So, hey, yeah, how are all of you. Clearly SolarWinds has completely overwhelmed the news this week, so I have a couple of notes about that. To those of you who are having to deal with this, I am with you in spirit. Doing what I can here from The Bunker to help you out.
Here was my first indication there was a problem, I believe. It's pretty old news now.
https://thehackernews.com/2020/12/new-evidence-suggests-solarwinds.html
I spoke about Supply Chain problems at the Central Ohio .NET Developer's group in March. Oddly timed.
https://www.youtube.com/watch?v=KWt0Brcc2Ag
MicroSolved has a good writeup you should read.
https://media.microsolved.com/SolarWindsBrief.pdf
This is Microsoft's breakdown on DLL Injection. For the record, I attended a BoF session on this at DefCon 15(!) and everyone I talked to blew it off. Guess not.
https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/
Some other news, thank goodness.
Github is gonna ban passwords.
https://www.theregister.com/2020/12/17/github_bans_passwords/
The NSA finally figured out that authentication systems are under attack.
https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2451159/nsa-cybersecurity-advisory-malicious-actors-abuse-authentication-mechanisms-to/
And finally, a short article about memcpy.
https://r2c.dev/blog/2020/when-devsecops-goes-wrong-a-short-lesson-from-huaweis-source-code/
That's the news, folks, have a great holiday and end-of-year. May your systems be secure and your code be frozen.