Unless you've been sitting under a rock the past week I hope everyone's heard about the two nation-state hacks it took place on two major cybersecurity firms in the United States.
now I've made posts before about cybersecurity it stressed about what steps can be done to mitigate such hacks and I'll continue to do this too I'm blue in the face. it behooves companies at every level to take these threats seriously.
An incursion by suspected Russian nation-state hackers at this major cybersecurity solutions provider was the suspected starting point of a massive hacking incident impacting a number of federal agencies and defense assets. The hackers were able to obtain authentic credentials that enabled them to inject code into a routine software patch, opening backdoors into client files and systems.
FireEye was also impacted in this week’s suspected Russian hacking operation. Hackers were able to penetrate FireEye’s systems security to obtain several of their vaunted Red Team tools. FireEye immediately detected the hack and released a statement exposing it. That was the first domino in the cybersecurity disaster cascade.
Hacked Software Firm SolarWinds
FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State