Here is the article.
I purchased 200 shares of SWI stock, and I like to look into possible loss in next six months or rebound.
- Treasury department
- VMWare
Treasury Department
The SolarWinds hackers seized upon a Microsoft flaw to infiltrate the email system used by the U.S. Treasury Department’s senior leadership, The New York Times reported Monday. Dozens of Treasury email accounts were compromised, including those in the departmental offices division, where the most senior officials operate, Sen. Ron Wyden, D-Ore., told The New York Times.
Hackers gained access to the Treasury’s email system in July by manipulating internal software keys, and the breach came to light from Microsoft, which runs much of Treasury’s communications software. Once the hackers used Orion to get inside Treasury’s systems, they performed a complex step in Microsoft’s Office 365 system to create an encrypted token that identifies a computer to the larger network.
That tricked the system into thinking the hackers were legitimate users, meaning the hackers were able to sign on without having to guess user names and passwords. Microsoft said last week that it fixed the flaw the Russians were exploiting, but that didn’t address whether the hackers had used their access to bore through other channels into either the Treasury Department or other systems, the Times reported.
VMware
A VMware vulnerability that allowed access to protected data and federated authentication abuse was used by the SolarWinds hackers to attack high-value targets, KrebsOnSecurity reported last Friday. The U.S. National Security Agency (NSA) warned on Dec. 7 that a flaw in the software of Palo Alto, Calif.-based VMware was being used by Russian hackers to impersonate legitimate users on breached networks.
In order to exploit this vulnerability, the NSA said hackers would need to be on the target’s internal network, which KrebsOnSecurity pointed out would have been the case in the SolarWinds hack. VMware told CRN that it has received no notification or indication that this vulnerability “was used in conjunction with the SolarWinds supply chain compromise.”
After being tipped off to the flaw by the NSA, VMware released a software update Dec. 3 to plug the security hole. While some of VMware’s own networks used vulnerable versions of SolarWinds’ Orion network monitoring platform, the company told CRN that an investigation has thus far revealed no evidence of exploitation.
No comments:
Post a Comment