Solarwinds Breach - 2020, Discussion with the SWCSF.org Part 2 of 2.

Описание: PART 2 OF 2 - Erik will cover all cybersecurity news of note since the last meeting with his uniquely entertaining style with a special emphasis on the 2020 SolarWinds breach

Alert (AA20-352A) Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

In mid-December of 2020, an unprecedented cyber breach by an APT (Advanced Persistent Threat) Actor was disclosed by SolarWinds relating to its Orion software. With 300,000 customers, many of which are Government entities and Fortune 500 organizations, the potential scope and breadth of the impact exceeded all past events. The full extent of the breach is still being investigated and many organizations have been scrambling in December to remediate it. Even those not directly affected because they are not using the Orion software have to assess their supply chain dependencies and update their vendor risk assessments.

We have decided to dedicate our 2nd time-slot to a run down of what is known about the breach today, including tools and methods used, the scope of the breach, impact, ongoing remediation and lessons learned going forward.

Ref: https://us-cert.cisa.gov/ncas/alerts/...