Stay updated with breaking news from Block sunburst. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
The SolarWinds’ Orion breach, which is believed to have affected 18,000 organizations, led to follow-on attacks on government agencies and others. Although the agencies did not name the hacking group responsible, The Washington Post and other news media outlets have reported that the threat actor is likely a Russian APT known as APT29 or Cozy Bear. Russia has denied playing any role the attack (see: Dormancy Issue Kaspersky researchers say they found three overlaps between Sunburst and Kazuar. That includes the sleeping algorithm that calculates the time between when the backdoors are planted within a network and when they connect to the attackers command-and-control server. ....
Get Permission The U.S. federal court system is investigating an apparent compromise of a confidential electronic filing system used for sensitive legal documents, according to the Administrative Office of the U.S. Courts. The courts also have suspended their use of the hacked SolarWinds Orion network monitoring platform. In addition, the courts are immediately changing their security procedures, temporarily accepting sensitive legal documents only on paper or via secure devices, such as thumb drives, rather than through the network. The administrative office says it’s working with the U.S. Department of Homeland Security to investigate whether the court system s case management and electronic case files system, or CM/ECF, was, indeed, compromised. ....
Kevin Thompson, president and CEO of SolarWinds, in a video message to customers about the attack Security software vendor SolarWinds has updated multiple versions of its Orion network monitoring platform to remove the Sunburst backdoor that was added to its code as part of a massive supply chain attack. The updates also block Supernova malware that attackers installed by exploiting a flaw in Orion. But incident response experts have warned that full cleanup may take years. SolarWinds asks all Orion platform customers to update their Orion platform software as soon as possible to help ensure the security of your environment, the company said in a recently issued security advisory. ....