Sen. Ron Wyden says the US Treasury Department acknowledged that its email system used by senior leadership was breached by SolarWinds hackers beginning in July
a fact revealing how deeply Moscow burrowed into the Trump administration's networks. https://www.nytimes.com/... @nytimes : Breaking News: The Russian hackers who targeted U.S. agencies are said to have broken into the email system used by the Treasury Department's most senior leadership. The disclosure was the first acknowledgment of a specific intrusion in the cyberattack. https://www.nytimes.com/... @nytimes : As the U.S. government confronts a vast cyberattack believed to be from Russia, the Trump administration is being criticized over a proposal to split the leadership of the National Security Agency from the United States Cyber Command. https://www.nytimes.com/... @baris : Another payload, SuperNova, discovered in recent attacks might be performed by a different bad actor. Sunburst is more sophisticated with Solarwinds' digital certificate. This is not. Maybe be it's another nation-state, maybe it's a hacker group. 🤷🏻♂ ️ https://twitter.com/... @wsjpolitics : SolarWinds said that it traced activity from hackers back to at least October 2019 and that it is now working with security companies, law enforcement and intelligence agencies to investigate the attack. https://www.wsj.com/... Eric Geller / @ericgeller : “For...smaller or medium-size firms, [determining if they were hacked through SolarWinds] will be a difficult and expensive task that many are likely to ignore... “'They probably are just going to remove the backdoor and move on,' Mr. Alperovitch said.” https://www.wsj.com/... Senator Dick Durbin / @senatordurbin : Even on his way out the door, President Trump can't help but cower (once again) to Putin and refuse to accept the truth from even his own Secretary of State. https://twitter.com/... Drew Harwell / @drewharwell : Fascinating technical detail on the compromised file that launched the massive SolarWinds hack. It was built from the ground up to evade detection, incl. by running checks to make sure it wasn't on a test machine: https://www.microsoft.com/... https://twitter.com/...
Treasury “learned of the breach not from any of the government agencies whose job is to protect against cyberattacks, but from Microsoft” according to Sen Wyden, per new @SangerNYT @arappeport - - highlighting that with each new day's reporting, more & more questions raised. http…
According to @RonWyden, “Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.” @SangerNYT and @arappeport remind us “the Russian presence was not detected in the system for more than four months.” https://www.nytimes.com/...
Breaking: The Russian hackers who penetrated U.S. government agencies broke into the email system used by the Treasury Department's most senior leadership. https://www.nytimes.com/...
The Russian hackers who penetrated US gov't agencies broke into the email system used by the Treasury Department's most senior leadership—a fact revealing how deeply Moscow burrowed into the Trump administration's networks. https://www.nytimes.com/...
Breaking News: The Russian hackers who targeted U.S. agencies are said to have broken into the email system used by the Treasury Department's most senior leadership. The disclosure was the first acknowledgment of a specific intrusion in the cyberattack. https://www.nytimes.com/..…
As the U.S. government confronts a vast cyberattack believed to be from Russia, the Trump administration is being criticized over a proposal to split the leadership of the National Security Agency from the United States Cyber Command. https://www.nytimes.com/...
Another payload, SuperNova, discovered in recent attacks might be performed by a different bad actor. Sunburst is more sophisticated with Solarwinds' digital certificate. This is not. Maybe be it's another nation-state, maybe it's a hacker group. 🤷🏻♂ ️ https://twitter.com/...
The Supernova webshell and CosmicGale PS script might be related to exploitation of public-facing SolarWinds Orion installs using CVE-2019-8917 (https://t.co/...) See here: https://github.com/... https://twitter.com/...
Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack. Security researchers believe this malware is the result of a second hacking group targeting SolarWinds systems https://www.zdnet.com/... https:…
Confronted with a vast cyberattack believed to have been carried out by Russia, the Trump administration is reviving an old but hotly debated idea: Strip the general who leads U.S. Cyber Command of his second title as the director of the NSA. https://www.nytimes.com/...
SolarWinds said that it traced activity from hackers back to at least October 2019 and that it is now working with security companies, law enforcement and intelligence agencies to investigate the attack. https://www.wsj.com/...
“For...smaller or medium-size firms, [determining if they were hacked through SolarWinds] will be a difficult and expensive task that many are likely to ignore... “'They probably are just going to remove the backdoor and move on,' Mr. Alperovitch said.” https://www.wsj.com/...
Even on his way out the door, President Trump can't help but cower (once again) to Putin and refuse to accept the truth from even his own Secretary of State. https://twitter.com/...
Fascinating technical detail on the compromised file that launched the massive SolarWinds hack. It was built from the ground up to evade detection, incl. by running checks to make sure it wasn't on a test machine: https://www.microsoft.com/... https://twitter.com/...
From Cisco, Intel and VMWare to the likes of Kent State University and California hospitals: @WSJ identified infected computers at two dozen organizations that installed the tainted SolarWinds software, showing the wide reach of the suspected Russian hack https://www.wsj.com/...