Categories: US-Cert-Repository

Active Exploitation of SolarWinds Software



Original release date: December 13, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, released between March 2020 and June 2020.

CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:

  • SolarWinds Security Advisory
  • FireEye Advisory: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
  • FireEye GitHub page: Sunburst Countermeasures

This product is provided subject to this Notification and this Privacy & Use policy.



Source link

admin

Leave a Comment
Share
Published by
admin
5 years ago

Recent Posts

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

11 hours ago

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team (CERT Polska’s)…

1 day ago

MyDoom.B Virus

Systems Affected   Any system running Microsoft Windows (Windows 95 and newer) that are used…

1 month ago

Multiple Vulnerabilities in Microsoft Internet Explorer

Systems Affected   Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…

1 month ago

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Systems Affected   Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…

1 month ago

Multiple Vulnerabilities in Microsoft Windows

Systems Affected   Systems running Microsoft Windows   Overview   Microsoft Windows contains multiple vulnerabilities,…

1 month ago

This website uses cookies.