Posts

SolarWinds Hack Underscores Need For ‘Moving To The Cloud’


The massive SolarWinds hack that ensnared Microsoft and thousands of SolarWinds customers underscores the importance of implementing zero trust architecture and migrating to the cloud, according to Microsoft CEO Satya Nadella.

“What SolarWinds shows is the importance … of moving to the cloud,” Nadella told CRN in an exclusive interview before Microsoft was hit by separate attacks on its on-premises Exchange Server. “A lot of the SolarWinds attack surface is because of the trust relationships sometimes that get established between the weak portions of your on-premise infrastructure—where you don’t have the operational security posture … or even when the systems are not patched—and then your cloud, and then you can sort of propagate laterally.”

Microsoft has called the SolarWinds cyberattack, identified in December, “the largest and most sophisticated attack the world has ever seen” from a software engineering perspective. Suspected Russian intelligence attackers injected malicious code into Austin, Texas-based SolarWinds’ Orion network monitoring platform that was downloaded into as many as 18,000 of its customers’ computer networks. That enabled hackers to breach at least nine federal government agencies and 100 private firms.

[RELATED: Microsoft CEO Satya Nadella’s Plan To Unlock ‘Trillions Of Dollars’ In Partner Opportunity]

The hackers used a compromised internal Microsoft account to view source code in certain Microsoft repositories and download some of that code related to Microsoft Azure, Intune and Exchange, according to Microsoft, which spends $1 billion-plus annually on its security. The compromised Microsoft account didn’t have permissions to modify any code or engineering system, and none of the code was altered, Microsoft said. After gaining access to organizations’ on-premises networks, the hackers targeted their federated identity solutions and leveraged ill-gotten privileged access and forged authentication tokens to “move laterally” to Azure Active Directory and Microsoft 365 cloud environments, according to the U.S. Cybersecurity and Infrastructure Security Agency.

“Microsoft technology was not compromised…

Source…

Cybersecurity training startup Hack The Box raises $10.6M Series A led by Paladin Capital – TechCrunch

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Cybersecurity training startup Hack The Box, which emerged originally from Greece, has raised a Series A investment round of $10.6 million, led by Paladin Capital Group and joined by Osage University Partners, Brighteye Ventures and existing investors Marathon Venture Capital. It will use the funding to expand. Most recently it launched Hack The Box Academy.

Started in 2017, Hack The Box specializes in using “ethical hacking” to train cybersecurity techniques. Users are given challenges to “attack” virtual vulnerable labs in a simulated, gamified and test environment. This approach has garnered more than 500,000 platform members, from beginners to experts, and brought in around 800 organizations (such as governments, Fortune 500 companies, and academic institutions) to improve their cyber-adversarial knowledge.

Haris Pylarinos, Hack The Box co-founder and CEO said: “Everything we do is geared around creating a safer internet by empowering corporate teams and individuals to create unbreakable systems.”

Gibb Witham, senior vice president, Paladin Capital Group, commented: “We’re excited to be backing Hack The Box at this inflection point in their growth as organizations recognize the increasing importance of an adversarial security practice to combat constantly evolving cyber attacks.”

Hack The Box competes with Offensive Security, Immersive Labs, INE and eLearnSecurity (acquired by INE).

Hack The Box is using a SaaS business model. In the B2C market it provides monthly and annual subscriptions that provide unrestricted access to the training content and in the B2B market, it provides bi-annual and annual licenses which provide access to dedicated adversarial training environments with value-added admin capabilities.

Source…

Senators want federal government to take accountability for SolarWinds hack


The leadership of the Senate Homeland Security and Governmental Affairs Committee wants the Biden administration to take accountability and provide more information on the SolarWinds hack of computer network management software afflicting the government.

The federal government has said the hack — publicly disclosed last year — compromised nine federal agencies, but the Democratic and Republican leaders of the homeland security committee want more details about whose accounts and systems were compromised.

Sens. Gary Peters, Michigan Democrat, and Rob Portman, Ohio Republican, wrote to the Office of Management and Budget expressing concern that the federal government has not properly taken accountability for the SolarWinds hack. 

“It is important that there be a single point of accountability for leading response efforts to prevent confusion and duplication. We are concerned this level of accountability is currently lacking,” wrote Mr. Peters and Mr. Portman to OMB’s federal chief information security officer Christopher DeRusha.

The duo requested OMB provide a list of roles and responsibilities for cybersecurity across the federal government so the senators can understand who has responsibility for…

Source…

Scammers are using fake antivirus bills to hack your computer

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Email security firm Vade Secure uncovered an ongoing tech-support scam that uses fake antivirus invoices to trick users into enabling remote access to their computers.

The news is the latest in a surge in the number of tech-support scams that begin by circulating fake invoices for well-known security software, with Malwarebytes sharing details about one such incidient recently.

Source…