SolarWinds laptop judge order litigation

SEC Sends Wells Notice to SolarWinds Executives

On June 23, 2023, SolarWinds revealed via an SEC Form 8-K filing that the U.S. Securities and Exchange Commission (SEC) notified the company that “certain current and former executive officers and employees ...
Security Boulevard

Beyond SolarWinds: 6 More Notable Software Supply Chain Attacks

SolarWinds has become almost a household name and for all the wrong reasons: beginning in 2019, the system management company was the target of one of the largest software supply chain attacks ...
digital trust experience GitGuardian reports leaked secrets

Protecting the Digital Experience

Optimizing digital experience is all the rage today, as the tech industry finally got religion about ensuring end customers—whether external buyers or internal employees—can seamlessly and simply do what they need to ...
Security Boulevard
MITRE Splunk DLL sideloading ransomware Iran cybersecurity attack Security

Software Supply Chain Attacks: Clear and Present Danger

More than a year after the SolarWinds Sunburst attack and most companies are still exposed to software supply chain attacks. In a study conducted by Argon Security at Aqua Security, it was ...
Security Boulevard
New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

Microsoft has issued another of its “look how clever we are” writeups of detecting APT29 hackers. But the U.S. government sees it differently ...
Security Boulevard
SEC-T 0x0D: Erik Hjelmvik - Hiding in Plain Sight - How the SolarWinds Hack Went Undetected

How the SolarWinds Hack (almost) went Undetected

My lightning talk from the SEC-T 0x0D conference has now been published on YouTube. This 13 minute talk covers tactics and techniques that the SolarWinds hackers used in order to avoid being ...
supply chain

Supply Chain Security – Not As Easy As it Looks

The massive exploit of SolarWinds is a prime example of what is called a “supply chain” vulnerability. The vast majority of those impacted by the Russian SolarWinds attack probably had never even ...
Security Boulevard
SolarWinds hackers

SolarWinds Hackers Targeting Government Agencies Via Email

Threat actor Nobeliumm, the state-backed Russian group of cybercriminals behind last year’s SolarWinds hacking campaign, has launched a new attack targeting government agencies, think tanks, consultants and non-governmental organizations, according to Microsoft ...
Security Boulevard
Finding SolarWinds / SUNBURST backdoors with Zeek, Suricata, & Corelight

Detecting CVE-2021-31166 – HTTP vulnerability

By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced ...
website Akamai JavaScript

Why You Should Start Caring About Oversharing

Today’s website owners are focused on building a great online experience for their users. Digital transformation is all about shifting how we do business and offer services – and today’s rich web ...
Security Boulevard