The latest edition of the ISMG Security Report describes new details emerging from the SolarWinds supply chain hack investigation. Also featured: A discussion of why security education is so crucial in 2021 and tips on how to retain security and operations center analysts.
Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network monitoring security software builds. They warn that other vendors may have been similarly subverted.
A global law enforcement operation has taken down DarkMarket, which Europol describes as the world's largest underground marketplace of illegal goods on the dark web. The market has generated about $170 million in revenue selling drugs, malware, credit cards and more, officials say.
The FBI has issued a warning about the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group. Since September, the crypto-locking malware has been associated with nearly 100 attacks worldwide.
This edition of the ISMG Security Report features an analysis of the very latest information about the SolarWinds hack. Also featured are discussions of "zero trust" for the hybrid cloud environment and data privacy regulatory trends.
A recently uncovered remote access Trojan, dubbed ElectroRAT, has been stealing cryptocurrency from digital wallets over the past year, according to researchers at Intezer Labs. The malware, written in Golang, can target Windows, Linux and macOS platforms.
As investigators probe the SolarWinds hack, they're finding that the supply chain campaign appears to have deeply compromised more than the 50 organizations originally suspected. Meanwhile, the federal agencies overseeing the investigation now officially believe a Russian-linked hacking group is responsible.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
Software vendor SolarWinds has updated multiple versions of its Orion network-monitoring software to address the Sunburst backdoor that was added to its code and to block Supernova malware that exploited a vulnerability in Orion. But incident response experts have warned that full cleanup may take years.
Microsoft warned CrowdStrike of a failed attempt by unidentified attackers to access and read the company's emails, according to a blog post published by the security firm. The unsuccessful hacking incident is reportedly tied to the breach of SolarWinds.
Federal, state and local governments are among the many victims of the supply chain attack that backdoored the SolarWinds' Orion network-monitoring software, and victims "may need to rebuild all network assets" being monitored by the software, the U.S. Cybersecurity and Infrastructure Security Agency warns.
In the wake of the SolarWinds breach, NIST's Ron Ross has turned his attention to systems security engineering - and the reality that the adversaries are exploiting it to their advantage better than the defenders are. This disparity, Ross says, has to change.