Posted by Centipede Nation Staff on December 14, 2020 4:45 am

CodeMonkey: Is this how the US TREASURY got hacked? The timing matches – (Additonal dig on SolarWinds Orion)…
UPDATE 1:

UPDATE 2:


cisa

Who is ‘SolarWinds Orion‘? It gets interesting…

Global Headquarters
Austin, Texas

Number of Employees
3,200+ worldwide

Customers Worldwide
320,000+ in 190 countries, including 499 of the Fortune 500®
22,000+ MSPs serving over 450,000 organizations

From the tweet above (just in case you don’t want to open that link):

Threat Research
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor

  • We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452.
  • FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST.
  • The attacker’s post compromise activity leverages multiple techniques to evade detection and obscure their activity, but these efforts also offer some opportunities for detection.
  • The campaign is widespread, affecting public and private organizations around the world.
  • FireEye is releasing signatures to detect this threat actor and supply chain attack in the wild. These are found on our public GitHub page. FireEye products and services can help customers detect and block this attack.

Stay Up To Date With More News Like This:

READ THE LATEST HAPPENINGS - CLICK HERE

Help Centipede Nation Stay Online

Stories like these are made possible by contributions from readers like you. If everyone who enjoys our website helps fund it, we can keep our platform alive and expand our coverage further.

SUPPORT US