Following its internal protocol, the company monitored the findings and began working on a patch in late January when a proof of concept was disclosed. SolarWinds told CRN at the time that the researcher reported the flaw to the company in October but there was no proof of concept. It also released a mitigation tool that could be used in the event the hotfix couldn’t be applied. SolarWinds said at the time that the exploit was never used by malicious actors to compromise any partner accounts, and deployed hotfixes for the flaw in January 2020. The flaw was reported in October 2019 and remained open for more than three months, according to Huntress. A zero-day vulnerability in SolarWinds MSP’s remote monitoring and management (RMM) tool n-Central announced in January 2020 allowed security researchers to steal the administrative credentials of an account holder, security vendor Huntress said at the time. This isn’t the first time that SolarWinds’ technology has been open to exploitation. Hack Comes Months After Zero-Day Exploit Of RMM Tool From how the hackers evaded detection to why federal agencies must power down Orion to its impact on the SolarWinds MSP business, here are the big things to know about the SolarWinds hack. The colossal SolarWinds breach is sending shockwaves through Capitol Hill and Fortune 500 corner offices alike given the high-profile nature of the reported victims and the presumed involvement of Russian intelligence services. Treasury and Commerce Departments as well as FireEye to a vulnerability in the Orion products, but SolarWinds said Monday it’s still investigating. Media reports have attributed attacks on the U.S. The company said it’s been told the attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, though no specific country was named.Ī FireEye blog post states that hackers gained access to numerous public and private organizations through trojanized updates to SolarWinds’ Orion software, but didn’t disclose the identity of any of the victims.
SolarWinds disclosed Sunday that it experienced a highly sophisticated, manual supply chain attack on versions of its Orion network monitoring product released between March and June of this year.
0 kommentar(er)
