https://cyber.dhs.gov/ed/21-01/
Mitigate SolarWinds Orion Code Compromise
SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems. Disconnecting affected devices, as described below in Required Action 2, is the only known mitigation measure currently available.
CISA has determined that this exploitation of SolarWinds products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action. This determination is based on:..........
If you work for US Gov today sucks for you. From the ED21-01...
Quote
a. Treat all hosts monitored by the SolarWinds Orion monitoring software as compromised by threat actors and assume that further persistence mechanisms have been deployed.
b. Rebuild hosts monitored by the SolarWinds Orion monitoring software using trusted sources.
-Otanx
QuoteRebuild hosts
... standard procedure if you have any hint no matter how slight, that a host may be compromised in some way.
Heard about it this morning. O&M team's responsibility.
:sitting:
And yesterday was my first day at my new job (a DoD contractor). Yay!
Quote from: Nerm on December 15, 2020, 06:31:13 AM
And yesterday was my first day at my new job (a DoD contractor). Yay!
How was your new hire orientation meeting? Was it a Sev One bridge call? :smug:
I was told they would get back to me Tuesday lol.
... and I got dragged into it.
Quote from: config t on December 19, 2020, 11:56:54 PM
... and I got dragged into it.
:hankhill:
I *was* going to go with a mocking GIF, but when I saw the pity in Hank Hill's eyes, I decided to go with sympathy.