Security Anyone use Solarwinds Orion?

[Deebs]

If so I feel for you and your Company

SolarWinds Supply Chain Attack Uses SUNBURST Backdoor

A highly evasive attacker leverages a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute SUNBURST malware.

www.fireeye.com

 

[MYstIC G]

If so I feel for you and your Company

SolarWinds Supply Chain Attack Uses SUNBURST Backdoor

A highly evasive attacker leverages a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute SUNBURST malware.

www.fireeye.com

Former colleague of mine was a solarwinds specialist. I feel for him right now.

 

[Deebs]

Former colleague of mine was a solarwinds specialist. I feel for him right now.

It is going to be a rough few days for many sysadmins around the world. Look at all the US Federal Agencies that have been compromised as well. Just waiting to hear about the UK now...

 

[MYstIC G]

It is going to be a rough few days for many sysadmins around the world. Look at all the US Federal Agencies that have been compromised as well. Just waiting to hear about the UK now...

It's a very clever attack. Monitoring touches everything.

 

[ECA]

 

[Bodhi]

Given the week they have had - everything down for an hour Monday lunchtime, GMail down for 3 hours last night - I'm assuming Google use Solarwinds quite extensively?

Or is that something else?

 

[old.Osy]

Just to add to the updates


View: https://twitter.com/RedDrip7/status/1339168187619790848



View: https://twitter.com/craiu/status/1339193102700072961


We had just started using Solarwinds internally last year, but our netsec team is quite solid, so it's only internal use, can't access the outside - which works as mitigation somewhat. There's teams working on lateral investigation, analysis of the latest hotfix from SW, and overall health checking (FWs). No reason to believe we may have been compromised yet. Have to say, for a non-IT Fortune 500 company, I'm really proud of the security focus and mindset we have.

 

[MYstIC G]

Just to add to the updates


View: https://twitter.com/RedDrip7/status/1339168187619790848



View: https://twitter.com/craiu/status/1339193102700072961


We had just started using Solarwinds internally last year, but our netsec team is quite solid, so it's only internal use, can't access the outside - which works as mitigation somewhat. There's teams working on lateral investigation, analysis of the latest hotfix from SW, and overall health checking (FWs). No reason to believe we may have been compromised yet. Have to say, for a non-IT Fortune 500 company, I'm really proud of the security focus and mindset we have.

That second one is bunkum, countless software providers play the "oh, our performance is shit... exclude us from AV then innit" card

 

[Scouse]

@ECA!

You sneaky motherfucker! Post more ffs!

How you doing m8?

 

[Raven]

Trump claiming it is the Chinese that hacked it.

Despite the fact that everyone else says it is Russia.

 

[Scouse]

Trump claiming it is the Chinese that hacked it.

Despite the fact that everyone else says it is Russia.

I'd love it if it was really an autistic UFO conspiracy theorist