Dark Reading

Echoes of SolarWinds in New 'Silver SAML' Attack Technique

After the threat actor behind the SolarWinds attack compromised the company's Orion network management product and leveraged it to break into target enterprise networks, the group often used a ...
Computerworld

Does Microsoft share blame for the SolarWinds hack?

Critics, including a prominent U.S. senator, are pointing fingers at Microsoft for not warning customers about the Golden SAML security hole. Doing so might have headed off SolarWinds. Editor’s note: ...
Metro US

Microsoft failed to shore up defenses that could have limited SolarWinds hack: U.S. senator

SAN FRANCISCO (Reuters) – Microsoft Corp’s failure to fix known problems with its cloud software facilitated the massive SolarWinds hack that compromised at least nine federal government agencies, ...
ZDNet

Microsoft: How 'zero trust' can protect against sophisticated hacking attacks

The variety of techniques used by the SolarWinds hackers was sophisticated yet in many ways also ordinary and preventable, according to Microsoft. To prevent future attacks of similar levels of ...
CRN

10 Boldest Statements From The SolarWinds Senate Hearing

Senators and tech executives discussed how the SolarWinds hackers used AWS’ infrastructure, took advantage of Microsoft’s authentication process, dwelled in FireEye’s systems and remained undetected ...
CSOonline

Hardening Active Directory against SolarWinds-type attacks

The SolarWinds attackers took advantage of Active Directory to gain a foothold. Here's what configurations and policies to check to better protect your network. The SolarWinds/Solorigate attacks used ...
ZDNet

Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass

Microsoft has warned that the hacking group behind the 2020 SolarWinds supply chain attack have a new technique for bypassing authentication in corporate networks. The trick, a highly specialized ...