SolarWinds stopped short of saying its Orion software was involved in the Treasury Department hack, but Thompson issued this statement to the news agency: SolarWinds Orion Vulnerability: CEO Kevin Thompson’s Statement At the time of that disclosure, FireEye expressed concern that the hackers will potentially use the stolen Red Team penetration testing tools to attack additional companies. The potential Orion vulnerability surfaces less than one week after FireEye disclosed that hackers stole FireEye’s Red Team penetration testing software. But some MSPs are known to leverage Orion for various monitoring purposes. It is not part of the SolarWinds MSP toolset - which is typically used by managed IT services providers (MSPs) to monitor SMB networks. SolarWinds Orion is used mainly by IT professionals to monitor corporate and government networks. The signatures are found on FireEye’s public GitHub page. FireEye is releasing signatures to detect this threat actor and supply chain attack in the wild. SolarWinds issued an Orion security advisory here, explaining that attack involved Orion builds for versions 2019.4 HF 5 through 2020.2.1, released between March 2020 and June 2020. SolarWinds Orion Attacked: Corrective Measures
0 kommentar(er)
