The Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive requiring federal agencies to disable SolarWinds Orion connections because they pose a substantial security threat.The news prompts the National Security Council (NSC) to convene a White House meeting to discuss the security breach of several government agencies and enterprises.December 12, 2020: FireEye informs SolarWinds that the Orion Platform had been compromised through a cyberattack.
The malicious SUNBURST code had corrupted all the Orion releases made between March and June 2020. They realize that this was a supply chain hack where the attackers had corrupted and weaponized SolarWinds’ Orion Platform updates. December 11, 2020: while conducting breach investigations, FireEye discovers that SolarWinds had been attacked.The company expresses concern that the hackers would use the stolen tools to target other companies. December 8, 2020: FireEye, a cybersecurity threat and intelligence provider, reports that state-sponsored hackers broke into its network and made away with its Red Team penetration testing and assessment tools.June 4, 2020: the perpetrators remove the SUNBURST malicious code from SolarWinds systems.This is an updated variant of the malicious code inserted into the Orion Platform released from February 20, 2020, and beyond. February 20, 2020: Hackers compile and deploy the SUNBURST attack.The attacker use multiple servers based in the US and mimick legitimate network traffic to circumvent the threat detection used by SolarWinds, its partners, and clients. The attackers use a sophisticated injection source to insert the SUNBURST malicious code into the company’s Orion Platform software.
The attack, dubbed SUNBURST, involved inserting malicious code into SolarWinds’s Orion Platform software. Also impacted were multiple US states and government agencies including the US Department of State and the US Department of Homeland Security.
The SolarWinds hack was a major security breach that affected over 3,000 SolarWinds customers, including major corporations like Cisco, Intel, Cox Communications, and Belkin. News, statements, media notes & product releases.Learn how we helped some of our clients achieve success.Relevant companies from diverse sectors are already using Kiuwan.Offering the most comprehensive solutions for application security.Official Kiuwan documentation repository.įind answers to every question you have about Kiuwan. Relevant articles and papers on Application Security and related topics. Your news source for Application Security. Blazingly fast cyber threat detection and tools for remediation