Hot Topics

solarwinds-hack

Timeline of Microsoft Breach by Russian Hackers

Behind The Breach: Microsoft Breach by Russian Hackers

| | APT29, Data breach, Data breaches, FEATURED, identity threat detection and response, ITDR, Microsoft breach, Midnight Blizzard, NOBELIUM, SaaS Security, SaaS security posture, saas security solutions, Security Guidance, solarwinds-hack, SSPM
On 12 January 2024, Microsoft disclosed a critical breach carried out by Russian state-sponsored group, Midnight Blizzard. The threat actor used a password-spraying attack to gain unauthorized access to Microsoft Corporation’s Office ...
Obsidian Security
Impact of SolarWinds Supply Chain Attack

SolarWinds & Accellion Breaches: Supply Chain Attacks Wreaking Havoc

| | Accellion Breach, Cyber Security, Data breach, solarwinds-hack, Supply Chain Attacks, third-party breach
When it comes to cyber security, it’s not possible to pinpoint the biggest threat against organizations globally. However, supply chain attacks are doing their best to earn that honor. In a supply ...
Kratikal Blogs
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

| | A Little Sunshine, CVE-2020-4006, Cybersecurity Infrastructure Security Administration, Democratic National Committee, FBI, fireeye, GoldMax, Lexicon.exe, Microsoft, National Security Agency, National Telecommunications and Information Administration, NTIA, solarwinds-hack, Sunshuttle, The Wall Street Journal, U.S. Commerce Department, U.S. Treasury Department, VirusTotal, VMware
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye ...
Krebs on Security
#Solorigate : SUPERNOVA forensics using Code Property Graph

#Solorigate : SUPERNOVA forensics using Code Property Graph

| | Cybersecurity, DEVOPS, DevSecOps, security, solarwinds-hack
#Solorigate : SUPERNOVA forensics using Code Property GraphThe fallout of SolarWinds compromise has resulted in a bevy of new malware families, each with different characteristics and behaviors.SolarWinds advisory : https://www.solarwinds.com/securityadvisory#anchor2In this post, we will focus ...
ShiftLeft Blog - Medium
A Month of Reckoning for SaaS software creators and consumers

A Month of Reckoning for SaaS software creators and consumers

| | Development, DEVOPS, security, software, solarwinds-hack
An illustration of transitive and deeply connected software supply chainsThe U.S. was caught off guard by foreign interference in the 2016 election. Given the powerful role of social media in political contests, understanding ...
ShiftLeft Blog - Medium
SolarWinds SUNBRUST backdoor investigation using ShiftLeft’s Code Property Graph

SolarWinds SUNBRUST backdoor investigation using ShiftLeft’s Code Property Graph

| | Cybersecurity, dev, DEVOPS, security, solarwinds-hack
If you’ve arrived to this post, I’d suggest reading the Part-1 and Part-2 to gain context.FireEye released additional details here (on December 24th, 2020) that is well worth reading.With the increase of complexity in ...
ShiftLeft Blog - Medium