Press "Enter" to skip to content

SolarWinds and Exchange Hacks roundup

What I believe will be our last This Week in SolarWinds.  Let’s round up the few issues of the week.  

Microsoft this week outlined three new pieces of malware used in the breach, and have added the monikier “Nobelium” to the entire package.   These new variants were customized for specific kinds of networks, including a command and control backdoor, a payload downloader, and a process to find proxies and redirectors to access the C&C.

Cybersecurity firm Secureworks has found links between a piece of the attack and a threat actor operating in China. 

Also this week, the NY Times reported that the Biden administration has intent to retaliate against Russia and China.  The first moves are expected in the next three weeks.  

That bigger Exchange Server issue – at least 10 hacking groups are using it, per ESET.  The CISA says there are no federal agencies compromised.. so far.

Why do we care?

Are we prepared for an actual back and forth in cyber with Russia and China?   And we being “commercial providers”.    The landscape is continuing to get worse.

I’ll be rolling this coverage back into general cybersecurity news, because with the Exchange Server issue being even bigger, this has done exactly what I expected it to be… another marker on the continued breach journey.  

And I’ll leave you with this.. sobering thought.   A Breach shutdown Molson Coors this week.      They’re coming for the beer too, people.