.png "back to home page")
Will Trump say anything against Putin?
— Wajahat "Wears a Mask Because of a Pandemic" Ali (@WajahatAli) December 13, 2020
How will Republicans respond?
Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect https://t.co/LoCy3stTDa
FireEye is likely breathing a bit of a sigh of relief given the news tonight. They can say they went public with this widespread supply-chain attack first, which likely helped alert other victims inside and outside government of a potential Russian intrusion into their systems.
— Dustin Volz (@dnvolz) December 14, 2020
If the Russia connection is confirmed to the US Treasury & Commerce hack it’ll be the most sophisticated known theft of US gov data by Moscow since 2014/15 when Russian intel agencies gained access to WH, State Dept & Joint Chiefs of Staff emails, per NYT https://t.co/1KEDQYEZmd
— Kylie Atwood (@kylieatwood) December 14, 2020
Solar Winds' other government customers, per its website: Census Bureau, DOJ, Oak Ridge and Sandia National Labs, VA, Army, Air Force, Navy, and Marine Corps. https://t.co/NKIKB1elFS
— Eric Geller (@ericgeller) December 13, 2020
Plus state, local, educational, and foreign customers, e.g. Texas, NHS, and European Parliament. https://t.co/sZ6ggvUd1n
And Trump fired Chris Krebs, the head of @CISAgov; great timing: https://t.co/EMelpUD5Eh
— Frank Figliuzzi (@FrankFigliuzzi1) December 14, 2020
According to SolarWinds the vuln the hackers used to breach FireEye and gov agencies appears to be related to an update they made to their software between March and June this year. This suggests the hackers could have been in systems for up to nine months before detection. https://t.co/pBJdOBxHnI
— Kim Zetter (@KimZetter) December 13, 2020
NEWS
— Yashar Ali ? (@yashar) December 13, 2020
The Trump administration acknowledged on Sunday that hackers acting on behalf of a foreign government — almost certainly a Russian intelligence agency — broke into a range of key government networks and had free access to their email systems. https://t.co/4JgigdpXAt
“If the Russia connection is confirmed, it will be the most sophisticated known theft of American government data by Moscow since a two-year spree in 2014 and 2015” via @SangerNYT https://t.co/iH8Woriiym
— Natasha Bertrand (@NatashaBertrand) December 13, 2020
.@nakashimae pushing reporting further. Seems that APT29/Russian intel SVR is behind it: https://t.co/V2rNEtfSDE
— Chris Bing (@Bing_Chris) December 13, 2020
Outstanding reporting from @nakashimae (following up on @Bing_Chris who broke the story) of the breach at Treasury.
— Jake Williams (@MalwareJake) December 13, 2020
WAPO is saying that attackers used SolarWinds in the breach. It’s a good reminder to check the access your network management software has.https://t.co/G1U9AnXAJX
This continues to be an interesting development.
— Dave Kennedy (@HackingDave) December 14, 2020
Looks like Solarwinds Orion was the original entry point from the FireEye breach including treasury and commerce.
Microsoft updated 21 hours ago with defender update with artifact detection . https://t.co/rowgktKn2K https://t.co/9dhglscjN9
If you’re a SolarWinds customer & use the below product, assume compromise and immediately activate your incident response team. Odds are you’re not affected, as this may be a resource intensive hack. Focus on your Crown Jewels. You can manage this. https://t.co/YvSGTv926a https://t.co/WFe89831Dj
— Chris Krebs (@C_C_Krebs) December 13, 2020
SOLARWINDS in statement said it is aware of a potential vulnerability related to updates of its Orion technology management software that were released between March and June of this year.
— Dustin Volz (@dnvolz) December 13, 2020
.@nakashimae is reporting that Russia's foreign intelligence service, the SVR, is behind these federal agency intrusions: https://t.co/xobSD3OkVB
— Eric Geller (@ericgeller) December 13, 2020
The SVR was also reportedly behind the FireEye hack.
I have a one-word suggestion that Trump will ignore but Biden will hopefully heed: CONSEQUENCES.
— Miles Taylor (@MilesTaylorUSA) December 14, 2020
The days of Russia “getting away with it” are over. https://t.co/MIJnYsH6mj
Good find - the vuln discovered in the SolarWinds system that resulted in a June patch. Was this the patch SolarWinds was referring to when it said an update it made to its software between March-June may have introduced a new vuln the Russians exploited? https://t.co/j1kjNlA3ls https://t.co/bu8Lxe6EUA
— Kim Zetter (@KimZetter) December 14, 2020
Anybody else old enough to remember “remote IT administration or monitoring tools” were handy hacking tools & were called “Back Orifice”?
— Katie Moussouris (she/her) is getting vaccinated (@k8em0) December 13, 2020
So when a product has this description, it has access by def.
If there’s a security hole in it, or it’s taken over by criminals, you’re sunk. https://t.co/X9tkIhr2zq
Sweet jeebus, software "supply chain attack". This is red-alert time. https://t.co/EitQ2Y4VEW
— Nicholas Weaver (@ncweaver) December 14, 2020
This is potentially a hugely consequential hack. SolarWinds' customers include over 425 of US Fortune 500, all branches of military, the NSA, State, Office of the President, top US accounting firms, defense titans like Lockheed, hundreds of universities.https://t.co/rUpWQXKn4v https://t.co/LBxHod3NYk
— Dustin Volz (@dnvolz) December 13, 2020
SolarWinds is used by hundreds of thousands of organizations... And it has admin access to the network. Monday may be a bad day for lots of security teams. #2020awesomenesscontinues https://t.co/ss4swwW40s
— Dmitri Alperovitch (@DAlperovitch) December 13, 2020
“At Commerce, the Russians targeted the National Telecommunications and Information Administration, an agency that handles internet and telecommunications policy” -Russian government spies are behind a broad hacking campaign that has breached U.S. agencies https://t.co/71zyv9wXn6
— Clint Watts (@selectedwisdom) December 13, 2020
Why would FireEye have been using third-party remote-access software on its own network? I'm wondering if this may turn out to be two different, but related, attacks. One against gov networks using SolarWind, and a separate attack against FireEye using a different vector. https://t.co/YnBYxlqMwC
— Kim Zetter (@KimZetter) December 14, 2020
Relieved that next month we can finally have the head of our government do what cybersecurity professionals have been calling for for years. Attribution and Consequences. https://t.co/Nbjh11UNZT
— Elizabeth Neumann (@NeuSummits) December 14, 2020
Confirming this bit of reporting, Solar Winds is patient zero, per two sources familiar:https://t.co/wcxDuDYKjP
— Chris Bing (@Bing_Chris) December 13, 2020
Common refrain from sources:
— Chris Bing (@Bing_Chris) December 14, 2020
today's news about USG hacks (Commerce + Treasury) and the larger supply chain compromise at Solar Winds, an IT provider for the USG, is "just the tip of the iceberg"
This breach is much worse than it appears atm. And it appears very bad already
Dear @realDonaldTrump: A reminder below that Russia is not our ally and Vladimir Putin is not your friend. Why are you so scared to condemn Russia or Putin? https://t.co/kZtCYqrsMc
— Ted Lieu (@tedlieu) December 13, 2020
Anyone who uses Orion Monitoring products and want to walk me through what they are and what they do? https://t.co/fXQqxbU3YC
— Raphael Satter (@razhael) December 13, 2020
UPDATE: Sources tell me that the victims--Treasury, Commerce, FireEye--were breached through an IT Management System called Solar Winds https://t.co/DDnvtFo0uG
— Ellen Nakashima (@nakashimae) December 13, 2020
“The problem is there’s not even been condemnation from the top. President Trump hasn’t wanted to say anything bad to Russia, which only encourages them to act irresponsibly across a wide range of activities.”https://t.co/wodJu5e4SF
— Aaron Rupar (@atrupar) December 14, 2020
It never gets old or any less absurd to recall that Trump wanted to have a joint cyber unit with Putin.
— Bianna Golodryga (@biannagolodryga) December 13, 2020
https://t.co/P6QVMEUW63
TASS is authorised to declare: Russia totally innocent of amazing brilliant hack by very skilled officers who will receive medals.
— thaddeus e. grugq (@thegrugq) December 14, 2020
“Cyberattacks contradict Russia's foreign policy principles,” Russian diplomats lied. https://t.co/3avAC5DbAt
Key question, if Solar Winds is vulnerable... where else in the massive customer list has APT 29 been? https://t.co/atD2FY8GVl pic.twitter.com/KhYs4oXSdt
— John Scott-Railton (@jsrailton) December 13, 2020
“What happened at Lekki Toll Gate has all the traits of the Nigerian authorities’ pattern of a cover-up whenever their defence and security forces commit unlawful killings."
— Mazi Nnamdi Kanu (@MaziNnamdiKanu) November 3, 2020
We demand answers from the Nigerian government! #LekkiMassacre #EndSARS https://t.co/EASYFDWY6L
Struck by fact that for 6 weeks now @realDonaldTrump and 100+ Republican members of Congress have been talking about a hack that never happened - of the vote. Total silence on the one that did happen: Russian hackers inside the Fed. govt.'s own agencies. https://t.co/yQywoSUIHp
— David Sanger (@SangerNYT) December 14, 2020
#Russian #Hackers Broke Into #Federal Agencies, #U.S. Officials Suspect .#hacker #Russia #CyberAttack#CyberSecurity #CYBERTECH@Victoryabro @MargaretSiegien@DrJDrooghaag @mvollmer1@robmay70 @Nicochan33@PawlowskiMario @BetaMoroneyhttps://t.co/v2Ywued6h4
— Abhishek Yadav (@abhishek__AI) December 14, 2020
Russian Hackers Broke Into Federal Agencies including the Treasury Department and hacked emails.
— purple teacher #ProtectOurDemocracy (@peaceandteachin) December 14, 2020
This may have been going on since the pandemic started.
The incompetent administration had no idea or did they? #TrumpRussia#Fresh#OneV1 https://t.co/F6BzrgJXTO
Remember when Trump and most Republicans told us that Russia isn’t our enemy?#PutinsPuppet https://t.co/YedX1dQKrx
— Republicans for Joe Biden ?? (@RepsForBiden) December 14, 2020
KREBS OUSTER OPENS DOOR TO RUSSIAN ATTACK
— Bombshell DAILY ? (@BombshellDAILY) December 14, 2020
Trump again allows hackers unfettered access to U.S. Treasury and commerce departments intelligence.https://t.co/Twl9UVgyzm
Another Russian Hack breached several Federal Agencies.
— Ms. Lonnie ??? (@Lon_S_J) December 14, 2020
Trump fired the head of Dept of Homeland Security's Cybersecurity.
Coincidence?#ONEV1 https://t.co/1kNEN1eWQf
Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect Trumps friend Putin is at it again https://t.co/WcQ95P5EBk
— Jerry_Sayian (@JerryWillResist) December 14, 2020
Homeland Security warns Russia may have hacked federal agencies https://t.co/uKis7KFFpr pic.twitter.com/nR8FTcpjiN
— New York Post (@nypost) December 14, 2020
The US has issued an emergency warning after discovering that ‘nation-state’ hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems https://t.co/kM1WVcyhtD
— Financial Times (@FinancialTimes) December 14, 2020
US orders emergency action after huge cyber security breach https://t.co/EKcn8eKxwb via @financialtimes
— Matthew Continetti (@continetti) December 14, 2020
NEW: Evidence is emerging of what might become one of the most devastating cyber security failures on record
— Hannah Murphy (@MsHannahMurphy) December 14, 2020
A security flaw has enabled attackers (likely Russian) to break into the IT systems of “numerous” govts & companies, including several US agencieshttps://t.co/QYvs6myJWQ
Meanwhile this is an interesting story we published 3 hours ago https://t.co/7aCpR3AqVU
— Izabella Kaminska (@izakaminska) December 14, 2020
US among ‘numerous’ governments and companies hacked, firm says https://t.co/YF6MVyCobT
— Financial Times (@FT) December 14, 2020
US orders emergency action after huge #cybersecurity breach as “nation-state” hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems https://t.co/WjsI35l0uK via @financialtimes #cyberattacks #Hacking
— Alex von Witzleben (@AlexWitzleben) December 14, 2020
BAD: A foreign gov’t-backed hacking group stole information from @USTreasury & @NTIAgov & may have hacked other US government agencies, @Reuters reports. The hack was deemed so serious it led to a National Security Council meeting at the WH on Saturday.https://t.co/3eyaqKNQlk
— Stacking (@StackingUSD) December 14, 2020
US among ‘numerous’ governments and companies hacked, firm says https://t.co/jXlUWyc5P1 via @financialtimes
— Christiern Santos Rasmussen (@ChristiernR) December 14, 2020
?BREAKING: California vote secures Biden/Harris WINNER OF THE 2020 ELECTION.
— Craigrm (@Craigrm5) December 15, 2020
Trump has emergency meeting with staff to discuss next step.https://t.co/DbXcsu6BgY pic.twitter.com/Zfx95oih9c
In this op-ed, @behl_natasha addresses the ongoing farmers' protest in India and its implications for democracy https://t.co/lDdj32THva#WomenAlsoKnowStuff
— womenalsoknowstuff (@womenalsoknow) December 14, 2020
#Russia "broke into a range of key government networks, including in the Treasury and Commerce Departments, and had free access to their email systems", the US acknowledged on Dec. 13, possibly one of the largest and most damaging recent cyberattacks. https://t.co/jHjBJJ0woD
— Kyle Orton (@KyleWOrton) December 14, 2020
Time to go on offense. Russia should pay, and they will lose in this battle. https://t.co/bHeTXjDCS9
— Adam Kinzinger (@RepKinzinger) December 15, 2020
Russian government “broke into a range of key government networks, including in the Treasury and Commerce Departments...one of the most sophisticated, and perhaps among the largest, attacks on federal systems in the past five years.” https://t.co/JDagotI24j
— Dr Alina Polyakova (@apolyakova) December 14, 2020
The first in a series of retrospective articles about Russian-American relations in the Trump era. https://t.co/tvsq0xpyqx
— Timothy Snyder (@TimothyDSnyder) December 14, 2020
I guess this is what we should expect when we invite them into the Oval Office. #PutinsPuppet#PutinsGOP https://t.co/XJi59H7IxP
— NJ2NC (@CCFoote22) December 14, 2020
Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect https://t.co/59HUcW68hK
— Raymond E. Foster (@policeofficer) December 14, 2020
Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect https://t.co/oZaN8sMciW
— Taylor Sartre (@Taylor_Sartre) December 14, 2020
・・ロシアはサイバーセキュリティー協定を求めているが米国は回答せず。以前米国によるメルケルの電話盗聴を行った事実をウィキリークスが暴露した時、メルケルは盗聴の禁止協定の締結を求めたが米国は拒否。https://t.co/oNKkVMCS4E
— 衣笠書林@猫の生活が第一 (@syuugoro2) December 15, 2020
米国は外国人への盗聴や個人情報の収集は禁止していない。
US orders emergency action after huge cyber security breach https://t.co/px4GY2assE pic.twitter.com/xuGXqTq7m0
— Vijay Shekhar Sharma (@vijayshekhar) December 14, 2020
US orders emergency action after huge cyber security breach.
— Fabrizio Bustamante (@Fabriziobustama) December 14, 2020
By @FT#CyberSecurity #Databreach #infosec #USA
Cc: @fogle_shane @todddlyle @archonsec @JBarbosaPR @missdkingsbury @mclynd @gvalan @DrJDrooghaag@digitalcloudgal @Corix_JC@PVynckier @baski_LA https://t.co/wVF1oKlklX pic.twitter.com/pEMKy606vY
US orders emergency action after huge cyber security breach https://t.co/zggxcuZZgv
— Farzana R Hossain MD (@fr_hossain) December 14, 2020
LinkedIn spy scandal shines spotlight on China’s online espionage https://t.co/IsvPvgz3Wn via @financialtimes #CyberSecurity #CyberAttack #regulation #technology #medtech #tech #AI #FireEye https://t.co/aJgryDLSAi
Wow: U.S. alleges "nation-state hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems."
— Alex Boutilier (@alexboutilier) December 14, 2020
US orders emergency action after huge cyber security breach https://t.co/IySoVN0rGf via @financialtimes