Secretary of State Pompeo becomes highest-ranking U.S. official to blame Moscow for massive cyber attack on U.S. government: "We can say pretty clearly that it was the Russians that engaged in this activity," Pompeo says on The Mark Levin Show Friday
"America must retaliate" Democrats & Republicans increasingly uneasy with silence from @POTUS on the SolarWindsHack - which they say is not just "unprecedented in scale" & "devastating" & "consistent with Russian cyber operations" but still in progress
Microsoft President-initial list of victims includes not only govt agencies, but security and other technology firms & non-governmental organizations
Microsoft president- roughly 80% of impacted customers are located in U.S., this work so far has also identified victims in seven additional countries
Microsoft president- Microsoft has identified and has been working this week to notify more than 40 customers that the attackers targeted
Microsoft President - attack represents a broad espionage-based "assault" on confidential information of U.S. govt and tech tools used by firms
Microsoft President Brad Smith: "latest cyber-assault is effectively an attack on the United States and its government and other critical institutions"
Microsoft said it detected a malicious version of software from SolarWinds inside the company but that its investigation so far showed no evidence hackers had used Microsoft systems to attack customers
Top Senators on Armed Services Committee say cyber attack on U.S. government is "ongoing" and "has the hallmarks of a Russian intelligence operation
Second supply chain hack in SolarWinds campaign announced. Microsoft was also breached in the SolarWinds hack operation. Once in Microsoft's network, the company's own "products were then used to further the attacks on others".
The Senate Armed Services Committee announces receiving initial information on the 'significant, sophisticated, and ongoing' cybersecurity intrusion against the US.
Romney tells @OKnox "a cyber hack of this nature is really the modern equivalent of almost Russian bombers reportedly flying undetected over the entire country" and for WH to not be "aggressively speaking out and protesting and taking punitive action is quite extraordinary"
4 month ago
On Russian cyberattack: Confirming the hack, Dept of Energy said "the malware has been isolated to business networks ONLY and has NOT impacted mission-essential national security functions of the Department," @NatashaBertrand reports via @DeadlineWH
The US House of Representatives Oversight and Homeland Security Committees announce a joint investigation into the cyber attacks
DHS says hack of U.S. government agencies began "in at least March" and may not be over. DHS does not name Russia in statement, says getting "threat" off the networks "will be highly complex and challenging for organizations
At least three states were hacked as part of a suspected Russian cyber-attack that breached several U.S. government agencies, sources say
Investigators found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE
The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks, officials directly familiar with the matter said
4 month ago
Infosec: A security breach has been reported concerning the Dolibarr ERP-CRM 12.0.3 management software. which allows remote code execution
4 month ago [email protected]
on #SolarWindsHack "There's a lot we don't yet know, but what we do know is a matter of great concern" per statement "I have instructed my team to learn as much as we can.we will make dealing with this breach a top priority from the moment we take office"
's issued new Alert on the APT campaign against federal agencies & critical infrastructure, providing updated affected product versions, IOCs, ATT&CK® techniques, and mitigation steps
The Washington Post: Man really did hack Trump's twitter by guessing password, "maga2020.," Dutch prosecutors confirm
4 month ago
Infosec: CISA, FBI and ODNI joint statement on major cybersecurity breach underway following SolarWinds compromise
FBI is investigating and gathering intelligence in order to attribute, pursue, and disrupt the hackers -statement
"We are aware of the wide-spread and evolving cyber incident. We continue to assess our DOD Information Network (DODIN) for indicators of compromise.To date, we have no evidence of compromise of the DODIN" -Vice Adm. Norton, director of the Defense Information Systems Agency
4 month ago
FireEye says it has figured out a way to send shutdown commands to the suspected Russian malware installed through the infected SolarWinds update — but it warns that if hackers have already started exploiting a target network, they've likely set up other ways to stay there
People are reporting connectivity issues with the instant messaging app @Telegram
Youtube in Turkey: Local representatives of a legal person have received the decision to initiate the appointment process
4 month ago
Red Drip Team: By decoding the DGA domain names, we discovered nearly a hundred domains suspected to be attacked by UNC2452 SolarWinds, including universities, governments and high tech companies such as @Intel and @Cisco
European Union: Cyber attacks targeted vital EU installations