Our thoughts on Fireeye, Solarwinds, and Sunburst

This week, Adam and Andy give you their thoughts on the Fireeye and Solarwinds breach. They also give defenders advice on immediate steps to help strengthen their organizations as well as some future insights on the direction security may be heading in terms on identity and device management. Finally, they give some thoughts on why it is important for security, business, and technical teams need to work as one cohesive unit in order to make security programs successful. Documentation: Unauthorized Access of FireEye Red Team Tools Check Point Response to FireEye Red Team Tools Leak CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor "The Chat" by Gavin Ashton Becoming resilient by understanding cybersecurity risks: Part 2 Detecting Abuse of Authentication Mechanisms by the NSA Protecting Microsoft 365 from on-premises attacks Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/