News is breaking that bad actors allegedly operating on behalf of a foreign government have breached SolarWinds, and deployed a malware-infected update for its Orion software to infect the networks of multiple US companies and government networks, according to FireEye.
SolarWinds claims that 33,000 companies use its Orion product, and it estimates that 18,000 companies were directly impacted by a malicious update.
Experts Comments
Endpoint based security solutions provide isolated results on user endpoints/hosts.
With more details emerging regarding the cyberattacks targeting SolarWinds, many are wondering why these activities remain undetected for so long. Today’s attacks that target data and applications do not consist of a single isolated technique taking place on a user endpoint or a single network event. Instead, they can be visualized as a ‘Causal’ kill chain made up of multiple suspicious techniques interleaved with dormant benign behaviors exhibited over multiple hosts spanning across the.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@David Brilliant, Security Engineer, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Conducting threat hunting is essential for businesses/agencies who used the affected Solarwinds technology..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/solarwinds-breached-to-infect-multiple-us-companies-gov-networks-expert-comment
Facebook Message
@David Brilliant, Security Engineer, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Conducting threat hunting is essential for businesses/agencies who used the affected Solarwinds technology..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/solarwinds-breached-to-infect-multiple-us-companies-gov-networks-expert-comment