Tag: SolarWinds Orion

SolarWinds attack

One year after SolarWinds attack, more needs to be done to boost cybersecurity in industrial sector

Exactly a year after the SolarWinds attack, when suspected nation-state hackers gained access to the networks, systems, and data of thousands of SolarWinds customers, it is a moment of reckoning for the cybersecurity sector, as it tries to prevent newer…

critical infrastructure environments

DoD, DHS fail to respond to cyber threats that affect critical infrastructure environments

A U.S. Department of Defense (DoD) audit report found that the defense agency along with the Department of Homeland Security (DHS) failed to plan and execute activities to implement the memorandums between the two agencies, regarding cybersecurity and cyberspace operations…

container

Rise in cybersecurity attacks targeting container supply chain and infrastructure

Cyber attackers are leveraging privilege escalation techniques and attempting to escape from within the container to the host machine, as they continue to advance and adapt their tactics, targeting both the software supply chain of cloud-native applications, and their infrastructure,…

software supply chain

Federal agencies must implement recommendations to manage software supply chain threats, GAO says

The U.S. Government Accountability Office (GAO) stressed that, as a result of not fully implementing foundational security practices, federal agencies continue to face software supply chain threats and are at a greater risk of malicious actors exploiting vulnerabilities in the…

Microsoft Office365

CISA releases Eviction Guidance for SolarWinds Orion, Microsoft Office365 users

The Cybersecurity and Infrastructure Security Agency (CISA) issued Eviction Guidance in its ongoing response to the cyber intrusion campaign impacting SolarWinds Orion and Microsoft Office365 environments. The guidance will help organizations reduce the likelihood that a threat attacker may retain…