.png "back to home page")
We’re making some updates to detections we released to alert customers about the presence of compromised binaries related to SolarWinds Orion Platform. Starting December 16 at 8:00AM PST, Microsoft Defender Antivirus will block these malicious binaries. https://t.co/HA8sGCjPLl
— Microsoft Security Intelligence (@MsftSecIntel) December 15, 2020
Three initial ideas for how Congress and the Biden Administration can respond to the still-developing Russian breach of much of the US Government. https://t.co/xlX189YieB
— Alex Stamos (@alexstamos) December 15, 2020
Stunning. Today’s classified briefing on Russia’s cyberattack left me deeply alarmed, in fact downright scared. Americans deserve to know what's going on. Declassify what’s known & unknown.
— Richard Blumenthal (@SenBlumenthal) December 15, 2020
Oh COME ON https://t.co/gz6PS3QpcA
— Molly Wood (@mollywood) December 16, 2020
"After initiating the hacks by corrupting patches of widely used network monitoring software, the hackers hid well, wiped away their tracks and communicated through IP addresses in the United States rather than ones in, say, Moscow to minimize suspicions.' https://t.co/uP4niNaqim
— Shashank Joshi (@shashj) December 16, 2020
It's time we get serious about cybersecurity. @alexstamos has some ideas: https://t.co/kHBz3wQ3T8
— Michael McFaul (@McFaul) December 15, 2020
New: The two investment firms that own 70% of SolarWinds, the software company at center of Russian mega-breach, sold $280 million in shares just before the hack was revealed (and the stock plunged 22%). Good timing, or ... ? https://t.co/dItjElwkRb @dmac1
— Drew Harwell (@drewharwell) December 16, 2020
NEW: Microsoft and industry partners seize key domain used in SolarWinds hack
— Catalin Cimpanu (@campuscodi) December 15, 2020
Sinkholing efforts underway to identify potential victims and prevent future escalation of compromised networkshttps://t.co/mLY4ov6Y2m pic.twitter.com/0XPVHWG4bT
Not strange at all nope not at all https://t.co/YWg9VqcHOC
— Jason Howell (@jasonhowell) December 16, 2020
These are different from the sales made by the company's execs, previously announced part of 10b5-1 plans (see: https://t.co/eNN9qXhcyw). These are legit shady and took place a day before FireEye disclosed its hack too. https://t.co/3xLqf2vl6F
— Catalin Cimpanu (@campuscodi) December 16, 2020
Some companies are about to find out they actually do use SolarWinds in production... https://t.co/eQhOoPUDF8
— Yoshi (@ChicagoCyber) December 15, 2020
Please note: Starting Wednesday, December 16 at 8:00 AM PST, Microsoft Defender Antivirus will begin blocking the known malicious SolarWinds binaries. https://t.co/Uq5c9SPB2w
— ŋıŋʝąƈąɬ? (@RavivTamir) December 15, 2020
How is this possible? And how are Russians getting so damn good, so fast?
— Bianna Golodryga (@biannagolodryga) December 16, 2020
“CISA officials told congressional staff on a Monday evening call that the system did not have the capacity to flag the malware that was signaling back to its Russian masters.” https://t.co/GUhVCHhxae
It appears members of the Board (investors) made trades, but unclear if any of the management or DFIR team did. This case is gonna be with us for a while. https://t.co/V5oOSI8OVg
— Jeremiah Grossman (@jeremiahg) December 16, 2020
Please note: Starting Wednesday, December 16 at 8:00 AM PST, Microsoft Defender Antivirus will begin blocking the known malicious SolarWinds binaries. https://t.co/Uq5c9SPB2w
— ŋıŋʝąƈąɬ? (@RavivTamir) December 15, 2020
We’re making some updates to detections we released to alert customers about the presence of compromised binaries related to SolarWinds Orion Platform. Starting December 16 at 8:00AM PST, Microsoft Defender Antivirus will block these malicious binaries. https://t.co/HA8sGCjPLl
— Microsoft Security Intelligence (@MsftSecIntel) December 15, 2020
.. to those who refused to understand why I kept the focus on Microsoft specifically 365... do you get it NOW?
— File411 (@File411) December 15, 2020
this is really really bad
“Ensuring customers are protected from Solorigate
Microsoft 365 Defender Threat Intelligence Team”https://t.co/nxJhRUjsz6
Useful advice from Microsoft if you want Defender to protect you from the compromised SolarWinds software https://t.co/VWiuIP3aeg
— Alan Woodward (@ProfWoodward) December 16, 2020
Microsoft says it will quarantine backdoored SolarWinds apps https://t.co/pFWUH9WGgq
— Virus Bulletin (@virusbtn) December 16, 2020
Microsoft monitors the dynamic threat environment specific to a sophisticated attack that included compromised binaries re SolarWinds Orion. We have released detections that alert customers to the presence of these malicious binaries: isolate & investigate https://t.co/P1vDy0lnJG
— Russ McRee (@holisticinfosec) December 15, 2020
Hello, if you are a Solarwinds app, don't quickly do some bad stuff while you can before quarantine starts later today, okay? https://t.co/gAjfrPwzqx
— Martijn Grooten (@martijn_grooten) December 16, 2020
SolarWinds(Trojan:MSIL/Solorigate.BR!dha) の件、Microsoft Defenderでは影響を鑑み検出するが動作はブロックしませんでしたが、12/16 8AMから (アメリカ西海岸時間) 動作のブロックを開始します。SolarWinds利用中の方はサービス停止する可能性もありますのでご確認を。https://t.co/MxrVvPozuq
— Yurika (@EurekaBerry) December 16, 2020
Now the attackers "could use their access to disrupt operations, causing production stoppages or, worse, safety and environmental incidents." They may also have stolen top secret military schematics. https://t.co/L6iM6O1JyJ
— Karen Piper (@PiperK) December 16, 2020
Concerns Run High as More Details of SolarWinds Hack Emerge #Cybersecurity #security https://t.co/ORsPi9pvN9
— Bob Carver ✭ (@cybersecboardrm) December 16, 2020
#SolarWindsHack illustrates what a bad idea it is to intentionally build backdoors into encryption software. If govt can't keep its own networks & hacking tools secure, why should they build more holes into key internet infrastructure?https://t.co/78VcAowqCF
— unR̶A̶D̶A̶C̶K̶ted (@JesselynRadack) December 14, 2020
Russia’s #SolarWinds hack has similar name to NSA’s StellarWind & I’m prolly overthinking that it’s a shade-throwing homonym rather than a failure of imagination.https://t.co/78VcAowqCF
— unR̶A̶D̶A̶C̶K̶ted (@JesselynRadack) December 15, 2020
What year is it? No sftp or ftp over ssl. Old good FTP with passwords. LOL. @SolarWinds Leaked FTP Credentials through a Public GitHub Repo "mib-importer" since 2018 https://t.co/ndsvNkvukp
— The Best Linux Blog In the Unixverse ? (@nixcraft) December 16, 2020
The list of impacted US agencies continues to grow. I haven't come up for air since Sunday and didn't know NIH and the State Department were hit :( Really feeling for IT teams and responders this week. Great article @campuscodi & thanks for the mention! https://t.co/3WH6AQ8AQz
— Kyle Hanslovan (@KyleHanslovan) December 16, 2020
NEW: Following an internal audit, SolarWinds said no other products besides the Orion platform were compromised in the recent hack
— Catalin Cimpanu (@campuscodi) December 16, 2020
Company has also delivered on its promise and released an Orion update that removes traces of the SUNBURST malwarehttps://t.co/SSEi8aZ12n pic.twitter.com/qdZT7VKOpG
SolarWinds said no other products were compromised in recent hack https://t.co/5wIwSTbcb9 by @campuscodi
— ZDNet (@ZDNet) December 16, 2020
SolarWinds said no other products were compromised in recent hack https://t.co/njXDMx0Clu #WhiteCollarCrime #News #Crime #Ponzi #Fraud #ZeroDay #Embezzlement #Scams #COVID19 #CyberCrime #CyberSecurity #APT #TechNews #AI #Malware #Hackers #NewsThatMatters Please Retweet
— AJ Blackston - Financial IT Solutions Consultant (@AJBlackston) December 16, 2020
SolarWinds said no other products were compromised in recent hack | ZDNet https://t.co/Ls1vC0tLr8
— Ahmad Batebi (@radiojibi) December 16, 2020
“What happened at Lekki Toll Gate has all the traits of the Nigerian authorities’ pattern of a cover-up whenever their defence and security forces commit unlawful killings."
— Mazi Nnamdi Kanu (@MaziNnamdiKanu) November 3, 2020
We demand answers from the Nigerian government! #LekkiMassacre #EndSARS https://t.co/EASYFDWY6L
Terminally ill Washington elector breaks down after casting Biden vote: ‘I was glad to do my duty’https://t.co/XMtePMg86g https://t.co/XvtqIYV9O1
— Paula (@paulamoore) December 15, 2020
Trump knows he lost but the fools who believe trump can still be president come 2021, are donating millions to Trump who can use the money any way he wants. Don’t be a Trump fool. https://t.co/fV90llP7d3
— Linda Clarke ? (@LindaMLC) December 15, 2020
?BREAKING: California vote secures Biden/Harris WINNER OF THE 2020 ELECTION.
— Craigrm (@Craigrm5) December 15, 2020
Trump has emergency meeting with staff to discuss next step.https://t.co/DbXcsu6BgY pic.twitter.com/Zfx95oih9c
In this op-ed, @behl_natasha addresses the ongoing farmers' protest in India and its implications for democracy https://t.co/lDdj32THva#WomenAlsoKnowStuff
— womenalsoknowstuff (@womenalsoknow) December 14, 2020
In wake of SolarWinds breach, White House National Security Council activates emergency cybersecurity process to plan USG response. But Qs remain over how the suspected Russian hackers slipped past US counterintelligence & cyber defenses: @CyberScoopNews https://t.co/6uwsRILshl
— Shannon Vavra (@shanvav) December 16, 2020
Pull the Plug: CISA’s Emergency Directive on the SolarWinds Compromise https://t.co/WJaUEbvkOV my take on this rare @CISA occurrence for @ClearanceJobs #cyber #infosec #natsec #russia #SolarWinds
— Christopher Burgess (@burgessct) December 15, 2020
https://t.co/gRtdaB5HTh
— Marie Falcon (@MarieFalcon6) December 16, 2020
As the POtuS, why are you so silent about this, @realDonaldTrump ?
This is something that should have been addressed. But, like the Bounties that killed our Losers & Suckers, your silence screams your Guilt. Can't shirk it off as 'fake news', Jack.
Russian government hackers are believed to be responsible for infiltrating computer systems at multiple U.S. agencies in recent months — including the Pentagon, DHS and the U.S. Treasury, government agencies report.
— NPR (@NPR) December 16, 2020
Here's what key players are saying.https://t.co/YzD9biFXyQ
.@Microsoft to quarantine @SolarWinds apps linked to recent hack starting tomorrow.
— Fabrizio Bustamante (@Fabriziobustama) December 16, 2020
By @ZDNet #SolarWinds #itsecurity #Malware #CyberSecurity
Cc: @AudreyDesisto @archonsec@Corix_JC @alcgroup @PVynckier@robmay70 @AshokNellikar @ShiCooks @fogle_shanehttps://t.co/zjEh4Gu7Ue pic.twitter.com/zseEzIEifE
After showing only detection alerts, Microsoft said it plans to quarantine SolarWinds apps linked to recent hack starting tomorrowhttps://t.co/vD2bDfLiEJ pic.twitter.com/XbnhdRQ6YB
— Catalin Cimpanu (@campuscodi) December 16, 2020
Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow https://t.co/7HUb9j5KPS #security #hacking pic.twitter.com/qHfjqQL2rj
— Moix Security (@moixsec) December 16, 2020
Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow https://t.co/nAMgVKjTN4 #CyberSecurityNews #Cyber #CyberSecurity #CyberAttacks #CyberWar #APT #SecurityBreach #Malware #ZeroDay #Hacker #Breach Please Retweet
— AJ Blackston - Financial IT Solutions Consultant (@AJBlackston) December 16, 2020
Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow https://t.co/tcAjD9YH2t by @campuscodi
— ZDNet (@ZDNet) December 16, 2020
Microsoft announced today plans to start forcibly blocking and isolating versions of the SolarWinds Orion app that are known to have contained the Solorigate (SUNBURST) malware. https://t.co/T8XafCDiVT
— Adam Levin (@Adam_K_Levin) December 16, 2020
SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack https://t.co/kyPJVq6XkH #Cybersecurity #Cyberthreats
— Aghiath chbib (@AghiathChbib) December 16, 2020
"Microsoft takes control over one of the main domains used by SolarWinds hackers to communicate with the compromised systems.
— President-Elect ❤?? Trip Elix ? ?❤ (@trip_elix) December 16, 2020
Read — https://t.co/V0xCnN1W6X
Besides this, starting today at 8:00 AM PST, Windows OS will start blocking known malicious So… pic.twitter.com/TS4hVSmJWD"
Starting on Wednesday, December 16 at 8:00 AM PST, Microsoft Defender Antivirus will begin blocking the known malicious SolarWinds binaries. Read more here: https://t.co/Gemjq93r1f
— Milad Aslaner (@MiladMSFT) December 16, 2020
uhhhhh
— Keque? (@Keque_Mage) December 16, 2020
SolarWinds Leaked FTP Credentials through a Public GitHub Repo "mib-importer" since 2018https://t.co/RodACiGdA4
“What happened at Lekki Toll Gate has all the traits of the Nigerian authorities’ pattern of a cover-up whenever their defence and security forces commit unlawful killings."
— Mazi Nnamdi Kanu (@MaziNnamdlKanu) November 4, 2020
We demand answers from the Nigerian government! #LekkiMassacre #EndSARS https://t.co/puOpCI3mab
People affiliated with the French military used fake Facebook accounts to meddle in African politics, and tangled with Russian fake networks in an online battle for political influence in several nations. https://t.co/2MIc27Qg6E
— PEN America (@PENamerica) December 16, 2020
Within The @WashingtonPost is a team that builds our Article + Live News experiences on https://t.co/CSxHvkg8EM for millions of readers every day. Learn more as Engineer Lead @juliebaconator takes over our Instagram: https://t.co/k3Vjpxbnsk. #takeovertuesday #washpostlife pic.twitter.com/kmmQG21pFB
— WashPostLife (@WashPostLife) December 15, 2020
【続報】CISA 史上5番目の緊急司令
— 二本松哲也 (@t_nihonmatsu) December 17, 2020
ステルス・サプライチェーン攻撃はかなりの範囲に及ぶ、SolarWindsを利用する国家安全保障局、米軍の5つの支部すべて、および健康、テクノロジー、電気通信、メディア、金融の各セクターのエンティティを含む30万人の顧客などが含まれる。https://t.co/FhQPEg5Mb3
INBOX: New FBI/CISA/ODNI statement on SolarWinds breach: "we know this compromise has affected networks within the federal government." FBI adds it is gathering intelligence in order to "disrupt" the adversary. Background on @CyberScoopNews: https://t.co/6uwsRILshl pic.twitter.com/CBMjnz8I5r
— Shannon Vavra (@shanvav) December 17, 2020
The WH/NSC have activated an emergency response process to handle the hacking incident, respond to congressional inquiries & could touch on responses to degrade the adversary's capabilities by definition. So far, focused on finding who is compromised: https://t.co/6uwsRILshl
— Shannon Vavra (@shanvav) December 16, 2020
Senators press federal agencies for more information on Russian cyberattack | TheHill https://t.co/bV07aRcij6
— GoldenRule1 (@cooperchip1) December 16, 2020
Senators press federal agencies for more information on Russian cyberattack #CyberAttack https://t.co/GIpMSkmOnQ
— Bob Carver ✭ (@cybersecboardrm) December 16, 2020
Fallout from massive Russian hack of U.S. agencies continueshttps://t.co/VXNKk6evxj
— Mike Walker (@New_Narrative) December 16, 2020
Security experts, businesses and government agencies are continuing their work to understand the scope of a massive cyber attack, while the finger-pointing and blame game is also picking up steam.https://t.co/0CuAFSulZc
— Axios (@axios) December 16, 2020
The latest on Russia's #CyberAttack on America, the depth and scope of which has Intelligence and #NationalSecurity experts on edge. #hackers #CyberSecurity #DHS https://t.co/kFFhfuGzUE
— Robert Morton (@Robert4787) December 16, 2020
Microsoft to quarantine SolarWinds apps linked to recent hack: https://t.co/FoRhrJ55tE (By ZDNet's @campuscodi)
— Mary Jo Foley (@maryjofoley) December 16, 2020
SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack https://t.co/kDnwNndg47#CyberSecurity #digital #Hackers #infosec @reach2ratan #malware #cloud #cloudsecurity #dataprotection #Privacy #infosec #informationsecurity #cloudcomputing pic.twitter.com/F4vC304KUF
— Ratan Jyoti (@reach2ratan) December 16, 2020
Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware...https://t.co/QGbqVUojwe#technology #cybersecurity #hackers #hacks #cybercrime #cyberattack pic.twitter.com/SmJgpqsnnE
— RevBits (@RevBits) December 16, 2020
SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attackhttps://t.co/LiXR2D7QZQ#euroinformatica #cybercrime #CyberSecurity pic.twitter.com/vN8ClgTeQw
— Euro Informatica SpA (@euroinformatica) December 16, 2020