Security news that informs and inspires

Archive

24 results for tag Solarwinds:

CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion

CISA investigated an enterprise intrusion in which the attacker had legitimate credentials for the Pulse Secure VPN and then deployed the Supernova malware on a SolarWinds Orion instance.

Solarwinds, Cisa

Russian APT Group Actively Exploiting Flaws, U.S. Agencies Warn

The U.S. federal agency advisory on the active exploits of five flaws comes in tandem with the U.S. government formally attributing the SolarWinds supply-chain attack to Russian Foreign Intelligence Service (SVR) actors.

Apt, Solarwinds, Government Agencies, Government

In Wake of SolarWinds Breach, the Challenge of Building Secure Software Remains

SolarWinds is testing a system of parallel build servers to help prevent a future supply chain attack on its infrastructure.

Solarwinds, Software Security

Requiring a VDP for Suppliers Won’t Fix Supply Chain Security

Extending the requirement for vulnerability disclosure policies from federal agencies to their suppliers is not a quick fix for supply chain security issues.

Solarwinds, Government

SolarWinds Attackers Accessed Mimecast Source Code

The attackers behind the SolarWinds breach also gained access to and downloaded some Mimecast source code repositories.

Solarwinds, Email