Fed Cybersecurity Advisory Alerts to Abuse of Authentication Mechanisms
Health IT Security
The Department of Homeland Security is again urging organizations to review insights around the ongoing cyberattacks based around the SolarWinds' hack. The latest alert provides NSA guidance on the abuse of authentication mechanisms, as the extent of the malware attack rapidly expands.
The attacks are based on an exploit of a SolarWinds Orion Platform software update versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020. The threat actors hijacked the updates and installed malware, meaning that any customer that applied the update, installed a Trojan.
As a result, a massive range of public and private sector organizations have been hacked. The extent of which is still unclear.
The ongoing global supply-chain...