solarwinds (6)

9690728900?profile=RESIZE_400xThe US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

9158672090?profile=RESIZE_400xIT companies are making up the majority of organizations being targeted amid new activity by the group behind last year’s SolarWinds supply-chain attack, with at least one victim coming from Microsoft’s customer support ranks. 

On 25 June 2021, the Microsoft Threat Intelligence Center said it was monitoring new activity from the Nobelium threat actor, which Microsoft is calling the group, with the vendor observing password spray and brute-force attacks, among other potential methods and tactics.

8910810901?profile=RESIZE_400xThe U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.

The guidance released 28 April 2021, "Defending Against Software Supply Chain Attacks," offers recommendations on how to implement the NIST Cyber Supply Chain Risk Management Framework and the Secure Software Development Framework. "This resource provides in-depth re

The FBI and the Cybersecurity and Infrastructure Security Agency are warning of continued cyber threats stemming from Russia's Foreign Intelligence Service, or SVR, which the Biden administration accused of carrying out the SolarWinds supply chain attack.

In a joint alert issued 26 April 2021, the agencies warn that despite economic and other sanctions against Russia announced by the White House on 15 April 2021, attackers associated with the SVR likely will continue to target government network

8321594296?profile=RESIZE_400xThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework.  See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques.

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020.  This APT actor has demonstrated

8304247269?profile=RESIZE_400xUS federal authorities issued a warning on 17 December 2020 that Russian hackers used an expansive variety of malicious cyber tools to penetrate US government systems and said that the cyber offensive was, “a grave risk to the federal government.”  These cyber findings indicate a wider range of hacking, which appears to extend beyond nuclear research laboratories and the US Pentagon, Treasury and Commerce Department systems.  This expansion of cyber capabilities is complicating challenges for US