Security News

The U.S. government on Wednesday announced the launch of another bug bounty program conducted in collaboration with hacker-powered cybersecurity platform HackerOne. Hack the Army 3.0, whose goal is to help the U.S. Army secure its digital assets and protect its systems against cyberattacks, takes place between January 6 and February 17, and it's open to both millitary and civilian white hat hackers.

A class action lawsuit was filed on behalf of SolarWinds investors this week over the cybersecurity breach suffered by the Texas-based IT management solutions provider. The complaint names SolarWinds, as well as Kevin Thompson, who served as the company's CEO until just days before the incident was disclosed, and Barton Kalsu, executive VP and CFO of SolarWinds.

Top national security agencies confirmed Tuesday that Russia was likely responsible for a massive hack of U.S. government departments and corporations, rejecting President Donald Trump's claim that China might be to blame. The agencies made clear the Russian operation was "Ongoing" and indicated the hunt for threats was not over.

The Cyber Unified Coordination Group said today that a Russian-backed Advanced Persistent Threat group is likely behind the SolarWinds hack. The UCG was established by the National Security Council after the SolarWinds supply chain attack to help the intelligence agencies better coordinate the government's response efforts surrounding this ongoing espionage campaign.

The New York Times has an in-depth article on the latest information about the SolarWinds hack. Initial estimates were that Russia sent its probes only into a few dozen of the 18,000 government and private networks they gained access to when they inserted code into network management software made by a Texas company named SolarWinds.

It is believed that the recently disclosed attack targeting Texas-based IT management solutions provider SolarWinds resulted in threat actors gaining access to the networks of more than 250 organizations, according to reports. The New York Times reported over the weekend that the SolarWinds supply chain attack is believed to have impacted as many as 250 government agencies and businesses.

The email accounts of multiple members of parliament were compromised following a cyberattack as revealed today by the Parliament of Finland. "Some parliament e-mail accounts may have been compromised as a result of the attack, among them e-mail accounts that belong to MPs," Parliament officials said.

Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company's emails through compromised by Microsoft Azure credentials. While performing their investigation, CrowdStrike was told by Microsoft on December 15th that a compromised Microsoft Azure reseller's account was used to try and read CrowdStrike's emails.

United States secretary of state Mike Pompeo has laid the blame for the SolarWinds hack on Russia, but his boss begs to differ. The Associated Press reports that the White House was set to issue a Friday afternoon statement describing Russia as "The main actor" behind the incident, but that staff were told to stand down instead. At the time of writing the State Department, National Security Agency, White House, Cybersecurity and Infrastructure Security Agency, and president Trump all appear not to have attempted to reconcile the administration's conflicting view on the incident.

The SolarWinds supply chain attack and related hacksWhen the week before last FireEye said they've been breached by sophisticated attackers using a "Novel combination of techniques," we wondered what those were. We didn't have to wait long - news of the SolarWinds hack and the consequent revelations about the attackers using the company's products as a stepping stone towards compromising a slew of US government agencies and other targets have revealed some of the attackers' capabilities.