A proposed rule from a trio of federal financial regulatory agencies aims to change current reporting requirements so that financial service organizations have to notify federal regulators of a security incident within 36 hours.
Discussions on developing norms for cyber operations have resurfaced in the wake of the SolarWinds breach and subsequent intrusions, but experts say it's not a simple task.
CISA has found several initial access vectors used by the SolarWinds attackers, including abusing legitimate accounts and forging SAML tokens.
The number of SolarWinds Orion servers online is rising in the past week, possibly a result of misconfigurations as customers work to patch after the breach.
Attackers planted a compromised update for the SolarWinds Orion platform, leading to a cyber espionage campaign that hit many companies and government agencies.