Their sales folks are definitely aggressive. At least its currently only limited (known) to two Orion platforms. Im really concerned about this: "...and intended to be a narrow, extremely targeted, and manually executed attack..." what does manually executed mean? Like some dude stuck a USB key in the DOS box running their whole operation?
SolarWinds asks customers with any of the below products for Orion Platform v2020.2 with no hotfix or 2020.2 HF 1 to upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure the security of your environment. This version is currently available at customerportal.solarwinds.com. SolarWinds asks customers with any of the below products for Orion Platform v2019.4 HF 5 to update to 2019.4 HF 6, which will be available today, December 14, 2020, at customerportal.solarwinds.com. No other versions of Orion Platform products are known to be impacted by this security vulnerability. Other non-Orion products are also not known to be impacted by this security vulnerability. On Mon, Dec 14, 2020 at 1:53 PM Ryan Ray <[email protected]> wrote: > This is a big deal. Solarwinds Orion is a product used in many of the Top > 100 companies in the world. Including tons of healthcare. > > I dislike Solarwinds for many reasons and refused to use them even before > this hack. Just add another reason to the list. > > > > On Mon, Dec 14, 2020 at 11:49 AM Steve Jones <[email protected]> > wrote: > >> So Im reading this now that Solar Winds updates have been delivering >> payloads since june or july. Solar winds having crazy levels of access to >> interior infrastructures. >> >> Im not sure what this is saying, it sounds like what fireye isnt saying >> outwardly is their toolset was stolen prior to that and that was how they >> were able to circumvent the solarwinds security infrastructure, as solar >> winds relied on fireye? >> >> Anybody come across any good detail on solar winds impacted software? >> Like if you downloaded the free subnet calculator, will they be taking your >> google home account too? Imma be pretty pissed if they mess with my google >> play playlists. >> >> I wonder if the disruptions with office365 and the weird spam filter >> changes lately are related to cleanup prior to publication. >> >> We are a tiny company and got withing a hair of pulling the trigger on >> various solarwinds offerings over the years. Thats with tiny company tiny >> budgets. I cant imagine CTO voicemails going down around the world today, >> depending on budget, you hand the keys over to solarwinds, and by design, >> each key you hand over makes sense to spend a little more and hand over >> another key. How would you even begin to clean up your organization when >> your systems that would provide you your forensics are the systems that did >> the damage? >> >> Is this just mediahype and more russia russia russia, or is this as big >> of a deal as it seems >> >> On Mon, Dec 14, 2020 at 9:01 AM dave <[email protected]> wrote: >> >>> DA HUMANITY!! >>> >>> >>> On 12/14/20 8:58 AM, Ken Hohhof wrote: >>> >>> I had a customer this morning complaining she couldn’t “sign on” to the >>> Internet. I mentioned that Google had an outage this morning, but she >>> responded that she doesn’t use any Google services. Of course her email >>> was from a Gmail address. >>> >>> >>> >>> >>> >>> *From:* AF <[email protected]> <[email protected]> *On >>> Behalf Of *Mike Hammett >>> *Sent:* Monday, December 14, 2020 6:54 AM >>> *To:* AnimalFarm Microwave Users Group <[email protected]> >>> <[email protected]> >>> *Subject:* Re: [AFMUG] Fireye >>> >>> >>> >>> "I know I'm next, they're coming after my google home mini and my >>> netflix account." >>> >>> >>> >>> >>> >>> aaaaannnndddd Google is broken this morning. >>> >>> >>> >>> >>> >>> ----- >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> ------------------------------ >>> >>> *From: *"Steve Jones" <[email protected]> >>> *To: *"AnimalFarm Microwave Users Group" <[email protected]> >>> *Sent: *Sunday, December 13, 2020 9:57:21 PM >>> *Subject: *Re: [AFMUG] Fireye >>> >>> Nope, per fireye, the toolset had to be released because of it being >>> stolen, was not "in the wild" >>> >>> >>> >>> Going to get really interesting to see what comes of this, two federal >>> agencies just happen to get hit shortly after. You can do plenty when you >>> know how you would have otherwise been caught. >>> >>> >>> >>> And that's all fireye admits to having been breached. I'm gonna go ahead >>> and not take their word on it definitively having been russia either. >>> Convenient timing after iran specifically has stated they're going to >>> retaliate for the dead scientist. China will probably confirm this shortly >>> >>> >>> >>> Pretty sure this is far from over and pretty sure this company is just >>> the first to go public. >>> >>> >>> >>> I know I'm next, they're coming after my google home mini and my netflix >>> account. >>> >>> >>> >>> On Sun, Dec 13, 2020, 9:10 PM Ken Hohhof <[email protected]> wrote: >>> >>> Not saying you are wrong. >>> >>> >>> >>> But I think I read somewhere that the Fireye tools that were stolen were >>> a collection of malware already in the wild that they used for testing of >>> client networks. So it was stuff already available, just neatly packaged. >>> >>> >>> >>> The guys who really f’d up were the “Equation Group” (cough, cough, NSA) >>> who lost novel and very powerful hacking tools like Eternal Blue to the >>> Shadow Brokers group. >>> >>> >>> >>> *From:* AF <[email protected]> *On Behalf Of *Steve Jones >>> *Sent:* Sunday, December 13, 2020 8:45 PM >>> *To:* AnimalFarm Microwave Users Group <[email protected]> >>> *Subject:* [AFMUG] Fireye >>> >>> >>> >>> These guys F'd up beyond belief. >>> >>> >>> >>> Inept as jaime would say >>> >>> -- >>> AF mailing list >>> [email protected] >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >>> >>> -- >>> AF mailing list >>> [email protected] >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >>> >>> >>> >>> -- >>> AF mailing list >>> [email protected] >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> -- >> AF mailing list >> [email protected] >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
