Blog
Forensics
SolarWinds and FireEye

SolarWinds and FireEye

In this SecurityMetrics News episode, Heff and Forrest analyze recent cybersecurity news, including the unprecedented SolarWinds security breach and the FireEye compromise.

Heff
Updated
October 13, 2023
Posted
December 18, 2020
News
Cybersecurity
Data Breaches
SolarWinds and FireEye

Threat Intelligence: Introducing SecurityMetrics News 

The threat landscape is constantly changing and cyber attackers continue to target organizations. SecurityMetrics has produced a new cybersecurity news series to inform you of developing threats and provide analysis, best practices, and tips to protect your data.

SecurityMetrics News Episode 1

In this SecurityMetrics News episode, Heff and Forrest analyze recent cybersecurity news, including the unprecedented SolarWinds security breach and the FireEye compromise. They dive in to help you understand the attacks and give tips to avoid data breaches at your organization. 

Hosted by Matthew Heffelfinger (Director of SIEM Operations, GSTRT, CyRP (Pepperdine), GRCP, SSAP, ITIL4-F, GISF, PECB) and Forrest Barth (SOC Analyst, CISSP, CMNO, Security+).

SolarWinds Supply Chain Cyberattack

  • SolarWinds was recently breached in what is the largest security compromise in U.S. history. This led to breaches at the Pentagon, multiple U.S. agencies, nuclear labs, and Fortune 500 companies. 
  • Malware was deployed as an update for Orion products from SolarWinds’ own server and automatically downloaded to 18,000 SolarWinds customers in March 2020. 
  • This attack was highly sophisticated and coordinated. 
  • The threat group in the SolarWinds hack is presumed to be APT29 (i.e., Cozy Bear/Russian SVR). 
  • Read more about the SolarWinds data breach here, including information about what SecurityMetrics is doing and what you should do to protect your business.  

FireEye Compromise 

  • FireEye was one of the companies hacked in the Solarwinds compromise.
  • FireEye’s anti-hacking tools were stolen, so patching will be critical. 

Lessons Learned From Recent Data Breaches and What You Can Do

  • If you use Solarwinds Orions, assume compromise.
  • If you have other Solarwinds products, map your attack surface.
  • Threat actors have changed indicators of compromise (IoCs), and they are retooling.
  • Check your logs as far back as March.
  • Use multi-factor authentication (MFA) and change passwords regularly. 

Join Thousands of Security Professionals.

Subscribe Now

Get the Guide To PCI Compliance

Download

Get a Quote for Incident Response

Request a Quote
Stay up to date
Subscribe to our blog.
Subscribe Now
Data Security
Vulnerability ScanningPenetration TestingSecurity TrainingPANscan®SecurityMetrics VisionSecurityMetrics MobileCIS Controls AssessmentConsultingResellerForensic/Incident ResponseData and Network SecurityData Security AcademyWebpage Integrity Monitoring (WIM)Shopping Cart Inspect (PCI Req. 11.6.1)Shopping Cart Monitor (PCI Req. 11.6.1)SecurityMetrics Pulse
Compliance
GDPR CompliancePCI CompliancePCI DSS AuditPCI Level 4 ProgramPA-DSS/SSF AuditP2PE AuditPIN Security AssessmentPCI PoliciesPCI TrainingHIPAA ComplianceHIPAA PoliciesHIPAA TrainingHealth Network ProgramHITRUST
Company Info
About UsBlogGlossaryMedia RelationsCareersTerms of UsePrivacyAbuseDo Not Sell My Information
Contact
Contact UsReport a Vulnerability
SecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2025 SecurityMetrics, Inc. All rights reserved.
Privacy PolicyTerms and Conditions
Your IP Address is:
YouTube logoSecurityMetrics podcast logoLinkedIn logoFacebook logo
Subscribe to our blog
Subscribe Now
© 2025 SecurityMetrics, Inc. All rights reserved.
Privacy Policy
|
Terms and Conditions
|
Your IP Address is:
000.000.000.000