#FireEye

SwiftOnSecurity

SwiftOnSecurity

The SolarWinds hack is a fundamental challenge, but I went into work yesterday focused on the same basics.This may be a game-changer for policy and industry, but the essentials are

Elena RN ❦

Ek7_PRN

THREAD: Corrupted software provided by SolarWinds Worldwide LLC, and its connection with Dominion Voting Systems, casts shadow on the security of electronic voting systems used in 2020 Elections.Shoutout to @SpyGateDown

Lee Foster

LeeFosterIntel

Today, in between all the election craziness, the DOJ seized more Iranian domains that were used to push disinfo to not just American, but global audiences: https://www.justice.gov/opa/pr/united-states-seizes-27-additional-domain-names-used

Alisha Grauso

AlishaGrauso

I don't actually think we're talking enough about how bad this is. Or connecting the dots between Trump failing to adequately staff important positions, then firing everyone and installing clueless

Nadiya Kostyuk

NadiyaKostyuk

Even though it could take months to estimate the extent of damage, what do we know so far about the biggest cybersecurity attack in years on SolarWinds? 1/n SolarWinds' security

John Basham 🇺🇲

JohnBasham

FLASH: "Emergency Directive 21-01 calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately."-@CISAgov Read more: http://cisa.go

Eric Geller

ericgeller

Can we just have one quiet weekend...https://twitter.com/Bing_Chris/status/1338194968389840897 Can confirm @Bing_Chris's report that several federal agencies incl NTIA are investigating breaches seemingly tied to nation-state hackers.&q

Alex Gough

quidity

Few steps are needed to turn this access into an effective cyberweapon. Gathering information was more important in this case, but also probably triggered the investigation. What will we call

Kim Zetter

KimZetter

I have report from Microsoft about SolarWinds hack, including IoCs. Excerpts in this thread: "Microsoft security researchers recently discovered a sophisticated attack where an adversary inserted malicious code into a

Sean Lyngaas

snlyngaas

ICYMI. Yesterday was a wild day of infosec news. Allow me to recap our coverage: Dragos raised $110M from the investment arms of Koch Industries, Saudi Aramco and others. ICS

Jake

JCyberSec_

So where are we with SolarWinds Orion and what have we learnt since the original disclosure. A thread to pull public information together...1/n#SolarWinds #SolarWindsOrion A good thread to get a

Pete Bryan

MSSPete

@Mandiant have produced a great report on responding to the #Solorigate/#UNC2452 actor.It has some really useful guidance on detection and response that everyone should read (the guidance is much more

Jake Williams

MalwareJake

Okay folks, let’s talk about SolarWinds.For those not familiar with it, SolarWinds is a network management system (NMS). It’s probably the most ubiquitous NMS out there, so we shouldn’t jump

Lulu Friesdat

LuluFriesdat

#SolarWinds hack. Thread.1. Dominion Voting Systems, a voting machine vendor used in #Election2020, is a Solar Winds client. It does not use Orion, the product at the center of the

John Scott-Railton

jsrailton

MAJOR REPORT: zero-click #0day in #iMessage used to infect 36 ppl @Aljazeera w/ NSO spyware. We attribute to UAE & Saudi Arabia w/medium confidence. THREAD https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-n

Cyber Statecraft

CyberStatecraft

Since 2010, there have been at least 31 distinct attacks targeting updates in the software supply chain, of which 17 compromised build servers or altered code. Of those, more than

By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.