FireEye detected APT activities go through Solarwinds product – 13th Dec 2020

Preface: SolarWinds Orion is an IT performance monitoring platform that helps businesses manage and optimize their IT infrastructure.

Vulnerability details: SolarWinds.Orion.Core.BusinessLayer.dll is signed by SolarWinds. However, when connection come from trusted vendor (valid signature ) which carry malware. Existing design do not have defense mechanism.

Impact: CISA has determined that this exploitation of SolarWinds products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.