Threat Advisory: SolarWinds supply chain attack

Dec 15, 2020 by iHash Leave a Comment

Cisco Blogs / Security / Threat Research / Threat Advisory: SolarWinds supply chain attack

Cisco Talos is monitoring yesterday’s announcements by FireEye and Microsoft that a likely state-sponsored actor compromised potentially thousands of high-value government and private organizations around the world via the SolarWinds Orion product. FireEye reported on Dec. 8 that it had been compromised in a sophisticated attack in which state-sponsored actors stole sensitive red team tools. Upon investigating the breach further, FireEye and Microsoft discovered that the adversary gained access to victims’ networks via trojanized updates to SolarWinds’ Orion software.

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Network Threats: A Step-by-Step Attack Demonstration

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, […]

Autio Unlimited Plan for $39

Expires July 25, 2024 06:59 PST Buy now and get 42% off KEY FEATURES Autio, Your Personal Travel Companion with Location-Based Audio Stories Autio is a network of stories, told by master storytellers like Kevin Costner, Phil Jackson, and John Lithgow, with the power to bring the landscape, its people, and its history alive as […]

CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud

Two recent Microsoft breaches underscore the growing problem of cloud identity attacks and why it’s critical to stop them. While Microsoft Active Directory (AD) remains a prime target for attackers, cloud identity stores such as Microsoft Entra ID are also a target of opportunity. The reason is simple: Threat actors increasingly seek to mimic legitimate […]

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

Apr 24, 2024NewsroomCyber Attack / Cyber Espionage The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the […]

What You Need to Know About the Critical PAN-OS Zero-Day

UPDATE: It has been confirmed that disabling telemetry will not block this exploit. Applying a patch as soon as possible is the most effective remediation for this vulnerability. Patches for 8 of the 18 vulnerable versions have been released; patches for the remaining vulnerable versions are expected by April 19th. CrowdStrike is constantly working to […]

Artificial Intelligence Means Smaller Teams Doing More with Less Makes the Small Autonomous Teams Structure Even More Important

The artificial intelligence wave that we’ve seen hit the news is one step in a long line of innovations that technologists have been working on for years. And this technology, like other technologies, will not eliminate jobs in the way that people fear. Rather, it’s like electricity—it will enable people to do more and to […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Autio Unlimited Plan for $39

Dashlyte Bluetooth Bone-Conduction LED-Neckband Headphones with Microphone for $79

Refurbished Lenovo Chromebook N22 Intel Celeron N3060 1.6GHz 4GB RAM 16GB SSD 11.6" LED Grade A+ for $66

Beats Studio Pro Wireless Noise Cancelling Headphones – Sandstone (New – Open Box) for $179

Refurbished Apple iPhone 11 Fully Unlocked Black / 64GB / Grade A+ for $260

Threat Advisory: SolarWinds supply chain attack

Autio Unlimited Plan for $39

Dashlyte Bluetooth Bone-Conduction LED-Neckband Headphones with Microphone for $79

Refurbished Lenovo Chromebook N22 Intel Celeron N3060 1.6GHz 4GB RAM 16GB SSD 11.6" LED Grade A+ for $66

Beats Studio Pro Wireless Noise Cancelling Headphones – Sandstone (New – Open Box) for $179

Refurbished Apple iPhone 11 Fully Unlocked Black / 64GB / Grade A+ for $260

Share this:

Reader Interactions

Leave a ReplyCancel reply