We recommend that all customers running SolarWinds Orion versions 2019.4 through 2020.2.1 should upgrade to the Orion platform to version 2020.2.1 HF 1 ASAP. Rapid7 has deployed detections in InsightIDR for activity related to vulnerable versions of SolarWinds Orion and will continue to add additional IOCs/TTPs as they become available. ![]() What is Rapid7 doing as a result of the disclosure of the SUNBURST/Solorigate disclosure? For InsightIDR customers In this blog post, we will focus on answering specific questions organizations may have regarding this situation. SolarWinds has issued a separate advisory for the incident. FireEye has given the campaign an identifier of UNC2452 and is further naming the trojanized version of the SolarWinds Orion component SUNBURST (Microsoft has used the “Solorigate” identifier for the malware and added detection rules to its Defender antivirus). 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |