Our thoughts on Fireeye, Solarwinds, and Sunburst

This week, Adam and Andy give you their thoughts on the Fireeye and Solarwinds breach. They also give defenders advice on immediate steps to help strengthen their organizations as well as some future insights on the direction security may be heading in terms on identity and device management. Finally, they give some thoughts on why it is important for security, business, and technical teams need to work as one cohesive unit in order to make security programs successful.

Documentation:

Unauthorized Access of FireEye Red Team Tools

Check Point Response to FireEye Red Team Tools Leak

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor

"The Chat" by Gavin Ashton

Becoming resilient by understanding cybersecurity risks: Part 2

Detecting Abuse of Authentication Mechanisms by the NSA

Protecting Microsoft 365 from on-premises attacks

Andy Jaw

Twitter: @ajawzero

LinkedIn: https://www.linkedin.com/in/andyjaw/

Adam Brewer

Twitter: @ajbrewer

LinkedIn: https://www.linkedin.com/in/adamjbrewer/