Tag Archive for: SolarWinds

Here Are 24 Reported Victims Of The SolarWinds Hack (So Far)

/in



photo

Cisco

Internal machines used by Cisco researchers were targeted via SolarWinds as the impact of the colossal hacking campaign on the tech sector became apparent, Bloomberg reported Friday. Roughly two dozen computers in a Cisco lab were compromised through malicious updates to SolarWinds’ Orion network monitoring platform, according to Bloomberg, citing a person familiar with the incident.

The San Jose, Calif.-based networking giant told CRN its security team moved quickly to address the issue, and that there isn’t currently any known impact to Cisco offers or products. Cisco told CRN there’s no evidence at this time to indicate customer data has been exposed as a result of the compromise.

“While Cisco does not use SolarWinds Orion for its enterprise network management or monitoring, we have identified and mitigated affected software in a small number of lab environments and a limited number of employee endpoints,” Cisco said in a statement. “We continue to investigate all aspects of this evolving situation with the highest priority.”


 











 








Source…

Five Solution Providers Breached By SolarWinds Hackers: Researchers

/in


Deloitte, Stratus Networks, Digital Sense, ITPS and Netdecisions were breached via SolarWinds and then specifically targeted by the hackers for additional internal compromise, according to a cybersecurity consultancy.

The Sweden-based firm, Truesec, analyzed the malware — as well as historical network data — to determine which firms were explicitly selected by the SolarWinds hackers for further activities, meaning that additional internal compromise could have taken place. Nearly 18,000 firms were compromised via SolarWinds Orion, but many fewer were targeted in the attack’s second stage.

“The impact of this attack is likely to be of gigantic proportions,” Fabio Viggiani, technical lead for Truesec security team, wrote in a blog post Thursday. “The full extent of this breach will most likely never be communicated to the public, and instead will be restricted to trusted parts of the intelligence community.”

[Related: Top Treasury Email Accounts Exposed In SolarWinds Hack: Report]

Deloitte, Stratus Networks, Digital Sense, ITPS and Netdecisions did not immediately respond to requests for comment from CRN. The Wall Street Journal reported Monday that Deloitte was infected in late June by a malicious SolarWinds Orion update, and the company told CRN that it “has taken steps to address” the malware but hasn’t “observed indications of unauthorized access to our systems at this time.”

Viggiani told CRN that the nearly 18,000 SolarWinds Orion backdoors have a certain communication protocol based on logic the hackers implemented in the malware. Based on requests made and responses sent over the network, Viggiani said Truesec could in certain cases figure out the internal name of the infected system as well as the responses sent back from the hacker’s servers.

Truesec took 1,500 DNS cache requests from the past few months to determine the internal domain the system was registered as well as how the hackers responded to the intrusion. The hackers most commonly gave three instructions, Viggiani said: terminate the execution when the target isn’t of interest; hold off and wait for further instruction; and proceed to the second stage of the attack.

The…

Source…

Loptr CEO Discusses Solarwinds Breach and How to Stay Safe

/in


A recent cyberattack on Solarwinds compromised information from thousands of companies, prompting concerns across the country.

From March through December, hackers broke into the Solarwinds system and placed malware on the programs of 18,000 companies.

So how do you stay safe online and protect yourself from security breaches? Spectrum News spoke to the CEO of a computer security service to find out.

Loptr Founder and CEO Dave Newell said companies should monitor their networks and see who is connected to their servers. As for the average citizen, watch your own computer networks, beware of phony ads and stay away from skeptical websites that you may even come across on social media.

“There’s this huge fraudulent activity going on with ads that are being sent to us via Facebook and via the web for products that really don’t exist from companies that are fake or are designed to send the wrong thing to you,” he said.

When you are shopping online you should go to well-known sites, call the company you wish to buy from and read reviews of websites and online stores before making any purchases.

Source…

5G Stocks: SolarWinds Hack Reveals a “Backdoor” Cyber Trade

/in


InvestorPlace – Stock Market News, Stock Advice & Trading Tips

Cybersecurity used to mean just running McAfee antivirus software on your desktop computer.

A digital illustration of a hacker in a blue sweatshirt.

Source: Shutterstock

That’s not true anymore.

Cyberattacks are no longer the result of clicking on a rogue link in a suspicious email. Now they occur on a global scale, and they are the subject of coverage from all major news outlets.

In the past two weeks, we’ve all learned about a major hack of the U.S. government. As CNBC reported:

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated. 

The Cybersecurity and Infrastructure Security Agency (CISA) said in a summary Thursday that the threat “poses a grave risk to the federal government.”

It added that “state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations” are also at risk.

While CISA hasn’t identified the group responsible for this incredibly dangerous hack, many experts point to Russia. By hacking the IT management company SolarWinds, the cyber criminals were able to target the departments of Homeland Security, Commerce, Treasury, and Energy; cybersecurity firms like FireEye Inc. (NASDAQ:FEYE); and the tech giant Microsoft Corp. (NASDAQ:MSFT).

Obviously, these attacks are a threat to investors’ capital. A cyberattack on any company can, at a minimum, spook the market and push a stock’s value lower.

Microsoft, for example, dropped slightly the day after its breach was reported, but the effects of any cyberattack could always be worse than simply losing money on one of the largest tech companies in the world.

That’s why cybersecurity has become a major investment opportunity.

The term cybersecurity describes a broad range of proactive protections and reactive defenses — all of which try to thwart a specific cyber threat or combination of threats.

The first-generation cybersecurity tactics were usually add-on’s to an existing hardware or software platform — kind of like building a wall around an existing house. But many next-generation tactics incorporate…

Source…