Categories: US-Cert-Repository

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

Original release date: December 19, 2020 CISA has updated <a href="https://us-cert.cisa.gov/ncas/alerts/aa20-352a">AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations</a>, originally released December 17. This update states that CISA has evidence of, and is currently investigating, initial access vectors in addition to those attributed to the SolarWinds Orion supply chain compromise. This update also provides new mitigation guidance and revises the indicators of compromise table; it also includes a downloadable STIX file of the IOCs.

In addition, CISA has released <a href="https://cyber.dhs.gov/ed/21-01/#supplemental-guidance">supplemental guidance</a> to Emergency Directive (ED) 21-01, providing new information on affected versions, new guidance for agencies using third-party service providers, and additional clarity on required actions.

CISA encourages users and administrators to review the following resources for additional information on the SolarWinds Orion compromise.

<ul>
<li><a href="https://cyber.dhs.gov/ed/21-01/#supplemental-guidance">CISA Emergency Directive 21-01 – Supplemental Guidance v.1</a></li>
<li><a href="https://cyber.dhs.gov/ed/21-01/">CISA Emergency Directive 21-01: Mitigate SolarWinds Orion Code Compromise</a></li>
<li><a href="https://us-cert.cisa.gov/ncas/alerts/aa20-352a">CISA Activity Alert AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations</a> 
 </li>
</ul>

<div class="field field–name-body field–type-text-with-summary field–label-hidden field–item">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.

</div>

Source link

admin

Next CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity »

Previous « NSA Releases Cybersecurity Advisory on Detecting Abuse of Authentication Mechanisms

This website uses cookies.

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

Recent Posts

CISA Releases 10 Industrial Control Systems Advisories

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA Releases One Industrial Control Systems Advisory

CISA Directs Federal Agencies to Mitigate Vulnerabilities in F5 Devices

CISA Releases Thirteen Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog