| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 149431 | 2020-12-16 02:39:00 | Solarwind Hack | 1101 (13337) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 1473696 | 2020-12-16 02:39:00 | Solarwind hacked . IT techies will recognise that Brand/service krebsonsecurity.com Its just becoming more & more of a cluster as time goes on. They were warned a year ago : did nothing . allegedly They did nothing about hacked downloadables on their ftp server . allegedly They had their ftp server password easily obtainable : allegedly The hack has affected many US Govt depts . Possible (possible) Russian Govt involvement . www.wsj.com Now reports of insider trading, investors sold off shares before they went public & share value plummeted . allegedly so : add to all this , insider trading . That has possible jail terms for investors . The US takes Insider Trading very seriously . www.washingtonpost.com This is going to get very messy for the companies & investors involved . :badpc: |
1101 (13337) | ||
| 1473697 | 2020-12-16 18:54:00 | Oh Dear, They were warned a year ago : did nothing . allegedly One would think if big companies like them get a warning they would do something about it, but like so many, its not till something happens they get their A into G and then have to go into repair mode. |
wainuitech (129) | ||
| 1473698 | 2020-12-18 02:36:00 | More on this story -- Someone really stuffed up --- www.msn.com (www.msn.com F39OI8yrs2c5aMW3mg) | wainuitech (129) | ||
| 1473699 | 2020-12-18 03:37:00 | Here's a short TLDR courtesy Reddit user ToranMallow: "It was a supply chain attack on a network monitoring product called Orion that gets used all over the place in big organizations. Bad guys created some malware that was served up as an update from SolarWind's own servers, signed by their own cryptographic key. It would look like a valid update on a trusted product and likely got installed without much of a second thought. The problem is that most networks are set up to allow Orion to access almost everything. It has to be able to reach out and communicate with anything it is trying to monitor. Firewalls would all be set to allow the traffic as completely trusted, etc. It's bad. Real bad." www.sans.org |
zqwerty (97) | ||
| 1 | |||||