Mike Leone via plug on 15 Dec 2020 08:51:12 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: SolarWinds

We got a SolarWinds notification last night, and this morning, one of my co-workers updated to the latest version. 2020-02.1 HF1

The notification:
Dear Customer,
 
We have just been made aware our systems experienced a highly sophisticated, manual supply chain attack on SolarWinds® Orion® Platform software builds for versions 2019.4 through 2020.2.1.
 
We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed incident, as opposed to a broad, system-wide attack. We are recommending that you upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure the security of your environment. The latest version is available in the SolarWinds Customer Portal.
 
If you aren’t sure which version of the Orion Platform you are using, see directions on how to check that here. To check which hotfixes you have applied, please go here.
 
In addition, we recommend you review the guidance provided in the Secure Configuration for the Orion Deployment document available 


On Tue, Dec 15, 2020 at 11:18 AM Keith via plug <plug@lists.phillylinux.org> wrote:
On 12/15/20 11:13 AM, jeffv via plug wrote:
> It's *massive*, down to consumer level.
>
>
> On 12/15/20 11:09 AM, Eric Lucas via plug wrote:
>> Scary story:
>> https://krebsonsecurity.com/2020/12/u-s-treasury-commerce-depts-hacked-through-solarwinds-compromise/
>> <https://krebsonsecurity.com/2020/12/u-s-treasury-commerce-depts-hacked-through-solarwinds-compromise/>
>>
>>
>> Eric
>>
This definitely can't be understated.  From my understanding, when
FireEye reviewed their situation they found and notified SolarWinds
about theirs.


--
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Managing Member, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167
www.daotechnologies.com

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


--

Mike. Leone, <mailto:turgon@mike-leone.com>

PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
Photo Gallery: <http://www.flickr.com/photos/mikeleonephotos>

This space reserved for future witticisms ...
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug