Security Vendors Understate Risks in Senate Hearing on SolarWinds
Satya Gupta, Founder and CTO, Virsec The US Senate Cyber Intelligence Committee held a hearing on the SolarWinds attack on February 24, 2021. Senator Warner (Chairman), Senator Rubio (Vice Chairman) and several other ranking Senators heard testimony from three cyber vendors, FireEye, Microsoft and CrowdStrike as well as from ... Read More
Health Care Remains a Prime Target for Ransomware Attacks
It’s easy to be distracted by the flood of other distressing news each day, but the FBI, CISA and HHS recently urged the health care industry to stay on high alert for malware; especially ransomware attacks. The FBI’s warning included the statement, “We found that 66 percent of hospitals do ... Read More
The Real Culprit Behind SolarWinds: Remote Code Execution
In the ongoing aftermath of the devastating SolarWinds breaches, a lot of attention has focused on who did it (Russian hackers) and how they broke in (corrupting software updates from SolarWinds). While this is interesting, it’s not all that useful for security professionals trying to stop the next Remote Code ... Read More
Important Take-Aways from the SolarWinds Attack
Satya Gupta, Founder and CTO, Virsec In our ongoing analysis of the SolarWinds attack and fallout, following are recommendations for best practices that should be followed to reduce the risk of attack. Download our Technical Brief: Taxonomy of The Attack on SolarWinds and Its Supply Chain IT Best Practices 1 ... Read More
Analyzing the SolarWinds Kill Chain
Satya Gupta, Founder and CTO, Virsec The recent attacks on government agencies and enterprises delivered through SolarWinds, used a complex series of steps to infiltrate the SolarWinds development supply chain, deliver malware to thousands of SolarWinds customers through benign-looking software updates, open back doors for malicious actors, and steal sensitive ... Read More
Analysis of the SolarWinds Supply Chain Attack
Satya Gupta, Founder and CTO, Virsec Note: Given the severity of the ongoing SolarWinds attack, Virsec will be providing a range of expert analysis, technical deep dives, demos, and recommendations for enterprises trying to adapt to this new threat environment. As new information becomes available, we will continue to update ... Read More