
On Dec 13, 2020, SolarWinds, a commonly deployed network management solution, confirmed that a cyber incident has occurred which appears to be an IT operations product used well by Fortune 500 companies, US Government agencies, and critical SMB firms. The SolarWinds Orion application updates have been infected for a period between March and June 2020.
The attack is a supply-chain based attack in which the adversary can leverage the software’s update mechanism. The SolarWinds attack has been linked to innumerable businesses, the US Treasury Department, and FireEye compromise at this time.
It’s unclear which customers were targeted, but the malicious code has been distributed to at least 18,000 companies using SolarWinds Orion platform.
Since you’re here… The Sunburst hack is far more than a digital skirmish
This advisory by SISA helps you with details about the following:
The editorial team at SISA Information Security hopes that by leveraging this advisory, organizations will be armed with the necessary awareness and knowledge to protect their environments from malwares like Sunburst.
Get your copy now!
SISA is a forensics-driven cybersecurity company that helps secure businesses with robust preventive, detective and corrective security services and solutions. SISA offers products and services for risk assessment, security compliance and validation, monitoring and threat hunting, as well as training for various payment security certifications.
Industry recognition by CREST, CERT-In and SWIFT serves as a testament to our skill, knowledge, and competence.
With 2,000+ clients spread across 40+ countries, we leverage our learnings to provide true security, fanatic support and real business value to our customers.