08 Nov 2022

SolarWinds Faces Potential SEC Enforcement Act Over Orion Breach

The US Securities and Exchange Commission (SEC) is allegedly pursuing law enforcement action against SolarWinds due to an infamous data breach that impacted the company in 2019. According to the SEC, SolarWinds violated federal securities laws when disclosing the data breach and releasing statements. The breach, which was reported in

Read More
30 Aug 2022

Russian hackers gain powerful ‘MagicWeb’ authentication bypass

Nobelium, a highly active Russian threat actor, has a new technique for bypassing authentication, according to Microsoft. The notorious hacking group behind the 2020 SolarWinds supply chain attack has created a new technique that allows the threat actor to maintain a firm position on a corporate network even as IT

Read More
08 Dec 2021

SolarWinds Attackers Spotted Using New Tactics, Malware

The Russian threat actors behind the SolarWinds attacks, which Microsoft refers to as Nobelium, are allegedly conducting attacks using new tactics and malware. Just one year after the devastating SolarWinds supply-chain attacks, the perpetrators are compromising global businesses and government targets with the new malware, stealing data and moving laterally

Read More
29 Sep 2021

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor

Microsoft has warned that the Nobelium APT is currently compromising single-sign-on services to install a post-exploitation backdoor. The backdoor maintains network persistence and steals data from victims. Nobelium, the threat actors behind the SolarWinds supply-chain attacks, are using a backdoor called FoggyWeb to conduct the attacks. The attacks target Active

Read More
02 Aug 2021

SolarWinds attackers breached email of US prosecutors, says Department of Justice

A new update to the SolarWinds attack has revealed that hackers breached the email accounts of US prosecutors, boasting access to the accounts for several months. Several top US intelligence agencies have confirmed that the attacks were likely the work of Russian state-sponsored hackers. US President Joe Biden has initiated

Read More
13 Jul 2021

SolarWinds Discloses Zero-Day Under Active Attack

SolarWinds has issued an advisory over a new vulnerability being actively attacked that is not related to the major supply chain attack discovered in December 2020. The company has since developed a hotfix that addresses the flaw and urges its customers to implement the patch immediately. The vulnerability lies in

Read More
28 Jun 2021

SolarWinds attack cost affected US companies an average of $12 million

A new study from IronNet that surveyed 473 security IT decision-makers found that the SolarWinds attacks cost US companies an average of $12 million. Although the attack pushed security teams to increase network defenses, most companies affected by the attack have suffered from recent attacks as well. In the 2021

Read More
17 Apr 2021

Cyber Retaliation Needs to Be Decisive, Swift, and Meaningful

On 15 April the Biden Administration formally attributed the Solar Winds attacks to Russia’s Foreign Intelligence Service, the SVR.  Soon thereafter they issued several directives implementing sanctions against Russia and some Russian related business leaders. The fall out from these actions is still underway and we will continue to track and assess how these matters could impact business and government strategies and decision-making. This post provides context important in assessing why any cyber retaliation needs to be both quick and meaningful.

Read More
16 Apr 2021

US Formally Attributes SolarWinds Attack to Russian Intelligence Agency

Russia’s Foreign Intelligence Service, SVR, has been officially blamed for the cyberattack on SolarWinds by the Biden administration. Sanctions against a number of IT security firms that helped enable the attack and other malicious cyber activities have been implemented. Positive Technologies and other smaller IT security firms were placed on

Read More
31 Mar 2021

As Their Ties Strengthen, Will Iran and Russia Coordinate Their Influence Campaigns?

Iran and Russia have a relationship that has wavered between strong mutual support and contention.  Currently, the two have drawn closer having the same strategic goal – offsetting U.S. influence in the Middle East.  Russia provides Iran with significant economic and military support. With sanctions applied against Iran by the United States and Europe, Tehran has forged closer economic ties with Moscow, highlighted by Iran’s joining a free trade agreement with the Eurasian Economic Union, of which Russia is prominent member. This post dives into what CEOs and other business leaders should know about this geopolitical dynamic.

Read More