President Joe Biden (Source: C-SPAN)

President Biden Orders SolarWinds Intelligence Assessment

Mathew J. Schwartz • January 22, 2021

The new Biden administration has pledged to hold Russia accountable for its recent "reckless and adversarial" actions and has ordered a full-scale intelligence review of the SolarWinds hack. The moves signal the importance of cybersecurity to President Biden's national security agenda.

Endpoint Security

100,000 Zyxel Devices Vulnerable to Backdoor

Latest

3rd Party Risk Management

How to Manage Software Supply Chain Risks

Jeremy Kirk • January 22, 2021

The threat posed by software supply chain attacks is growing, but organizations can take steps to minimize the risks. Trey Herr of the Atlantic Council outlines ways to gain more insight into supply chain problems.

Governance & Risk Management

Researchers Identify SAP Flaw Exploit

Akshaya Asokan • January 22, 2021

An exploit that takes advantage of an authentication vulnerability in SAP Solution Manager can lead to a compromise of other connected SAP applications, according to Onapsis Research Labs.

3rd Party Risk Management

Analysis: How Will Biden Address Cybersecurity Challenges?

Anna Delaney • January 22, 2021

The latest edition of the ISMG Security Report features an analysis of the cybersecurity challenges the Biden administration must address. Also featured: payments security advice from Verizon; the outlook for the lifting of restrictions tied to the COVID-19 pandemic.

Cybercrime

Microsoft Describes How SolarWinds Hackers Avoided Detection

Doug Olenick • January 21, 2021

Microsoft researchers are offering fresh details on the SolarWinds hackers' extensive efforts to remain hidden, which gave them more time to fully penetrate systems, move laterally through networks and exfiltrate data in follow-on attacks.

Fraud Management & Cybercrime

Fueled by Profits, Ransomware Persists in New Year

Akshaya Asokan , Mathew J. Schwartz • January 21, 2021

Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay. Experts predict gangs will double down on whatever works, which lately includes data exfiltration.

3rd Party Risk Management

Free Auditing Tool Helps Detect SolarWinds Hackers' Malware

Akshaya Asokan • January 20, 2021

Security firm FireEye has released a free auditing and remediation tool on GitHub that it says can help organizations determine if the hacking group that targeted SolarWinds used similar techniques within their network to gain access to Microsoft Office 365 accounts.

Cyberwarfare / Nation-State Attacks

Malwarebytes CEO: Firm Targeted by SolarWinds Hackers

Prajeet Nair • January 20, 2021

The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a "limited subset of internal company emails."

3rd Party Risk Management

'Raindrop' Is Latest Malware Tied to SolarWinds Hack

Doug Olenick • January 19, 2021

Symantec Threat Intelligence says it's uncovered another malware variant used in the SolarWinds supply chain hack - a loader nicknamed "Raindrop" that apparently was used to deliver Cobalt Strike, a legitimate penetration testing tool, to a handful of targets.

Governance & Risk Management

Microsoft Taking Additional Steps to Address Zerologon Flaw

Prajeet Nair • January 19, 2021

Microsoft is alerting customers that starting Feb. 9, it will enforce domain controller settings within Active Directory to block connections that could exploit the unpatched Zerologon vulnerability in Windows Server. Microsoft has been warning about the urgency of patching the flaw for months.

3rd Party Risk Management

SolarWinds Supply Chain Hack: Investigation Update

Anna Delaney • January 15, 2021

The latest edition of the ISMG Security Report describes new details emerging from the SolarWinds supply chain hack investigation. Also featured: A discussion of why security education is so crucial in 2021 and tips on how to retain security and operations center analysts.

Cybercrime

Watering Hole Operation Leveraged Zero-Day Exploits

Akshaya Asokan • January 13, 2021

Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices.

Application Security

SolarWinds Describes Attackers' 'Malicious Code Injection'

Mathew J. Schwartz • January 12, 2021

Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network monitoring security software builds. They warn that other vendors may have been similarly subverted.