![]() ![]() SolarWinds Network Performance Monitor (NPM) is used to detect outages, diagnose, and resolve network performance issues. SolarWinds has acquired numerous companies that offer services from security to database management. It was founded by Donald Yonce and David Yonce (brothers) in the year 1999 with its headquarters in Austin, Texas. The products provided by SolarWinds are effective, accessible, and easy to use. SolarWinds is a network management tool that helps companies manage networks, systems, and other infrastructure. What is SolarWinds and what is it used for? What is SolarWinds and what is it used for?.Krebs also shared his confidence in CISA and his suspicion that the cyberattack “has been underway for many months. Odds are you’re not affected, as this may be a resource intensive hack,” said Christopher Krebs, former director of CISA. “If you’re a SolarWinds customer & use the below product, assume compromise and immediately activate your incident response team. The early reaction from the cybersecurity community suggested that while the breaches at Commerce and Treasury are not the norm, they are likely not the only agencies affected. The breach comes on the heels of cybersecurity firm FireEye suffering a nation-state sponsored cyberattack on its internal systems, which Reuters’ sources tied to the SolarWinds vulnerability. SolarWinds boasts a user base that includes multiple cities, prestigious universities, all branches of the military, the intelligence community, and the Department of Justice (DoJ) and State Department, to name some users. We are acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters,” the company said in its statement. #SOLARWINDS PRODUCTS MANUAL#We believe that this vulnerability is the result of a highly-sophisticated, targeted, and manual supply chain attack by a nation state. “We are aware of a potential vulnerability which if present is currently believed to be related to updates which were released between March and June 2020 to our Orion monitoring products. ![]() The vulnerability is tied to breaches at the Department of Commerce and the Department of the Treasury, first reported by Reuters and confirmed by the agencies. ![]() The exploit in SolarWinds Orion products, first reported by Reuters and confirmed by a company statement, demonstrates the potential of a nation-state actor to use supply chains to cause major damage to companies and agencies. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners – in the public and private sectors – to assess their exposure to this compromise and to secure their networks against any exploitation.” “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said Brandon Wales, acting director at CISA. #SOLARWINDS PRODUCTS UPGRADE#The directive also instructs agencies not to upgrade their version of the Orion software until approved by CISA. ![]() The Cybersecurity and Infrastructure Security Agency (CISA) is requiring all Federal civilian agencies to disconnect or turn off any SolarWinds Orion products by noon today, as a nation-state hack of the tools pose a significant cybersecurity threat and is linked to a hack at the Treasury and Commerce Departments.ĬISA’s emergency directive, issued just before midnight on December 14, requires agencies to check for any indicators of compromise, requires agencies to block all traffic from external hosts where any version of the Orion software has been installed, and treat all hosts monitored by Orion monitoring software as compromised with further persistence mechanisms in place. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |