Re: SolarWinds Orion trojan / supply-chain compromise


Royce Williams
 

The FireEye statement seems in direct contradiction to SolarWinds' assertion of narrow scope:

  • The campaign is widespread, affecting public and private organizations around the world.
-- 
Royce Williams
Tech Solvency


On Sun, Dec 13, 2020 at 7:18 PM Royce Williams <royce@...> wrote:
Appears to have been targeted, but not sure what orgs might have been targeted.

https://www.solarwinds.com/securityadvisory


Quoting:

SolarWinds has just been made aware our systems experienced a highly sophisticated, manual supply chain attack on SolarWinds® Orion® Platform software builds for versions 2019.4 through 2020.2.1, released between March 2020 and June 2020. We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack. We recommend taking the following steps related to your use of the SolarWinds Orion Platform.

We are recommending you upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure the security of your environment. The latest version is available in the SolarWinds Customer Portal.


Royce

Join nuga@groups.io to automatically receive all group messages.