SolarWinds suffers massive supply chain attack

The Austin-based software company SolarWinds has fallen victim to a massive supply chain attack believed to be the work of state-sponsored...

The Austin-based software company SolarWinds has fallen victim to a massive supply chain attack believed to be the work of state-sponsored hackers.

According to a new blog post from the cybersecurity firm FireEye, the attackers breached the software provider and then deployed updates for Solarwinds' Orion software that were filled with malware in order to infect the networks of organizations as well as multiple government agencies in the US. 

The latest updates on the supply chain attack come after multiple news outlets reported on Sunday that the US treasury and commerce departments had been hit with a cyberattack.

While sources that spoke with the Washington Post credited the Russian-based hacking group APT29 or Cozy Bear with the attack, FireEye instead gave the group the code name of UNC2452 until it could be proven that APT29 really was responsible.

Microsoft also confirmed that SolarWinds had fallen victim to a cyberattack in a series of security alerts privately sent out to its customers on Sunday.

Using updates to deploy malware

In a security advisory sent out late on Sunday, SolarWinds admitted that its Orion software platform was breached in a targeted attack, saying:

“SolarWinds has just been made aware our systems experienced a highly sophisticated, manual supply chain attack on SolarWinds Orion Platform software builds for versions 2019.4 HF 5 and 2020.2 with no hotfix or 2020.2 HF 1. We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack.”

FirEye has named the malware deployed in SolarWinds' Orion updates Sunburst while Microsoft has given it the name Solorigate and added detection rules to its antivirus software. The cybersecurity firm also published a technical report as well as a set of detection rules on GitHub.

SolarWinds plans to release a new update (2020.2.1 HF 2) on Tuesday that “replaces the compromised component and provides several additional security enhancements”.

Via ZDNet



from TechRadar - All the latest technology news https://ift.tt/3ac5OSP
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,110,Video,5,XIAOMI,13,YouTube - 9to5Google,109,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: SolarWinds suffers massive supply chain attack
SolarWinds suffers massive supply chain attack
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2020/12/solarwinds-suffers-massive-supply-chain.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2020/12/solarwinds-suffers-massive-supply-chain.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy