.png "back to home page")
I hope you will have a chance to read our view on it too: https://t.co/07WbMvIsyn
— Maxim Shafirov (@mshafirov) January 7, 2021
Your work at Rational was an inspiration for many of us
Investigators examining whether JetBrains, software company founded by 3 Russian engineers in Czech Republic with research labs in Russia, was used as pathway for hackers to insert backdoor into SolarWinds code. JetBrains is used by developers at 300,000 businesses, including SW https://t.co/W0kpgUkJFo
— Kim Zetter (@KimZetter) January 6, 2021
Grady, I'd suggest you contrast information before sharing. There's no evidence to this. Here's our statement. https://t.co/gpleMpWWZt And if you want an article with more substance, https://t.co/4SFZuP2ZL8
— Hadi Hariri (@hhariri) January 7, 2021
Investigators are still not certain how JetBrains relates to the larger SolarWinds hack, whether it was a parallel way for Russia's attackers to get into government and private systems, or whether it was the original pathway for Russian operatives to first penetrate SolarWinds.
— Nicole Perlroth (@nicoleperlroth) January 6, 2021
Exclusive: JetBrains, an obscure software company founded in Russia, based in the Czech Republic, is being investigated as playing a role in the Russian hack. Among its customers are SolarWinds, Google, Siemens, HP, VMWare with @sangernyt @julianbarnes https://t.co/rpEG4N7VK6
— Nicole Perlroth (@nicoleperlroth) January 6, 2021
JetBrains says “SolarWinds has not contacted us with any details regarding the breach and the only information we have is what has been made publicly available.” https://t.co/Tr3IkK9Qpl
— Runa Sandvik (@runasand) January 6, 2021
I asked DOJ if AG Barr’s account was accessed, whether any non-O365 accounts were affected and if DOJ is hunting for any other backdoors potentially left behind.
— Brian Fung (@b_fung) January 6, 2021
DOJ declined comment except to say it does use non-O365 email in some contexts but only O365 accounts were hit.
JetBrains is not a household name but is used by 79/ Fortune 100. The product under investigation is TeamCity, which is used by developers to build and test their software. By planting a backdoor in TeamCity, Russia's hackers could have thousands of SolarWinds-style backdoors.
— Nicole Perlroth (@nicoleperlroth) January 6, 2021
JetBrains says there is nothing to indicate their software was compromised or was used to compromise SolarWinds and no one has suggested this to them directly or contacted them to investigate https://t.co/UMsCAGmYKR
— Kim Zetter (@KimZetter) January 7, 2021
When SolarWinds broke, it was backed with detailed context, indicators, and analysis. I know some will disagree but speculation like this about JetBrains without concrete, actionable information is a huge source of uncertainty and confusion. https://t.co/YHEwBb0VAT
— Matt Graeber (@mattifestation) January 7, 2021
What a bummer for fans of great IDEs. Back to vim? https://t.co/PaW323ddzt
— parker (@pt) January 7, 2021
The Justice Department says up to 3 percent of the agency’s Office 365 email accounts were accessed in connection with the SolarWinds hack, which DOJ characterizes as a “major incident”: https://t.co/1qWFd4VGXZ
— Brian Fung (@b_fung) January 6, 2021
Is it the way it usually works that one finds out about own investigation from the press? https://t.co/tEV9A0Xxvm
— Maxim Shafirov (@mshafirov) January 6, 2021
It's almost like people should sit down & understand the technologies before jumping to conclusions. FWIW I explicitly pointed out CI/CD as a scalable vector for supply chain attacks in 2015, and even then I was probably a few years too late to the party.https://t.co/6EVirU9U93
— chrisrohlf (@chrisrohlf) January 6, 2021
New: The Justice Department now confirms it has been affected by the SolarWinds hack, says around 3 percent of Microsoft Office email accounts may have been potentially compromised. pic.twitter.com/OBVcTvoFy4
— Dustin Volz (@dnvolz) January 6, 2021
DOJ announces that it was compromised as part of the SolarWinds hack.
— Eric Geller (@ericgeller) January 6, 2021
The hackers accessed roughly 3% of DOJ employees' Microsoft Office email accounts, according to a statement.
"We have no indication that any classified systems were impacted." pic.twitter.com/APyB1uH0rp
Confirming this. Investigators believe hackers gained access to a TeamCity server used by SolarWinds to build software products, but it is unclear how this system was accessed.
— Dustin Volz (@dnvolz) January 6, 2021
“We’re not aware of any breach,” JetBrains CEO Maxim Shafirov said.https://t.co/8vycbe1EjN https://t.co/L5vNtRZuUn
?? -> JetBrains -> SolarWinds -> ??
— האקר סטנדרטי (@IdoNaor1) January 7, 2021
Supply chain #matryoshka https://t.co/VdsDFV9f5F pic.twitter.com/aBhJpdEqbP
Deleted previous Twitter thread as it contained some incorrect information. Also updated the coverage on the JetBrains statement. Correction at the bottom. A big thank you to everyone for letting me know <3https://t.co/SfMlOmvRg3 pic.twitter.com/W5tE1FNG9D
— Catalin Cimpanu (@campuscodi) January 7, 2021
SolarWinds 피해를 입어 고객에게 공격을 수행했다는 가설을 미국이 조사중이라는 NYT, WSJ 보도에 대해 JetBrains가 부인했습니다. 보도는 CD/CI 도구인 팀시티도 노려졌다고 보고 있으나 JB는 블로그에 SolarWinds가 고객이라고 했고, 해킹 가능성을 완전히 부인하지는 않음https://t.co/aQRMrvgR98
— 라루얀 / 말썽쟁이 구운 경단 ? (@LaruYan) January 7, 2021
JetBrains denies being involved in SolarWinds hack https://t.co/ipR4S7qmvC #hacking #infosec pic.twitter.com/kQ2xRoiDSj
— Moix Security (@moixsec) January 7, 2021
U.S. Department of Justice admits its #Microsoft Office 365 email server was also compromised as part of the #SolarWinds supply chain attack.
— Mohit Kumar (@unix_root) January 7, 2021
Read details: https://t.co/hiEiTWGkho#infosec #cybersecurity
U.S. Department of Justice admits its #Microsoft Office 365 email server was also compromised as part of the #SolarWinds supply chain attack.
— Swati Khandelwal (@Swati_THN) January 7, 2021
Read details: https://t.co/zzD4qqgA1t#infosec #cybersecurity
"RT @TheHackersNews: U.S. Department of Justice admits its #Microsoft Office 365 email server was also compromised as part of the #SolarWinds supply chain attack.
— President-Elect ❤?? Trip Elix ? ?❤ (@trip_elix) January 7, 2021
Read details: https://t.co/hSRSKDomAm#infosec #cybersecurity"
NYT, Reuters, etc., adds to the murk around JetBrains TeamCity and security; of anonymous sources and unclarity around what if anything happened here.
— Stephen Hoffman (@HoffmanLabs) January 7, 2021
The whole “anonymous” path used for these (leaks, rumors, smear, actual breaches?) reeks oddly, too.https://t.co/CMZoRD42Bv https://t.co/N2eTdCSUEs
The U.S. failed to execute its cyberstrategy — and Russia pounced. Even the best playbook is useless if you don’t follow it
— Alfons López Tena (@alfonslopeztena) January 6, 2021
By @robknake https://t.co/dkqEUoIXkj
The U.S. Failed to Execute Its Cyberstrategy—and Russia Pounced https://t.co/85AHrk6gTe via @ForeignAffairs
— Profa054 (@profa054) January 7, 2021
The U.S. Failed to Execute Its Cyberstrategy—and Russia Pounced | Foreign Affairs
— Rambo Torruella (@RamboTJr) January 6, 2021
# #cybersecurity #cyberdefense #cyberwarfare #infosec https://t.co/acDVK1HWdM
The U.S. Failed to Execute Its Cyberstrategy—and Russia Pounced https://t.co/UdCH8ZqkZH via @ForeignAffairs
— THE TAO OF NOW (@InTheNoosphere) January 6, 2021
Widely Used Software Company May Be Entry Point for Huge U.S. Hacking
— Yashar Ali ? (@yashar) January 7, 2021
Russian hackers may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic, to gain access to federal government and private sector systems in the US https://t.co/ppEeq4TOf7
Ken Thompson's Turing award lecture showed how to use a compiler to insert a undetectable Trojan horse. https://t.co/sqMb8FMaHe
— Lance Fortnow (@fortnow) January 7, 2021
Think the Russians were listening? https://t.co/xTz0syNBlo
If I read the article correctly, then according to the NYT there was a software vulnerability in one of JetBrains software products that popped up during the investigation of the Solarwinds supply chain infection.
— Stefan Soesanto (@iiyonite) January 6, 2021
The piece has a few ... oddities: https://t.co/loOIE3hHLw
Please listen closely. It’s bigger than you think. This article describes Pluto level concerns. The reality is a Jupiter sized crisis. You guys don’t get it, yet. https://t.co/NxZsBBquBJ
— Chris Vickery (@VickerySec) January 7, 2021
In case you missed it yesterday, the Justice Department joined the list of federal agencies that Russians hackers hit https://t.co/xQ3GOz7DBb
— Max Kutner (@maxkutner) January 7, 2021
Meanwhile.... https://t.co/JoI9F2t3KV
— Jeff Stein (@SpyTalker) January 7, 2021
Happened yesterday but flew under the radar
— SugahRush ?? (@MissNikkiNY) January 7, 2021
Justice Department also hit by Russian hackers - The Washington Post https://t.co/R6ya7OQiAs
Justice Department becomes latest known victim of Russian hackers https://t.co/T6X1ejsYU3
— Post Politics (@postpolitics) January 6, 2021
Justice Department also hacked by Russians in the ongoing cyberespionage campaign, officials said https://t.co/9ZmOQjQvvx
— jespanol (@nypapajoe) January 6, 2021
.@solarwinds hackers accessed DOJ emails, no indication they reached classified systems.
— Fabrizio Bustamante #CES2021 (@Fabriziobustama) January 7, 2021
By @CNBC #CyberSecurity #Hackers #infosec #Government
Cc: @PawlowskiMario @avrohomg@archonsec @gvalan @mclynd @missdkingsbury @AudreyDesisto@PVynckier @Corix_JChttps://t.co/ZrP4y2e7Wp pic.twitter.com/XYNJywkjWV
SolarWinds hackers accessed DOJ emails but there's no indication they reached classified systems https://t.co/QzDjzpAHvk
— CNBC (@CNBC) January 6, 2021
Department of Justice Statement on Solarwinds Updatehttps://t.co/REux9ANb9N
— ?Rabitt ✌️?? (@CuriousRabitt) January 7, 2021
DOJ statement on Solarwinds update - Jan 6, 2020.
— Jr nsam 57 ~ ✌ (@_Sm1ttyjr) January 6, 2021
"The Department has determined that the activity constitutes a major incident under the Federal Information Security Modernization Act, and is taking the steps consistent with that determination."https://t.co/mH9LeQuVxO pic.twitter.com/tnqU3qh9oe
BREAKING: The Russian cyberattack on American government and corporate computer systems compromised @TheJusticeDept email systems as well. The contents of thousands of unclassified DOJ email accounts were accessed https://t.co/ujOWoWn6cz
— AltScalesOfJustice (@AltScalesOfJust) January 6, 2021
Department of Justice Statement on Solarwinds Update
— Manuel Atug (@HonkHase) January 6, 2021
..#SolarWinds incident that has affected multiple federal agencies and technology contractors, among others. This activity involved access to the @DeptJusticeIRL #Microsoft #O365 email environment. ?https://t.co/W7QqHX0OGw
The #Software company, founded by Russian engineers in the #CzechRepublic with research labs in Russia, was breached and #hackers inserted back doors into the software of #technology companies, the biggest #breach of U.S. networks in history. https://t.co/CfGJyEQgOs
— Robert Morton (@Robert4787) January 8, 2021
Meanwhile: JetBrains' CI/CD tool TeamCity may be "entry point" for SolarWinds hack? Just wow.
— Arie van Deursen (@avandeursen) January 6, 2021
“Compromising and introducing a back door into a build environment such as TeamCity is the holy grail of a supply chain hack”https://t.co/kSvxk0GFZB
Widely Used Software Company May Be Entry Point for Huge U.S. Hacking #Cybersecurity #security https://t.co/YLW5KJu9Pp
— Bob Carver ✭ (@cybersecboardrm) January 6, 2021
Russian Software Company May Be Entry Point for Huge U.S. Hack https://t.co/h2DLbDawvv #cybersecurity
— Naveed Hamid (@NaveedHamid) January 6, 2021
This sort of clickbait headlines don't suit a media outlet of the NYT's calibre. The whole story, devoid of any substance, is a mishmash of baseless speculations and hearsay. Classy stealth editing though. https://t.co/hNeCbbjNEw pic.twitter.com/0g9G5YPQoR
— G. Geshev (@munmap) January 7, 2021
Justice Department also hacked by Russians in the ongoing cyberespionage campaign, officials said https://t.co/k9JzhHsOWZ #DOJ #Russiahack #Russia #FBI #Hack #hacker #cybersecurity #cybercrime
— AEGIS (@AegisSecurityPI) January 6, 2021