Discover and read the best of Twitter Threads about #SolarWinds

Most recents (24)

🚨BREAKING: hackers linked to #Russian🇷🇺intel have breached @USAID’s @ConstantContact account in an ONGOING ATTACK to send spearphishing emails to >3,000 accounts at >150 organizations—many such groups have been critical of Putin’s human rights violations.
nytimes.com/2021/05/28/us/…
Microsoft says #Nobelium is behind the attack—the same #Russian🇷🇺hackers behind the #SolarWinds hack that was the work of the SVR, a spinoff from the KGB.

The SVR was behind the hack of the @DNC in 2016, and attacks on the Pentagon, the WH email system and the State Department🤬
#Russia’s🇷🇺latest cyberattack began after @POTUS imposed new sanctions on #Russian individuals and assets for the #SolarWinds cyberattack—including restrictions on purchasing #Russia’s sovereign debt, making it more difficult for Russia to raise money & support its currency.
Read 5 tweets
Happening now: @US_CYBERCOM @CYBERCOM_DIRNSA and @DeptofDefense Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang testifying before #HASC subcommittee on on Cyber, Innovative Technologies, and Information Systems
"#China is the pacing threat for the department, including in #cyber operations" per @DeptofDefense Deputy Asst Sec Eoyang

"China uses cyber operations to erode US military overmatch and economic vitality, stealing US intellectual property & research"
"#Russia also continues to be a highly-sophisticated & capable adversary, integrating malicious cyber activities, including espionage & influence operations in mutually reinforcing ways" per Eoyang
Read 24 tweets
THREAD How worried should US/EU policymakers be about Russia’s harnessing emerging technologies like AI & machine learning (ML) to support its assertive foreign policy agenda? I dug into these issues for a new paper as part of Carnegie’s project, The Return of Global Russia 1/x
There’s no doubt the Kremlin’s ongoing campaign of mayhem (the war in #Ukraine, interference in the 2016 and 2020 US presidential elections, #SolarWinds, etc) has shown Russia’s operators are highly technically capable, operationally aggressive and innovative. 2/x
Part of what makes the Kremlin’s current calling cards so easy to spot—and more difficult to counter or deter—is a remarkable indifference to the knock-on effects of its behavior. This kind of operational art and bravado can mean more sometimes than pure technical chops. 3/x
Read 14 tweets
HAPPENING NOW: @POTUS talks #Russia after slapping #Moscow with what US officials described as sweeping sanctions for a variety of malign activities Image
"Earlier this week, I spoke w/President Putin of #Russia about the nature of our relationship" per @POTUS "I was candid & respectful. The conversation was candid & respectful - 2 great powers w/significant responsibility..."
"#Russia|ns & Americans are both proud & patriotic people" per @POTUS "And I believe the Russian ppl, like the American ppl, are invested in the peaceful & secure future of our world"
Read 18 tweets
NEW: "We believe we have the means to keep an eye on any terrorist threats or any sign of #alQaida's resurgence w/out having a persistent footprint on the ground" per @PressSec Jen Psaki
"The threat against the homeland now emanating from #Afghanistan can be kept to a level that can be addressed w/out that persistent footprint" per @PressSec, adding US "will retain significant assets in the region"

CT capabilities also being repositioned to counter any threat
Stable & predictable relationship w/#Russia "has to be our objective" per @PressSec "Obviously, this continues to be a difficult relationship. There are adversarial components..."
Read 5 tweets
In the second half of May, @POTUS will welcome #ROK President @moonriver365 to the @WhiteHouse, announces @PressSec.
Regional security will be a prominent issue in the meetings @POTUS will hold with leaders of #Japan and #ROK, according to @PressSec.
Several factors contributed to the "low to moderate confidence" in the intelligence assessment that #Russia encouraged bounties on US service members in #Afghanistan, says @PressSec.
Read 13 tweets
We are LIVE tweeting the keynote address by @BradSmi. Join us using #Raisina2021 #RaisinaDialogue
.@BradSmi: We often see nation state #cyberattacks that identify and develop new attack vectors, which are then pursued by #cybercriminals often for #ransomware that is putting at risk institutions we all rely on #Raisina2021
.@BradSmi: We also have 21st century digital arms merchants – companies that work contractually for govts. to create the code govts. want to put to work – adding to the risk situation #Raisina2021
Read 10 tweets
We are live tweeting the panel “Recoding Our Future: Looking Beyond the Digital Wars” with @vestager @NandanNilekani @MarietjeSchaake
Moderated by @samirsaran #Raisina2021 #RaisinaDialogue
.@samirsaran: In the absence of regulations and clear-cut rules of the road for #digital technologies, there are anxieties and tensions in need of a resolution. #Raisina2021
.@vestager: The EU's key concerns are 1) Creating a level playing field in the marketplace; 2) Insufficient enforcement of rules, that have for decades applied to the offline world, in the online world; & 3) Dignity of citizens in #democratic societies. #Raisina2021
Read 19 tweets
HAPPENING NOW: Senate Intelligence Committee's Hearing on Worldwide Threats

"We look to our intelligence agencies to provide their best & most objective analytic judgments" per Chairman @MarkWarner "...free of bias, & not “shaded” in any way to fit a particular policy or agenda"
"We're going to need to discuss the situation in #Afghanistan" per @MarkWarner, in introductory remarks...
voanews.com/south-central-…
"It's the one time a year where the American public & the members of Congress here in the Senate get an unvarnished presentation by an apolitical intelligence community of the real national security threats" per Vice Chair @marcorubio
Read 56 tweets
#Russia|n hackers did breach the email of the @DHSgov front office as part of #SolarWinds hack, former acting secretary Chad Wolf tells @Heritage

"They're all unclassified email accounts..." he adds
"The access is what I was most concerned about" former acting @DHSgov secretary Chad Wolf said of "when they told me, 'Hey, look, your account, 1 of your email accounts...could be hacked'"

"If they have the ability to do that, what else do they have the ability to do?"
"Just the fact that they're able to do that was my primary concern" per ex @DHSgov acting secretary Chad Wolf re #Russia-#SolarWinds hack

"The fact that they got my email & knew that I was running late to meetings or had a schedule change, not that big a deal" he tells @Heritage
Read 4 tweets
Pentagon on @POTUS' proposed $715 billion FY 2022 @DeptofDefense budget

It "will ensure the Department’s resources are matched w/our strategy & policy to defend the nation & take care of our people, while revitalizing the key alliances & partnerships" per @SecDef Lloyd Austin
$715 billion budget request prioritizes "the need to counter the pacing threat from #China" per @DeptofDefense, and "...deterring nation-state threats emanating from #Russia, #Iran, & #NorthKorea"
.@DeptofDefense says the $715 billion budget request also addresses "threats to readiness, including hate group activity within the military, and prioritizing strong protections against harassment and discrimination"
Read 15 tweets
Happening now: Senate Armed Services Committee hearing on @USSOCOM & @US_CYBERCOM
"We recognize that our counterterrorism operations, while still critical to protecting Americans fro the likes of #ISIS & #alQaida, must become even more sustainable & focus on the most pressing threats" per @DeptofDefense Acting Asst Sec for Special Ops Chris Maier
"SOF continue to deter & disrupt persistent threats by terrorist & extremist organizations" per @USSOCOM Commander, Gen Richard Clarke

"20 years of this fight has honed out capability & most importantly our resolve" he says, calling SOF approaches "effective and sustainable"
Read 22 tweets
#SolarWindsHack - @FBI focused on more precise attribution

"Understanding who conducted this activity, why & how so that we can create the widest possible range of responses for our policymakers to consider" #Cyber Division's Tonya Ugoretz tells lawmakers
"We find it is most powerful when we are able to say, w/detail & as transparently as possible, how exactly adversaries conducted this activity, & ultimately who was behind it" per @FBI's Ugoretz

"The effort to develop that information, investigatively continues"
"The majority of the activity appears to have been directed at the #UnitedStates" per @FBI's Ugoretz re #SolarWinds hack

"However, we are aware of instances & information shared with us from foreign partners where some of their networks were affected as well"
Read 7 tweets
Happening now: "We are tracking that event very carefully" @SecMayorkas tells House Homeland Security Committee of shootings in & around #Atlanta #Georgia that left 8 ppl dead, 6 of them women of Asian descent Image
#Cybersecurity: "As a 1st step, I have directed grant funding that will provide an additional $25 million for state & local entities across the country to increase their cybersecurity" per @SecMayorkas re: #SolarWinds, @Microsoft Exchange hacks
.@CISAgov "remains laser focused on protecting & providing assistance to federal civilian agencies & working w/the private sector" adds @SecMayorkas
Read 35 tweets
Happening now: Senate Intelligence Committee considers nomination of Amb. William Burns to lead @CIA

"You deserve a well-earned retirement, but your country still needs you" Chairman @MarkWarner tells Burns as hearing gets underway...
"After four years during which the expertise & judgment of America’s civil servants were at times belittled & discounted, the next director must lead & inspire patriotic professionals w/humility and compassion...& dispassionately judge the actions of adversaries" per @MarkWarner
"I'd like to hear how you plan to reinforce the credo, no matter the political pressure, no matter what, that @CIA’s officers will always do the right thing and speak truth to power" per @MarkWarner
Read 53 tweets
Happening now: Senate Intelligence Committee hearing on #SolarWinds hack

"Preliminary indications suggest that the scope & scale of this incident are beyond any that we’ve confronted as a nation, & its implications are significant" warns committee chairman @MarkWarner
"The reality is the hackers responsible have gained access to thousands of companies, and the ability to carry out far more destructive operation if they wanted to" per @MarkWarner

#SolarWinds hack
"While many aspects of this compromise are unique, the #SolarWinds Hack also highlights a number of lingering issues that we have ignored for too long" per @MarkWarner
Read 35 tweets
NEW: @solarwinds CEO Sudhakar Ramakrishna tells @CSIS there is "organizational commitment" to talk about the #SolarWinds hack

"It is our obligation to do so" he says in virtual discussion

Ramakrishna will be testifying before Congress Tuesday
"We can emerge as a stronger company... a stronger software community" per @solarwinds' Ramakrishna
1st priority for @solarwinds after hack was discovered was working w/clients & remediation

Also rapid focus on learning from incident, per CEO Ramakrishna
Read 4 tweets
1⃣♦️JUST IN - Suspected Chinese hackers exploited a flaw in software made by #SolarWinds to help break into US government computers last year, marking a new twist in a sprawling cybersecurity breach that US lawmakers have labeled a national security emergency (Reuters)‼️⬇️
2⃣♦️A former official said depending on the compromised data, "this could be an extremely serious breach".‼️⬇️
Read 4 tweets
Finishing up this session at #enigma2021 is from Trey Herr speaking about "BREAKING TRUST – SHADES OF CRISIS ACROSS AN INSECURE SOFTWARE SUPPLY CHAIN"

[ *cough* #SolarWinds #SolarWindsHack *cough* ]

usenix.org/conference/eni…
The software supply chain is huge and reaches everywhere.

In the US and elsewhere there's a lot of COTS (commercial off the shelf) software being used.

We don't build most of the software that we use, from mobile phones to container architechture.
Our mental models around supply chain (and regulatory architecture) are built around the hardware supply chain
Read 17 tweets
1/Dear legislators debating new ways to enhance confidence in elections: get rid of #BallotMarkingDevices and other expensive vulnerable voting tech. Voters don’t understand it. Losing side will always cry foul. Use more #HandMarkedPaperBallots and mandatory audits. Invest in
2/Better more accurate scanning technology and error tolerant manual counting methods (and training/assessment methods so they can be uniformly applied)
3/More transparent, less tech heavy ways of registering/authenticating voters
Read 7 tweets
The White House has told @sarasendek, the longtime head of public affairs for @CISAgov, that her services are no longer needed, Sara tells me. Today is her last day on the job.
As a political appointee, Sendek would have left government service by Jan. 20. But she was still actively helping run CISA's response to the #SolarWinds hack as well as the agency's work in support of the Georgia runoffs.
Sendek said she had planned to stay on the job in the coming days and that she was surprised to be asked to leave by the White House.
Read 5 tweets
#SUPERNOVA #SolarWinds malware is actually pretty boring. So boring in fact, I made a video.

Thread 👇
Adversaries have injected a call to a method called DynamicRun() into the existing LogoImageHandler class. An existing method, ProcessRequest() has been trojan'ed to accept 4 GET parameters passed to the Orion web API Image
These GET parameters are designed to contain

"code" - a blob of C# code which is then compiled
"clazz" - the name of a class which is to be instantiated
"method" - the name of a method to call within the clazz
"args" - supplied to the aforementioned method Image
Read 6 tweets
🚨🚨Clinton Foundation --> Solar winds connection

🧵Thread 👇👇👇

Clinton money runs very deep. They’ve been involved with elections since 2014.... How was the foundation allowed to fund "projects" dealing with elections even while Killary was running as president?
~1~The Clinton foundation is the source of many well funded activities that allows them to control everything. Barrick Gold Corp is relevant to #Solarwinds & the Delian Project to Dominion. I'll cover Barrick once I get to Newmont through UBS. We will focus on the Delian Project.
~2~“In 2014, Dominion Voting committed to providing emerging and post-conflict democracies with access to voting technology through its philanthropic support to the DELIAN Project, as many emerging democracies suffer from post-electoral violence due to the delay in the...
Read 36 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!