DataEndure | Managed Cybersecurity. It's about time.

Services
- Managed Services
  Cloud Security
  
  Email Security
  
  Endpoint Security
  
  Network Security
  
  N-SOC
  
  Compliance
  GRC
  
  Readiness Assessments
  
  Risk Management
  
  Complimentary Health Checks
  Network Health Check
  
  Resiliency Workshop
  
  Security Health Check
  
  In-Depth Assessments
  Application Dependency Mapping
  
  CISO Assessment
  
  Dark Data Assessment
  
  Network Assessment
  
  Penetration Testing
  
  Why Layered Defense is Critical
  
  Layered security is about protecting all vectors that have access into your network, and the network is no longer just inside your datacenter. It's wherever your endpoints, people, data, and assets reside.
  
  View the Video >>
Expertise
- Security & Compliance
  Layered Defense Strategy
  
  Cyber Threats & Solutions
  
  Information Management
  Data Resilience
  
  Cloud & Data Science
  Digital Transformation
  
  Infrastructure
  Scale and Efficiency
  
  Network
  Network Resilience
  
  What does "Good" Cybersecurity look like?
  
  Discover key insights for robust cybersecurity, addressing critical gaps and navigating evolving threats.
  
  Read the Blog >>
Industries
Company
- About Us
  Leadership
  
  News
  
  In the Community
  
  Careers
  
  Contact Us
  
  Partners
  Strategic Partners
  
  Technology Partners
  
  Partner Program
  
  Leading the Way Through Change
  
  Explore over 40 years of industry leadership and lasting impact as we delve into the remarkable history of Data Endure.
  
  Learn More >>
Resources
- Learn
  Security Advisories
  
  Blog
  
  Case Studies
  
  Podcast
  
  Events
  
  Videos
  
  White Papers
  
  Connect
  Contact Us
  
  Newsletter Sign Up
  
  Partner Program
  
  Watch our Tech Talk Series
  
  Stay up to date on the latest in cybersecurity with our monthly Tech talk series.
  
  Watch the Series >>

Critical Security Advisory: Active Exploitation of SolarWinds Software Observed in the Wild

December 16, 2020

CRITICAL Advisory: Active Exploitation of SolarWinds Orion Software Observed in the Wild

Situation

SolarWinds has found highly sophisticated, manual exploitations for versions 2019.4 to 2020.2.1 of SolarWinds Orion products. This attack is extremely targeted and manually executed and is likely performed by a nation state.

Problem

The threat actor primarily leverages a malware commonly known as SUNBURST to conduct a global supply-chain attack against the SolarWinds Orion platform.

Implication

The malware is highly sophisticated and can transfer and execute files, profile systems, reboot machines, and disable security services. It can also obfuscate itself to avoid detection.

Need

Both SolarWinds and the CISA strongly suggest that organizations using SolarWinds Orion verify the version they’re running and upgrade immediately, if required.

Information from SolarWinds on the vulnerability:

https://www.solarwinds.com/securityadvisory

For a more technical overview:

https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

NEW BLOG:Seeing the Bigger Picture: Achieving Digital Resilience

+ +

Chat with usLiveChat