This has happened half a dozen times over the past several weeks.
Each time, some big news happened.
FBI, Texas Rangers, and US Marshals are at SolarWinds HQ.
Maricopa county served a subpoena this morning to seize the whole Dominion system.
DNI Ratcliffe has a report due no later than Friday re:Election fraud
Pence could, at any point, contest the Electoral College vote.
Lots to talk about.
Attacks make perfect sense.
They play the same game every time.
One thing I've noticed is that FFs have historically happened in order to cause something to happen.
It seems, now, that FFs are being used defensively to try to stop something from happening.
DS on the backfoot?
Ohh that takes me back.
Buddy of mine in high school did that all the time.
Because of him, they had to install those special fire alarms that squirted ink on your hand.
So many times after that, there'd be a knock on the classroom door and admins would come in and say "OK- everybody put their hands palm-up on your desks"
They really didn't need to do that, because the thing would spray ink all over whoever pulled it.
There was a trashcan fire once and it was so funny to see the lunch lady outside during the evacuation because she looked like she'd been hosed down by blue ink
https://www.picussecurity.com/resource/blog/ttps-used-in-the-solarwinds-breach?
Tactics, Techniques, and Procedures (TTPs) Used in the SolarWinds Breach
EXECUTIVE SUMMARY
SolarWinds announced on Sunday that the SolarWinds Orion Platform network monitoring product had been modified by a state-sponsored threat actor via embedding backdoor code into a legitimate SolarWinds library. This leads to the attacker having remote access into the victim’s environment and a foothold in the network, which can be used by the attacker to obtain privileged credentials. SolarWinds breach is also connected to the FireEye breach. In this article, we analyzed tactics, techniques, and procedures utilized by threat actors of the SolarWinds incident to understand their attack methods and the impact of this breach.
Key Findings
It is a global attack campaign that started in March 2020 and is ongoing.
The attack campaign has the potential to affect thousands of public and private organizations.
The attack started with a software supply chain compromise attack.
Threat actors trojanized a component of the SolarWinds Orion Platform software, dubbed as SUNBURST by FireEye [1].
The backdoored version of the software was distributed via its automatic update mechanism.
Attackers heavily used various defense evasion techniques such as masquerading, code signing, obfuscated files or information, indicator removal on host, and virtualization/sandbox evasion.
The threat actor leverages ten different MITRE ATT&CK tactics, including Lateral Movement, Command and Control, and Data Exfiltration.
Used techniques indicate that the threat actors are highly skilled.
article continues…
https://twitter.com/CodeMonkeyZ/status/1338878113879474179
cap of
https://twitter.com/su13ym4n/status/1338870154596380673
cap of
https://twitter.com/PicusSecurity/status/1338866931567226880
Leads to article
There have been less total deaths in the country this year than in the last 10 years by a factor of approx 300k.
Also. all the other causes of death have plummeted in favor of the numbers you hear in media.
Covid overtakes any comorbidity that exists as cause of death. That includes influenza, heart attack, stroke, car accident, stabbing, brain surgery etc.
These people are stupid