Special Report: SolarWinds Breach, Day Four
Killswitch developed, FBI, CISA and ODNI issue statement, Bossert says remediation effort will be staggering, FireEye employee reportedly duped into revealing credentials, Einstein was useless, more
The news on the SolarWinds breach only modestly receded yesterday as security companies and government agencies alike continued to take action to mitigate the fallout of what most experts say is the most devastating surveillance campaign uncovered in the United States. To recap, a major supplier of network monitoring software SolarWinds got breached when Russian state hackers implanted “Sunburst” spying malware into an update for one of SolarWinds’ products called Orion.
A potentially giant step was made to halt the infections when a key malicious domain used to control potentially thousands of compromised computers was commandeered by Microsoft and FireEye and used as a killswitch to prevent Sunburst from continuing to operate.
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.