Welcome to European Tribune. It's gone a bit quiet around here these days, but it's still going.
Display:
Apparently the proximate breach occurred at SolorWind.

Microsoft president calls SolarWinds hack an "act of recklessness"

SolarWinds is the maker of a nearly ubiquitous network management tool called Orion. A surprisingly large percentage of the world's enterprise networks run it. Hackers backed by a nation-state--two US senators who received private briefings say it was Russia--managed to take over SolarWinds' software build system and push a security update infused with a backdoor. SolarWinds said about 18,000 users downloaded the malicious update.

"A software build system" is the code and procedures to turn the code into a functioning program.  

How they managed to penetrate and subvert the build system is, AFAIK, unknown.  

She believed in nothing; only her skepticism kept her from being an atheist. -- Jean-Paul Sartre

by ATinNM on Sat Dec 19th, 2020 at 04:29:57 PM EST
It doesn't help that their FTP password was apparently available on their Github repository:

We're not saying this is how SolarWinds was backdoored, but its FTP password 'leaked on GitHub in plaintext'

Vinoth Kumar, a security researcher, claimed on Tuesday he had made such a report to SolarWinds last November, warning that it could be used to upload files to the server. The password he said he found, in plaintext for all to see, is a textbook example of a weak password that never should have been allowed.

In a message to The Register, Kumar said that on November 19, 2019, he told SolarWinds "their update server was accessible with the password 'solarwinds123' which is leaking in the public Github repo. They fixed the issue and replied to me on [November 22]."


by Bernard on Sat Dec 19th, 2020 at 09:18:31 PM EST
[ Parent ]
I'd call it "human error" if stupidity like that wasn't bog standard across the gamut of SillyCon Valley TechBro-dom.


She believed in nothing; only her skepticism kept her from being an atheist. -- Jean-Paul Sartre
by ATinNM on Sun Dec 20th, 2020 at 03:59:02 PM EST
[ Parent ]

Display:

Occasional Series