Act Over Orion Breach
Russian hackers gain powerful ‘MagicWeb’ authentication bypass
Nobelium, a highly active Russian threat actor, has a new technique for bypassing authentication, according to Microsoft. The notorious hacking group behind the 2020 SolarWinds supply chain attack has …
Continue Reading about Russian hackers gain powerful ‘MagicWeb’ authentication bypass
SolarWinds Attackers Spotted Using New Tactics, Malware
The Russian threat actors behind the SolarWinds attacks, which Microsoft refers to as Nobelium, are allegedly conducting attacks using new tactics and malware. Just one year after the devastating …
Continue Reading about SolarWinds Attackers Spotted Using New Tactics, Malware
SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor
Microsoft has warned that the Nobelium APT is currently compromising single-sign-on services to install a post-exploitation backdoor. The backdoor maintains network persistence and steals data from …
Continue Reading about SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor
SolarWinds attackers breached email of US prosecutors, says Department of Justice
A new update to the SolarWinds attack has revealed that hackers breached the email accounts of US prosecutors, boasting access to the accounts for several months. Several top US intelligence agencies …
SolarWinds Discloses Zero-Day Under Active Attack
SolarWinds has issued an advisory over a new vulnerability being actively attacked that is not related to the major supply chain attack discovered in December 2020. The company has since developed a …
Continue Reading about SolarWinds Discloses Zero-Day Under Active Attack
SolarWinds attack cost affected US companies an average of $12 million
A new study from IronNet that surveyed 473 security IT decision-makers found that the SolarWinds attacks cost US companies an average of $12 million. Although the attack pushed security teams to …
Continue Reading about SolarWinds attack cost affected US companies an average of $12 million