SINGAPORE NEWS & ARTICLES
SolarWinds Security Advisory
Recently discovered by US cybersecurity company, FireEye, SolarWinds became the victim of a very sophisticated supply chain hack leading to a likely global attack, with highly sensitive data compromised.
How the attack happened
A vulnerability (SUNBURST) was inserted within SolarWinds’s IT management software, Orion®, which could potentially allow the attacker to compromise the server which the Orion products run if present and activated. This sophisticated attack disrupted a standard process resulting in a compromised outcome to attack subsequent software users.
SolarWinds are urging customers with any of the below products listed as known affected for Orion® Platform to upgrade as soon as possible to ensure your environment’s security. Upgrades are available here.
Orion Platform v2020.2
Customer with no hotfix installed or 2020.2 HF 1 to upgrade to Orion® Platform version 2020.2.1 HF 2. Hotfix installation instructions are available in the 2020.2.1 HF 2 Release Notes here.
If you are unable to apply the Hotfix due to environmental restrictions, it is prudent to review the necessity of the below for an immediate risk assessment.
Assess current network if there is a need to segregate zones
Any lateral movements for tools related to SUNBURST that may already been weaponized
Latest signatures on IPS and other security tools
Periodically scan of critical servers / endpoints