Securities and Exchange Commission (SEC) has opened a probe into the SolarWinds Orion cyber breach, focusing on whether some companies failed to disclose that they had been affected by the hack. Attorneys Offices via Microsoft Office 365: As part of the attack, hackers gained access to employees’ Microsoft Office 365 email accounts in 27 U.S. Lawsuit: SolarWinds urged a Texas federal judge to dismiss a lawsuit alleging the software company misled shareholders about its cybersecurity measures ahead of the Orion security brach.SEC Investigation: Dozens of corporate executives are fearful that information from an SEC probe into the SolarWinds hack could expose them to liability.federal agencies emerged with information about counter-intelligence investigations, policy on sanctioning Russian individuals and the country’s response to COVID-19. Spying Allegations: The suspected Russian hackers who used SolarWinds and Microsoft software to burrow into U.S.Read from the bottom up for chronological updates. federal government’s statements about the attack. The timeline below connects the dots between the original SolarWinds Orion hack how FireEye discovered the hacker activity SolarWinds’ response since learning of the attack and the U.S. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.SolarWinds Orion Hack: SUNBURST Security Incident Timeline This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners-in the public and private sectors-to assess their exposure to this compromise and to secure their networks against any exploitation.” “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately. WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |