IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Solarwinds software was hacked then the distro proceeded into govt systems
"Science is the belief in the ignorance of the experts" – Richard Feynman
New Now DHS..
WaPo


The Department of Homeland Security is the third federal agency to have fallen victim to a major cyberespionage campaign by the Russian government, joining the Treasury and Commerce departments as targets that have been compromised, officials said Monday.
The list of victims is expected to grow and to include more private companies, said officials and others familiar with the matter, who spoke on condition of anonymity because the matter is under investigation.
The fact that the department charged with safeguarding the country from physical and cyber attack was victimized underscores the campaign’s significance and calls into question the adequacy of federal cybersecurity efforts.
DHS spokesman Alexei Woltornist said that DHS is aware of reports of a breach and is currently investigating the matter. The compromise of that agency was first reported by Reuters.
Russia has denied any role in the attacks.

New Maybe they (and especially NSA) should spend more time on defense instead of attacks
Is cybersecurity the exception to the rule that the best defense is a strong offense?
--

Drew
New have you met security folks? Theatre mostly
soon as I heard I shut the systems off then called the sec folks
they started whining about I didnt have paperwork to do that
"Science is the belief in the ignorance of the experts" – Richard Feynman
New There is a fix.
The Register: Backdoored SolarWinds software, linked to US govt hacks, in wide use throughout the British public sector
SolarWinds' customers are being urgently advised by the firm to upgrade to Orion Platform version 2020.2.1 HF 1 "as soon as possible to ensure the security of your environment."
Alex

"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."

-- Isaac Asimov
New The true fix
Throw out all the computers and start over from scratch. Given how hackable UEFI has been shown to be, I wouldn't trust a single computer to not start phoning home even if they do a full wipe & reload.
use std::option::sig
New What business are these crackers in?
https://forums.theregister.com/forum/all/2020/12/16/solarwinds_github_password/
In a message to The Register, Kumar said that on November 19, 2019, he told SolarWinds "their update server was accessible with the password 'solarwinds123' which is leaking in the public Github repo. They fixed the issue and replied to me on [November 22]. But that Github repo was open for two to three weeks before I reported."

Unconfirmed, but if true, I have this sinking feeling that may not have been the only account that password :-/
New security and monitoring software tools are very lackadasial when it comes to security and monitoring
"Science is the belief in the ignorance of the experts" – Richard Feynman
New (If you Know this: "why haven't you committed seppuku, rather than staying-on? quietly")
..someone might ask; (I wouldn't; calls for facts not in evidence)
*cough*.
New I point out the foibles to the pecksniffs
"Science is the belief in the ignorance of the experts" – Richard Feynman
New Krebs' reporting on these things always seems to be good and level-headed.
https://krebsonsecurity.com/2020/12/solarwinds-hack-could-affect-18k-customers/

[...]

The breach at SolarWinds could well turn into an existential event for the company, depending on how customers react and how SolarWinds is able to weather the lawsuits that will almost certainly ensue.

“The lawsuits are coming, and I hope they have a good general counsel,” said James Lewis, senior vice president at the Center for Strategic and International Studies. “Now that the government is telling people to turn off [the SolarWinds] software, the question is will anyone turn it back on?”

According to its SEC filing, total revenue from the Orion products across all customers — including those who may have had an installation of the Orion products that contained the malicious update — was approximately $343 million, or roughly 45 percent of the firm’s total revenue. SolarWinds’ stock price has fallen 25 percent since news of the breach first broke.

Some of the legal and regulatory fallout may hinge on what SolarWinds knew or should have known about the incident, when, and how it responded. For example, Vinoth Kumar, a cybersecurity “bug hunter” who has earned cash bounties and recognition from multiple companies for reporting security flaws in their products and services, posted on Twitter that he notified SolarWinds in November 2019 that the company’s software download website was protected by a simple password that was published in the clear on SolarWinds’ code repository at Github.

[ tweet image ]

Andrew Morris, founder of the security firm GreyNoise Intelligence, on said that as of Tuesday evening SolarWinds still hadn’t removed the compromised Orion software updates from its distribution server.

[ tweet image ]

Another open question is how or whether the incoming U.S. Congress and presidential administration will react to this apparently broad cybersecurity event. CSIS’s Lewis says he doubts lawmakers will be able to agree on any legislative response, but he said it’s likely the Biden administration will do something.

“It will be a good new focus for DHS, and the administration can issue an executive order that says federal agencies with regulatory authority need to manage these things better,” Lewis said. “But whoever did this couldn’t have picked a better time to cause a problem, because their timing almost guarantees a fumbled U.S. response.”


(Emphasis added.)

:-/

Cheers,
Scott.
New tl;dr: The National Incompetence Q. is not confined merely to obv. political: it is Everywhere.
     Putin-hacking of Duh-US Govt et al--summarized with latest bucket-list - (Ashton) - (13)
         Solarwinds software was hacked then the distro proceeded into govt systems -NT - (boxley) - (12)
             Now DHS.. - (Ashton) - (4)
                 Maybe they (and especially NSA) should spend more time on defense instead of attacks - (drook) - (3)
                     have you met security folks? Theatre mostly - (boxley) - (2)
                         There is a fix. - (a6l6e6x) - (1)
                             The true fix - (InThane)
             What business are these crackers in? - (scoenye) - (3)
                 security and monitoring software tools are very lackadasial when it comes to security and monitoring -NT - (boxley) - (2)
                     (If you Know this: "why haven't you committed seppuku, rather than staying-on? quietly") - (Ashton) - (1)
                         I point out the foibles to the pecksniffs -NT - (boxley)
             C&C domain has been seized and blackholed - (drook) - (2)
                 Krebs' reporting on these things always seems to be good and level-headed. - (Another Scott) - (1)
                     tl;dr: The National Incompetence Q. is not confined merely to obv. political: it is Everywhere. -NT - (Ashton)

Worth getting into a flame war on the New York Times crossword blog.
76 ms