U.S. Treasury, Commerce Depts Hacked by Group Tied to 'Foreign Government’

"SolarWinds Notches 87% Customer Renewal Rate Despite Hack...

Eighty-seven percent of SolarWinds customers renewed maintenance contracts with the company in the first quarter of 2021 despite a massive cyberattack that compromised many high-profile customers..."

https://www.crn.com/news/security/solarwinds-notches-87-customer-renewal-rate-despite-hack

 

US spy agencies review software suppliers' ties to Russia following SolarWinds hack

https://www.cyberscoop.com/russia-solarwinds-supply-chain-fbi/

 

"SolarWinds: Hackers Accessed Our Office 365 Since Early 2019...

Hackers persistently accessed SolarWinds’ internal systems, Microsoft Office 365 environment and software development environment for months before carrying out their vicious cyberattack...

The Austin, Texas-based IT infrastructure management vendor said hackers compromised SolarWinds’ credentials and conducted research and surveillance via persistent access for at least nine months prior to their October 2019 trial run. Hackers tested their ability to inject code into SolarWinds Orion network monitoring software in fall 2019, months before they actually started putting poisoned code into Orion..."

https://www.crn.com/news/security/solarwinds-hackers-accessed-our-office-365-since-early-2019

 

"Biden budget sets aside $750 mllion for SolarWinds response

U.S. President Joe Biden's proposed budget includes $750 million for the government agencies hit by the SolarWinds hack to pay for cybersecurity improvements to prevent another attack.

The money comes on top of a $500 million fund for federal cybersecurity as the U.S. government recovers from the cyber attack that hit nine agencies including the State Department and Treasury..."

https://www.reuters.com/technology/...-mln-solarwinds-response-2021-05-28/?rpc=401&

 

CISA doesn't know how many US federal agencies use firewalls to fend off malicious traffic
June 21, 2021
https://www.cyberscoop.com/cisa-solarwinds-firewall-wyden-wales-letter/

 

BTW - I saw an installation hacked by a component called SuperNova malware and it is definitely nasty stuff:

https://0xthreatintel.medium.com/uncovering-supernova-malware-e82bba302fcb

 

"SolarWinds issues yet another emergency patch after hackers strike again

Belegaured software firm SolarWinds has released a hotfix to patch a remote code execution vulnerability in a couple of its Serv-U products, after being informed of their existence, and abuse, by cybersecurity researchers at Microsoft...]

As it disclosed the latest RCE vulnerability in the Serv-U Managed File Transfer and Serv-U Secure FTP products, Microsoft also shared that at least one threat actor has already abused the vulnerability to target victims..."

https://www.techradar.com/news/sola...er-emergency-patch-after-hackers-strike-again

"Microsoft warns SolarWinds customers that Serv-U is under attack

The beleaguered IT firm urges its customers to patch their FTP systems immediately..."

https://www.itpro.co.uk/security/cy...arwinds-customers-that-serv-u-is-under-attack

 

"Justice Department says Russians hacked federal prosecutors

WASHINGTON (AP) — The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said Friday...

The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. All told, the Justice Department said 27 U.S. Attorney offices had at least one employee’s email account compromised during the hacking campaign...

The Justice Department said in a statement that it believes the accounts were compromised from May 7 to Dec. 27, 2020. Such a timeframe is notable because the SolarWinds campaign...

...office emails frequently contained all sorts of sensitive information, including case strategy discussions and names of confidential informants..."

https://apnews.com/article/technology-europe-russia-election-2020-5486323e455277b39cd3283d70a7fd64

 

https://www.schneier.com/blog/archi...ite-up-of-the-solarwinds-security-breach.html

 

SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign

https://www.cyberscoop.com/solarwinds-autodesk-hack-russia-us/

 

"Wide-ranging SolarWinds probe sparks fear in Corporate America

A U.S. Securities and Exchange Commission investigation into the SolarWinds Russian hacking operation has dozens of corporate executives fearful information unearthed in the expanding probe will expose them to liability...

The SEC is asking companies to turn over records into 'any other' data breach or ransomware attack since October 2019 if they downloaded a bugged network-management software update from SolarWinds Corp...the letters went to hundreds of companies...

The requests may reveal numerous unreported cyber incidents unrelated to the Russian espionage campaign, giving the SEC a rare level of insight into previously unknown incidents that the companies likely never intended to disclose...

The SEC told companies they would not be penalized if they shared data about the SolarWinds hack voluntarily, but did not offer that amnesty for other compromises or breaches..."

https://www.reuters.com/technology/...obe-sparks-fear-corporate-america-2021-09-10/