35 Burst results for "Solar Wind"

Energy agency: 'Radical action' needed to hit climate goals

AP News Radio

00:42 sec | 2 months ago

Energy agency: 'Radical action' needed to hit climate goals

"The international renewable energy agency says the world must take radical action to shift away from fossil fuels Francesco let Kamera the director general of Irena says nations should invest five point seven trillion dollars annually in solar wind and other forms of clean power this decade to ensure the global warming doesn't pas stages thresholds of the measures proposed in the three hundred forty eight page report on the global energy transition include improving energy efficiency increasing electrification capturing carbon emissions and expanding the use of hydrogen gas I'm Charles de Ledesma

Irena Francesco Charles De Ledesma
 Microsoft: Russia behind 58% of detected state-backed hacks

AP News Radio

00:45 sec | 8 months ago

Microsoft: Russia behind 58% of detected state-backed hacks

"Microsoft's digital defense report shows Russia is responsible for a majority of the state sponsored hacks it is detected in the past year Microsoft says Russia accounted for fifty eight percent of the hacks mainly targeting government agencies and think tanks in the U. S. followed by Ukraine Britain and European NATO members the effectiveness of the solar winds hack which mainly breaches information technology systems boosted the success rate of Russian hacks from twenty one percent the previous year two thirty two percent China meanwhile accounted for only eight percent of the hacking attempts that Microsoft detected but successfully broke into targeted networks forty four percent of the time I'm

Russia Microsoft U. Ukraine Nato Britain China
Report Details Problems With and Solutions for Supply Chain Attacks

Cyber Security Today

02:12 min | 10 months ago

Report Details Problems With and Solutions for Supply Chain Attacks

"It departments need to assess the cybersecurity maturity of the software and hardware products. They buy. That's the recommendation of the european union agency for cybersecurity which looked at the increasing number of cyber attacks that are going through the supply chain. These include attacks on applications like microsoft exchange solar winds o. Rien and most recently kosei say through one supplier and attacker can spread malware too many unfortunately. It departments have to rely on the trustworthiness vendors which means not only end user organizations. Have to be tougher on suppliers. Creators of hardware and software products have to be tough on their cyber security and application development processes so the report says buyers should document their suppliers define risk levels for each and monitor them for risks and threats software and hardware developers should ensure their infrastructure and processes can't be manipulated. There's a full linked to the report which looks at twenty four supply chain attacks in the text version of this podcast at it world. Canada dot com. Here's one of the latest examples of a possible and unusual vector for a supply chain attack. A hospitals pneumatic tube system. A warning has gone out to hospitals using the swiss log. Trans logic t. s. pneumatic tube system for distributing lab specimens and medications the software running. The system has critical vulnerabilities. They were discovered by a security firm called armies. It says the problems could allow an attacker to take over the systems control panel disrupt the system and hold the hospital to ransom. Another possibility is data theft of sensitive patient health. Information swiss log says vulnerabilities could only be leveraged if an attacker i gets into the hospitals. It system

European Union Agency For Cybe Kosei Microsoft Canada
How SolarWinds Hacked the Justice, State, Treasury, Energy and Commerce Departments

60 Minutes

01:57 min | 11 months ago

How SolarWinds Hacked the Justice, State, Treasury, Energy and Commerce Departments

"Last year in perhaps the most audacious cyber attack in history russian military. Hackers sabotaged a tiny piece of computer code buried in a popular piece of software called solar winds as we first reported in february the hidden virus spread to eighteen thousand government and private computer networks by way of one of those software updates. We all take for granted after it was installed russian agents when rummaging through the digital files of the us departments of justice state treasury energy and commerce among others and for nine months they had unfettered access to top level communications court documents even nuclear secrets. I think from a software engineering perspective. It's probably fair to say that this is the largest and most sophisticated attack. The world has ever seen brad. Smith is president of microsoft. He learned about the hack. After the presidential election this past november by that time the stealthy intruders had spread throughout the tech giant's computer network and stolen some of its proprietary source code used to build it software products more alarming. How the hackers got in piggybacking on a piece of third party. Software used to connect manage and monitor computer networks. What makes this so momentous. One of the really disconcerting aspects of this attack was the widespread and indiscriminate nature of it. This attacker did was identify. Network management software from a company called solar wins. They installed malware into an update for a solar winds product when that update went out to eighteen thousand organizations around the world. So did this. Malware

Us Departments Of Justice Stat Brad Smith Microsoft
Longest Day of the Year Monday as Summer Solstice Approaches

AP News Radio

00:46 sec | 1 year ago

Longest Day of the Year Monday as Summer Solstice Approaches

"NASA says summer solstice in the northern hemisphere will officially happened Sunday night it means Monday will be the longest day of the year the farther north you are in the northern hemisphere the longer the day NASA's Alex young says the earth has a tilt orbiting around the sun during its yearlong orbit some parts of the earth are facing towards the sun and summer facing away from the side NASA has several mentioned studying our son hoping to answer decades old burning questions about the inner workings of our nearest star we have purposed solar pro which is flying through the sun's atmosphere giving us up close and personal look and there is the solar orbiter which will be able to take the first images of the sun's poles as well as investigate the Haley a spear and solar wind I'm a Donahue

Nasa Alex Young Haley
Canadians Still Fall for Windows Support Scams

Cyber Security Today

01:44 min | 1 year ago

Canadians Still Fall for Windows Support Scams

"Canadians are getting smarter in refusing to fall for windows tech support scams. These are scans. Were callers pretend to be from microsoft or its partners and claim your computer is infected or they caused messages to pop up asking users to phone a window support number. The goal is to get victims to pay for fake windows fixes according to a briefing for reporters last week by microsoft's digital crimes unit microsoft gats six thousand complaints a month from people around the world about these scams in canada last year. It got just under two thousand two hundred complaints. The good news is that's almost half as many complaints as we're filed in twenty eighteen and that's partly because cybersecurity awareness. Education is succeeding. The bad news is is that of the complaints. Canadians filed last year. Fourteen percent or about three hundred people fell for the scam. Paid money to the crux so a lot of people haven't learned microsoft. Won't phone you. Microsoft partners won't phone you. Microsoft won't make alerts pop up on your screen asking you to phone them. The threat group microsoft nicknames nobel bellingham is added again. this is believed to be a russian based gang. That was behind the attack last year on solar winds in report last week microsoft said it discovered a new series of nobel ian attacks these target more than one hundred fifty organizations mostly in the united states

Microsoft Canada Bellingham IAN United States
Microsoft Says Russian-Backed Hackers Are Behind Another Cyberattack

News, Traffic and Weather

00:33 sec | 1 year ago

Microsoft Says Russian-Backed Hackers Are Behind Another Cyberattack

"Says Russia wasn't behind the latest cyber attack on the U. S. Learning more about what appears to be another Russian cyber attack on the U. S government. According to Microsoft, hackers targeted 3000 email accounts to try to burrow into human rights groups and organizations that have been critical of Putin. The U. S has not confirmed that Russia is responsible, but Microsoft says it's the same group that was behind solar winds. The massive Russian cyber attack last year. Targeting at least seven U. S. Government agencies and major U S company. ABC is Mary Bruce.

U. S Government Russia U. Microsoft Putin U. S. Government ABC Mary Bruce
Microsoft Says Russian Hackers Launched New Global Attack

All Things Considered

02:07 min | 1 year ago

Microsoft Says Russian Hackers Launched New Global Attack

"Russian hack of the U. S government by a group that may have already broken into government systems, which Raises the question. Why does this keep happening? Earlier today, Microsoft announced that hackers linked to Russian intelligence infiltrated an email account at the U. S Agency for International Development or U S. A. I. D Hackers then use that account to target as many as 150, other government development and human rights organizations globally. Chris Painter is president of the Global Forum on Cyber Expertise and joins us now welcome. Maybe her So Microsoft Cyber Security officials attributing this attack to a Russian based group called Nobel Liam and says that they've also seen some overlap with another Russian group called Cozy Bear, which was behind the solar winds attack last year. I mean, how do experts determine who's responsible? Well, they look at a range of things, and I think Microsoft looked at what the tactics and procedures of this group did followed. Some of the electronic evidence also looked at motives. And we certainly have seen Askew mentioned no shortage of Russian government sponsored malicious activity online. And this is just the latest chapter of that, right. OK, So what was the key weakness that these hackers exploited in this case like like? Was it a pretty sophisticated breach? Well, unlike the solar winds attack an intrusion that was very sophisticated, not really seen before. This one is really old school. It seems to be the same actors. The cozy bear actors as they're called. Bear because it's Russia, and they've been involved in election interference activity, so it went activity. But here they basically used what's called fishing. Which is this simply sending out false emails pretending to be from in this case, US the idea Government agency. Two people. People think those emails or trusted because they look like they're from that agency. They click on them. They click on a little length that talks about something that's in that email In this case, it was reported about election interference. And that downloads some malicious code. Some malware as they called it

U. S Government U. S Agency For International Chris Painter Global Forum On Cyber Expertis Microsoft Nobel Liam Russian Government Askew Russia United States
Russia Appears to Carry out Hack Through System Used by U.S. Aid Agency

NBC Nightly News

01:38 min | 1 year ago

Russia Appears to Carry out Hack Through System Used by U.S. Aid Agency

"A high stakes summit between president biden and russian president vladimir putin just weeks away in urgent new crisis at the forefront. Another hacking against the us government. Being blamed on. Russia are pete. Williams has the latest on the investigation. The latest attack at the state department's agency for international development. Usa id which distributes america's foreign aid the hackers inserted malheur that sent what appeared to be genuine usaid emails to more than one hundred fifty recipients including human rights groups and other organizations that have been critical of russia's president vladimir putin in a blog post microsoft says the attack came from a threat actor called no bellingham originating from russia the same group behind the huge solar wind attack that targeted the department of homeland security energy commerce defense treasury and state and thousands of america's businesses the. Us government has said no belgium's hacking is the work of russia's foreign intelligence service. This time microsoft says it systems blocked most of the militias emails and mark them as spam but the russian attack comes less than three weeks before president biden is scheduled to meet putin in geneva. We need clear. Rules of nation state conduct in cyberspace and then clearly stated consequences for violations of those rules. Last month biden imposed modest sanctions on russia for the solar winds attack but said he was prepared to take further action. If the hacking didn't stop security experts say this latest attack was intended to gather intelligence on putin's opponents but it was still going on within the past few days suggesting. us sanctions haven't made much difference.

President Biden Vladimir Putin Agency For International Devel Russia United States Department Of Homeland Securit Us Government State Department Pete Microsoft Williams Bellingham Belgium Putin Geneva Biden
Russian Hackers Target Aid Groups in New Cyber-Attack

Make Me Smart with Kai and Molly

01:04 min | 1 year ago

Russian Hackers Target Aid Groups in New Cyber-Attack

"Yet. Russia appears to be hacking american companies. And also the us government the experts believe and this comes from microsoft and it's their system that got hacked. They should know that. Russian actors have somehow infiltrated an email system. Used by a us aid a us aid agency. Excuse me and then use that to send out emails to companies that vat and other government agencies that agency interact with and planted malware and let access into those computers and hugh go again. I think the really interesting part of this is not the technical stuff but is the fact that after solar winds president biden Took some action took you know small portion of action and said listen. I don't wanna ratchet things up. And i don't want to escalate things and the russians said we're gonna escalate this you sent because And and that's that's we're in a cyber. I hate this tit-for-tat because it's lazy but but that's where we are and that's no good

Us Government President Biden Russia Microsoft United States
SolarWinds hackers are at it again, Microsoft says

The Ramsey Show

00:18 sec | 1 year ago

SolarWinds hackers are at it again, Microsoft says

"Or again trying to hit government computers. Microsoft says the state back to Russian cyber spies that carried out the solar winds hacking campaign are responsible for launching a targeted spear, phishing assault on U. S and foreign government agencies and think tanks this week, But the Kremlin said it had no information. And on the attack. Fox is Brett

Microsoft U. Kremlin FOX Brett
What You Need to Know About the FireEye Hack

Planet Money

01:55 min | 1 year ago

What You Need to Know About the FireEye Hack

"You're on the breaking news. Investigative team here at npr. And you've spent months working on this story. So why don't you just pick up where we left off a with kevin mandy the ceo of fireeye. Right he's realized there's somebody who's not an employee who's inside their network and that's a problem so we had several weeks where i'm sitting there going boy. I wonder how they broke in. And it is a terrible nag dina. What's responding to a breach anywhere whether your own house or someone else's house and you don't know how broken so fire is in the business of trying to figure out exactly that kind of thing and that's what other companies typically pay them to do and what they do is they try to think back to. What the earliest evidence of compromise could be. You know like where they might have seen some sort of stranger in their network or where that stranger could come in and they trace this back literally for weeks and they think it all started with some software from a company called solar wizz so at that point the only logical conclusion that i drew was sump. Draw the solar wind server solar winds. We know now. That's what this big that this whole story is about came to be called the solar winds hack and i'm going to be honest with you. I've been sort of following that story. But i don't think i've ever really understood. Like what is solar winds. What is solar winds is a software company and they make a bunch of different kinds of software. But the one. That's at the center of this story is a software they make to manage computer networks cry so nothing to do with either the sun or the wind from thinking alternative energy. I'm entirely in the wrong universe entirely in the wrong. I have no idea what kind of how they came up with the name. But can i can tell you is that. It's what's called network management software. This is what. It people use basically so they can keep an eye on the entire network

Kevin Mandy Fireeye NPR
SolarWinds Back in the Headlines

Techmeme Ride Home

02:05 min | 1 year ago

SolarWinds Back in the Headlines

"Microsoft reporting that the solar winds hackers are back and they've hacked e mail systems used by the state department's international aid agency in order to attack human rights groups and other organizations critical of russia's president vladimir putin remember. We don't know how long the solar winds hackers were in the various systems. They penetrated last year. And we don't know what sort of booby traps and heidi holes. They installed for themselves for later use. Perhaps this is that coming home to roost quoting the new york times. Hackers linked to russia's main intelligence agency surreptitiously seized an e mail system used by the state department's international agency to bro into the computer networks of human rights groups and other organizations of the sort that have been critical of president vladimir putin microsoft corporation disclosed on thursday. The newly disclosed attack was also particularly bold by breaching. The systems of a supplier used by the federal government. The hackers sent out genuine looking emails to more than three thousand accounts across more than one hundred fifty organizations that regularly received communications from the united states. Agency for international development. Those e mails went out as recently as this week and microsoft said it believes the attack are ongoing. The email was implanted with code. That would give the hackers unlimited access to the computer systems of the recipients from stealing data to infecting other computers on a network. Tom burke eighteen vice president wrote on thursday night. The original solar winds attack went undetected by the us government for nine months until it was discovered by a cybersecurity firm. In april president biden said he could have responded far more strongly to the attack but quote chose to be proportionate because he did not want to quote kick off a cycle of escalation and conflict with russia and quote the russian response nonetheless seems to have been escalation. The malicious activity was underway as recently as the past week that suggests that the sanctions and whatever additional covert actions. The white house carried out in response to the solar winds hack part of a strategy of creating seen and unseen costs for moscow has not choked off the russian government's appetite for disruption

International Aid Agency State Department Bro Into The Computer Networks Microsoft President Vladimir Putin Russia Vladimir Putin Agency For International Devel Heidi Us Government The New York Times President Biden Tom Burke United States White House Russian Government Moscow
SolarWinds Hackers Are at It Again, Targeting 150 Organizations, Microsoft Warns

Frank Beckmann

00:26 sec | 1 year ago

SolarWinds Hackers Are at It Again, Targeting 150 Organizations, Microsoft Warns

"Solar winds attack last year. Now launching another major cyberattack. Microsoft is warning and a block post that over that this hacking group targeted over 150 organizations worldwide. Most of them right here in the U. S. They did this last week. It included government agencies think tanks, consultants in non governmental organizations. Taking a look at Wall Street

Microsoft
SolarWinds Hackers Are At It Again, Targeting 150 Organizations

Frank Beckmann

00:26 sec | 1 year ago

SolarWinds Hackers Are At It Again, Targeting 150 Organizations

"Solar winds attack last year. Now launching another major cyberattack. Microsoft is warning and a block post that over that this hacking group targeted over 150 organizations worldwide. Most of them right here in the U. S. They did this last week. It included government agencies think tanks, consultants in non governmental organizations. Taking a look at Wall Street

Microsoft
SolarWinds Hackers Have Launched New Campaign, Microsoft Says

Bloomberg Daybreak

00:13 sec | 1 year ago

SolarWinds Hackers Have Launched New Campaign, Microsoft Says

"The Russian hackers behind the solar winds campaign have escalated their attacks on U. S federal agencies think tanks and non governmental organizations. As part of intelligence gathering efforts on behalf of their government in major league

U.
Director of Russia’s Foreign Service Denied Responsibility for SolarWinds Hack

BBC Newshour

02:04 min | 1 year ago

Director of Russia’s Foreign Service Denied Responsibility for SolarWinds Hack

"The S V R says allegations his agency has been launching cyber attacks against the West are absurd and pathetic. Washington holds the SPR responsible for the giant solar winds hack that infiltrated a string of US federal agencies. The SVR chief has been speaking to our Moscow correspondent Steve Rosenberg. Journalist We peer with partial in Australia should not least one of Russia's most closely guarded buildings. The country's spy chief tells me how lucky I am. You were the first foreign journalist allowed in here, so gain a risk in, says Looking around, he adds, these walls have witnessed the planning of great operations. There's one operation in particular. I've come here to talk about. Mr Nourish Skins Agency. The SPR has been accused of carrying out the largest cyber espionage operation the world to scene. Now it's six hackers broke into computer networks of US federal agencies, including the commerce and Treasury departments. One of the most sophisticated cyber security breaches in American history investigators. The attack is widely blamed by cyber experts on Russia buying searching malicious code into a software update from the company. So the winds Hackers gained access to a T least nine U. S government agencies, including the Pentagon, Homeland Security and the State Department. The White House named the SPR as the perpetrator. So will its director. Admit to such an audacious operation Me a bullet. Bert Listener was losing the key. I think you might be flattered to hear such an assessment of the work of the Foreign Intelligence Service, which I run such a high evaluation. But I don't have the right to claim the creative achievements off others as my own spot in Italy this way, But when the U. S administration says it has traced the attack To a

SPR Steve Rosenberg Mr Nourish Skins Agency SVR Commerce And Treasury Departme Russia Moscow Washington United States Australia Bert Listener U. Pentagon Homeland Security State Department White House Foreign Intelligence Service U. S Administration Italy
Biden announces sweeping new Russia sanctions

PBS NewsHour

01:23 min | 1 year ago

Biden announces sweeping new Russia sanctions

"Announced a series of tough new sanctions against Russia today as the historic adversaries confront one another yet again in cyberspace and on the ground in Europe and beyond. The sanctions target individuals and the state itself. Despite today's move, Mr Biden tried to strike a conciliatory tone at the White House this afternoon. United States is not looking to kick off a cycle of ex escalation and conflict with Russia. We want a stable, predictable relationship. Throughout our long history of competition, Our two countries have been able to find ways to manage tensions and to keep them from escalating out of control. We're also areas where Russia the United States can and should work together. And for more. Here's John Yang. Judy. The administration says today's sanctions are in response to three things. The Russian interference and the 2020 presidential election. Solar winds the big Russian cyber espionage campaign, which the White House officially said today for the first time was carried out by Russian foreign intelligence and for Russian actions in Ukraine. Sanctions target. More than three dozen individuals and entities seek to make it harder for Russia to borrow money on international financial markets and expelled 10, Russian diplomats from the United States.

Mr Biden Russia John Yang United States White House Europe Judy Ukraine
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

04:51 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"You might remember that epa scale done considerably but some people were still there in person. Who is the first dr peter you try to get a oculus quest two. We should get one to sarah to. I don't want one of these. But yeah no i'm all for the the virtualization of say yes and and the big pictures I i'm really looking forward to waking up and putting on pajamas and going and watching seven different announcements in aurora. Rather than like joining those cues in in mandalay bay at four in the morning to make sure you get a say in time. i'm all for it. Bring on bring on virtual everything and it's been good. Sorry go on. Sarah i was i was going to say the virtual you said oculus quest. I have one. I one of my favorite things to do is you that. There's a lot of drone footage where you kind of like get to fly over italy and stuff and look around and it definitely is. It feels like you're flying. Kind of but i mean it's not really the same as like having jet pack on my back and flying over italy so i wonder how the reporters will either. You know re say like this farm equipment seems really great because of the vr experience that we were gotten because we actually didn't get to do a lot of testing in person But it sounds like. It's probably just pretty good marketing keith. You looking forward to a virtual cas. I'm virtual been at out of. Aws reinvent was literally three weeks. I think in still going on today. put on a virtual event earlier this year. I'm i'm ready to see people in real life. I'm never thought i'd say this. I missed vegas. Whoa that's that's a now. We know that. Now we know the the recovery for missing vegas. Oh man conversely i was like i don't have to go to vegas and i know this is like a very new worlds well. It sounds like keith virtually exhausted. I'm sorry man all right. Let's check out the mailbag. let's do it. This one comes from daniel. Daniel has a question that i think probably a lot of other people are also asking. He says disney plus going up one dollar per month. Not all that bad for all that we're going to get one thing that is always bothered me though. And that's i wonder about the effect of all the people who share passwords. I have co workers. I have customers where daniel works that share with many family members. A coworker on netflix. For example has a co worker that he works with hedge net flicks hulu amazon prime disney plus. Hbo max pays for none of them and their shared with eight other family..

dr peter mandalay bay italy epa aurora vegas sarah keith Sarah daniel disney Daniel netflix hulu amazon Hbo
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

04:51 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"You might remember that epa scale done considerably but some people were still there in person. Who is the first dr peter you try to get a oculus quest two. We should get one to sarah. I don't want one of these. But yeah no i'm all for the the virtualization of say yes and and the big pictures I i'm really looking forward to waking up and putting on pajamas and going and watching seven different announcements in aurora. Rather than like joining those cues in in mandalay bay at four in the morning to make sure you get a say in time. i'm all for it. Bring on bring on virtual everything and it's been good. Sorry go on sarah. No i was. I was going to say the virtual you said oculus quest. I have one i. One of my favorite things to do is you that. There's a lot of drone footage where you kind of like get to fly over italy and stuff and look around and it definitely is. It feels like you're flying. Kind of but i mean it's not really the same as like having jet pack on my back and flying over italy so i wonder how the reporters will either. You know re say like this farm equipment seems really great because of the vr experience that we were gotten because we actually didn't get to do a lot of testing in person But it sounds like. It's probably just pretty good marketing keith. You looking forward to a virtual cas. I'm virtual event at out of. Aws reinvent was literally three weeks. I think in still going on today. i put on a virtual event earlier this year. I'm i'm ready to see people in real life. I'm never thought i'd say this. I missed vegas. Wow that's that's a now. We know that now. We know the the recovery for missing vegas. Oh man conversely. I was like i don't have to go to vegas and i know this is like a very new worlds well. It sounds like keith virtually exhausted. I'm sorry man all right. Let's check out the mailbag. let's do it. This one comes from daniel. Daniel has a question that i think probably a lot of other people are also asking. He says disney plus going up one dollar per month. Not all that bad for all that we're going to get one thing that is always bothered me though. And that's i wonder about the effect of all the people who share passwords. I have co workers. I have customers where daniel works that share with many family members. A coworker on netflix. For example has a co worker that he works with hedge. Netflix hulu amazon prime disney plus. Hbo max pays for none of them and their shared with eight other family..

dr peter sarah mandalay bay italy epa aurora vegas keith daniel disney Daniel Netflix hulu amazon Hbo
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

04:50 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"You might remember that epa scale done considerably but some people were still there in person who is the first job. Peter you try to get a oculus quest two. We should get one to sarah to. I don't want one of these. But yeah no i'm all for the the virtualization of say yes and and the big pictures I i'm really looking forward to waking up and putting on pajamas and going and watching seven different announcements in aurora. Rather than like joining those cues in in mandalay bay at four in the morning to make sure you get a say in time. i'm all for it. Bring on bring on virtual everything and it's been good. Sorry go on. Sarah i was i was going to say the virtual you said oculus quest. I have one. I one of my favorite things to do is you that. There's a lot of drone footage where you kind of like get to fly over italy and stuff and look around and it definitely is. It feels like you're flying. Kind of but i mean it's not really the same as like having jet pack on my back and flying over italy so i wonder how the reporters will either. You know re say like this farm equipment seems really great because of the vr experience that we were gotten because we actually didn't get to do a lot of testing in person But it sounds like. It's probably just pretty good marketing keith. You looking forward to a virtual cas. I'm virtual been at out of. Aws reinvent was literally three weeks. I think in still going on today. put on a virtual event earlier this year. I'm i'm ready to see people in real life. I'm never thought i'd say this. I missed vegas. Wow that's that's a now. We know that. Now we know the the recovery for missing vegas man conversely i was like i don't have to go to vegas and i know this is like a very new worlds well. It sounds like keith virtually exhausted. I'm sorry man all right. Let's check out the mailbag. let's do it. This one comes from daniel. Daniel has a question that i think probably a lot of other people are also asking. He says disney plus going up one dollar per month. Not all that bad for all that we're going to get one thing that is always bothered me though. And that's i wonder about the effect of all the people who share passwords. I have co workers. I have customers where daniel works that share with many family members. A coworker on netflix. For example has a co worker that he works with hedge. Netflix hulu amazon prime disney plus. Hbo max pays for none of them and their shared with eight other family..

mandalay bay italy epa aurora vegas sarah Peter keith Sarah daniel disney Daniel Netflix hulu amazon Hbo
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

04:50 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"You might remember that epa scale done considerably but some people were still there in person. Who is the first dr peter you try to get a oculus quest two. We should get one to sarah to. I don't want one of these. But yeah no i'm all for the the virtualization of say yes and and the big pictures I i'm really looking forward to waking up and putting on pajamas and going and watching seven different announcements in aurora. Rather than like joining those cues in in mandalay bay at four in the morning to make sure you get a say in time. i'm all for it. Bring on bring on virtual everything and it's been good. Sorry go on. Sarah i was i was going to say the virtual you said oculus quest. I have one. I one of my favorite things to do is you that. There's a lot of drone footage where you kind of like get to fly over italy and stuff and look around and it definitely is. It feels like you're flying. Kind of but i mean it's not really the same as like having jet pack on my back and flying over italy so i wonder how the reporters will either. You know re say like this farm equipment seems really great because of the vr experience that we were gotten because we actually didn't get to do a lot of testing in person But it sounds like. It's probably just pretty good marketing keith. You looking forward to a virtual cas. I'm virtual been at out of. Aws reinvent was literally three weeks. I think in still going on today. put on a virtual event earlier this year. I'm i'm ready to see people in real life. I'm never thought i'd say this. I missed vegas. Wow that's that's a now. We know that now. We know the the recovery for missing vegas. Oh man conversely. I was like i don't have to go to vegas and i know this is like a very new worlds well. It sounds like keith virtually exhausted. I'm sorry man all right. Let's check out the mailbag. let's do it. This one comes from daniel. Daniel has a question that i think probably a lot of other people are also asking. He says disney plus going up one dollar per month. Not all that bad for all that we're going to get one thing that is always bothered me though. And that's i wonder about the effect of all the people who share passwords. I have co workers. I have customers where daniel works that share with many family members. A coworker on netflix. For example has a co worker that he works with hedge net flicks hulu amazon prime disney plus. Hbo max pays for none of them and their shared with eight other family..

dr peter mandalay bay italy epa aurora vegas sarah keith Sarah daniel disney Daniel netflix hulu amazon Hbo
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

02:38 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"This solar winds is Distributing the to the point that my pc gets it that i trust that update. It is equivalent to apple or microsoft or any other trust at enterprise company or consumer company. You ask you for an update and getting malware. Instead i assume that solar winds like any other company has methods in place to try to prevent this from happening. What what are the possibilities that failed. This is This is quite frankly. Scary solar winds is a proper enterprise. It company three hundred thousand customers of four hundred and twenty five of the top five hundred the their their government customer sold their code is getting audited they go through all the rigors of this place so much sold that i've read the one of the reasons why it wasn't detected was because solar wind specifically requested that you not scan is directories for malware viruses. Because is so trusted. Sold the what's scary about the heck. I i've worked enterprise. It for over twenty years and one of the things that we do an enterprise it for a product like solar winds or ryan which basically you know checks other systems is the email server is the database. Server is the services running on that up. If it's not up we'll lert administrator there so trusted that we get exceptions for that security skiing and we're confident that solar winds from a security perspective can be absorbed from securities. Can't so this is. This is about as bad as it gets. I mean seems like a juicy target for someone to go after. It takes very sophisticated attack. That do it though right. It takes a super sophisticated attack and then to jump off fireeye. If you're not familiar with it basically. I have to implement this when i worked for department of housing and urban development as a Federal contractor basically is the key so keen on it. It sits on the edge of the network and field goals through all the traffic leaving these agencies. you cannot get an exception. You have a network connection. It has fire on it so for them to hop from solar winds and compromise. Fireeye as a as a advanced attack. This is not you know and one-two-three this is pretty serious..

lert microsoft apple ryan skiing department of housing and urba
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:33 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Orion network management platform as a network management platform called orion from a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it so winds has three hundred thousand customers worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers federal reserve the defense department the state department. The us secret service. The national security administration thirty three thousand of those customers use the orion platforms. Not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed the malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford. Single sign on tokens which would let them impersonate privileged accounts which allow them to grant new credentials to themselves and gain high level access. The attackers were able to track authentication controls and access office three sixty five at the national telecommunications and information administration. We're definitely monitored emails..

Orion network microsoft martin booz allen hamilton national security administrati Solar wind orion defense department us state department federal reserve cc Orion ryan ford national telecommunications an
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:36 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Com a breach in the orion network management platform as a network management platform called orion From a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:36 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Com a breach in the orion network management platform as a network management platform called orion from a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:36 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Com a breach in the orion network management platform as a network management platform called orion from a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:36 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Com a breach in the orion network management platform as a network management platform called orion from a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:33 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Com a breach in the orion network management platform as a network management platform called orion from a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:33 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Com a breach in the orion network management platform as a network management platform called orion from a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:30 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"A breach in the orion network management platform as a network management platform called orion from a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind orion defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:16 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Com a breach in the orion network management platform as a network management platform called orion From a company called solar winds has led to attacks on fire. The fire i attack. We talked about last week. Microsoft and several us government agencies. Solar wind said sunday that updates to its orion platform that happened between march and june may have carried malware as a result of a sophisticated nation states supply chain attack. Solar winds says microsoft noted. It noted it notified it of a compromise to solar winds office. Three sixty five accounts. It's not sure if that's how the supply chain attack was carried out but it's investigating. Solar winds did call for all orion customers to update to its latest version immediately. That'll partially mitigate this and it plans an additional patch tuesday to fully defend against it. So they're wins has three hundred thousand customers. Worldwide including most of the fortune five hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers. The federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford..

microsoft martin booz allen hamilton pricewaterhouse coopers national security administrati Solar wind defense department us federal reserve cc Orion ryan ford
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

03:13 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Hundred companies in the us lockheed martin booz allen hamilton pricewaterhouse coopers federal reserve the defense department the state department the. Us secret service. The national security administration. Thirty three thousand of those customers use the orion platforms not all three hundred thousand but a large number and solar winds believes that eighteen thousand of them installed. The malware infected versions. Now not all thousand were targeted but even a small percentage. That's a lot of targets cd. Net reports that administrators are finding signs of the malware on their orion systems. But few are reporting. The second stage payload that would be used to elevate access so it's believed the attackers targeted specific customers around the world fire. I for example announced. The intrusion in its network reported last week was caused by the solar winds breach. It has published detection rules on. Get hub That you can access if you need them. Microsoft confirmed the solar winds compromising security alert to its customers and provided countermeasures including detection. Rules added to defend her The us cybersecurity and infrastructure agency or cc issued an emergency directive instructions on how all federal civilian agencies can detect an analyze compromise systems and advise them to shut down. Orion's he said vises. All hosts monitored by ryan to be treated as compromised until you're certain otherwise fireeye calls the malware sunburst if you're out there looking around uc sunburst. That's what that refers to although microsoft has dubbed it salora gate so we we have a couple of different ways to refer to it. The attack worked by entering the network through the orion vulnerability however it got in there and then gaining elevated credentials once it was in your network that let attackers ford. Single sign on tokens which would let them impersonate privileged accounts which allow them to grant new credentials to themselves and gain high level access. The attackers were able to track authentication controls and access office three sixty five at the national telecommunications and information administration. We're definitely monitored emails. It probably did that in other places as well fire. I says that each attempted intrusion needed what they called meticulous planning and manual interaction. This wasn't a set it and forget it blast. This was done intentionally to the targets. It affected fire. I says the victims have included government consulting technology telecom and extractive entities north america europe asia and the middle east. So it's not just the us government we anticipated. There are additional victims and other countries in verticals says fire fireeye and yeah the. Us government appears to be one of them. Reuters sources saying that network intruders accessed internal email traffic of the us department of treasury and commerce and possibly other agencies. The us commerce department confirmed a breach and said that cease and the fbi are investigating and the national security council reportedly met on saturday to discuss this issue. So this is big. It affects a lot of companies. It affects a lotta governments. It affects highly sensitive information. It seems to be meant to gather intelligence by going after email. Communications but let. Let's start with the way it got there. The supply chain attack. Can you explain to us. What a supply chain attack is.

martin booz allen hamilton national security administrati defense department Us state department federal reserve Microsoft Orion cc national telecommunications an ryan us department of treasury ford us commerce department us government north america middle east asia Reuters europe
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

02:56 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Itself app. Annie ranks dubs smash number two behind tiktok and the. Us is short form. Video markets popular. Dubs mashes been downloaded more than three hundred fifty million times read. It also cited the apps diverse user base as a major factor seventy percent of dubs nashes users are female and it claims quote about twenty five percent of all black teams in the us. Use the service dubs nashville operate as its own entity and brand within read it with its entire team and three co founders stain on board but it will integrate dubs mash video creation tools in to read it read introduced native video on its platform back in two thousand seventeen and says that video posts doubled in twenty thousand twenty. I get ready wanting to to get video creation tools and buying technology. I don't know why they buy dub smash which because it is trying to do the right thing. They will leave it as an independent entity. It's it's not like ready makes those kinds of acquisitions. Usually that part that part of a little less clear on. I remember back in two thousand seventeen. When native video was introduced. I was like i didn't really i mean is this is going to become a whole different platform than what we're all used to and know the answer. Mostly no read it. Has you know it's nothing. If not consistent in certain ways you know you got your sub reddit memes. You've got you know you know you kind of know what you're getting depending on where you want to hang out on. Read it but this. It felt like i was a little. It felt a little left field me. Like what are we doing competing with tiktok on. Read it and like you said tom. It sounds like the technology is something that the company is interested in. And hopefully it'll be used in some sort of way while not taking away from what dubs matches already doing. Really well so yeah. I don't know peter keith. What are your thoughts. This feels like one of those moments. Where i realized just how old i am It was the same two boats Squad the other day. And i was like what is squad You know yeah. I just feel like they used to be a time Ease it'd be on the show where i had the beater invites for all of these kinds of things and now i'm just like oh never heard of that before interesting. I have it on my list of follow ups to x. my twelve year old. what is done. Because she is the net twenty five percent black You would think she might have heard of it. So how is the action item. I've been away from read it just as a user. This curious yeah report back. Let us know what you find out about about dubs smash into the end. People say all right folks. Listen we appreciate you being here if you are like. No i could've told you about dub smash weeks ago. Well get it on discord and tell us stuff like that you can join by linking patriotic out at patriotair dot com.

tiktok Annie nashville peter keith Us reddit tom
"solar wind" Discussed on Daily Tech News Show

Daily Tech News Show

05:33 min | 1 year ago

"solar wind" Discussed on Daily Tech News Show

"Of the fortune five hundred companies in the US Lockheed Martin Booz Allen Hamilton pricewaterhousecoopers the Fed Reserve the defense department the state department the u.s. Secret Service the National Security Administration 33,000 of those customers use the Orion platform. So not all three hundred thousand but a large number and solarwinds believes that eighteen thousand of them installed the malware-infected versions now not all 18,000 were targeted but even a small percentage that's a lot of targets home eating that reports that it administrators are finding signs of the malware on their Orion systems, but few are reporting the second stage payload, that would be used to elevate access. So it's believe the attackers targeting a specific customers around the world FireEye for example announced the intrusion and its Network reported last week was caused by the solarwinds breach. It has published detection rules on GitHub that you gain access if you need them Microsoft confirmed the solarwinds compromise in a security alert to its customers and provided counter measures including detection rules added to Defender the u s cyber security and infrastructure. Agency or cica issued an emergency directive with instructions on how all federal civilian agencies can detect an analyze compromised systems and advise them to shut down or Ryan seese advises all host song by Ryan to be treated as compromised until you're certain. Otherwise fire. I calls the malware Sunburst. If you're out there looking around you see Sunburst. That's what that refers to although Microsoft has dubbed it off. So Laura gate so we we have a couple of different ways to refer to it the attack worked by entering the network through the Orion vulnerability. However, it got in there and then gaining elevated credentials wage was in your network that let attackers Ford single sign-on tokens, which would let them impersonate privileged accounts, which allow them to Grant new credentials to themselves and gain high-level access. The attackers were able to track authentication controls and access Office 365 at the national telecommunications and Information Administration where it definitely monitored emails it probably did that in other places as well. FireEye says that each attempted intrusion needed what they called Oculus planning and manual interaction. This wasn't a set-it-and-forget-it blast. This was done intentionally to get our gets it affected fire. I says the victims have included government Consulting technology Telecom and extractive entities in North America Europe Asia and the Middle East so it's not just the same government. We anticipated there are additional victims in other countries and verticals says fire I and yeah the US government appears to be one of them Reuters sources saying that Network Intruders access internal email traffic of the US Department of Treasury and commerce and possibly other agencies the US Commerce Department confirmed a breach and said that sisa and the FBI are investigating and the US National Security Council reportedly met on Saturday to discuss this issue. So this is big it affects a lot of companies..

Martin Booz Allen Hamilton Fed Reserve the defense depart National Security Administrati Ryan seese Secret Service cica Microsoft GitHub national telecommunications an Ryan Laura US Ford US Department of Treasury North America Middle East US Commerce Department Asia US government Europe