Results 1 to 4 of 4

Thread: Solarwind Hack

  1. #1
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    7,036

    Default Solarwind Hack

    Solarwind hacked . IT techies will recognise that Brand/service
    https://krebsonsecurity.com/2020/12/...18k-customers/

    Its just becoming more & more of a cluster as time goes on.
    They were warned a year ago : did nothing . allegedly
    They did nothing about hacked downloadables on their ftp server . allegedly
    They had their ftp server password easily obtainable : allegedly

    The hack has affected many US Govt depts .
    Possible (possible) Russian Govt involvement .
    https://www.wsj.com/articles/suspect...article_inline

    Now reports of insider trading, investors sold off shares before they went public & share value plummeted . allegedly
    so : add to all this , insider trading . That has possible jail terms for investors . The US takes Insider Trading very seriously .
    https://www.washingtonpost.com/techn...-stock-trades/

    This is going to get very messy for the companies & investors involved .

  2. #2
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    28,038

    Default Re: Solarwind Hack

    Oh Dear,
    They were warned a year ago : did nothing . allegedly
    One would think if big companies like them get a warning they would do something about it, but like so many, its not till something happens they get their A into G and then have to go into repair mode.

  3. #3
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    28,038

  4. #4
    VoidMaster
    Join Date
    Dec 2004
    Posts
    6,294

    Default Re: Solarwind Hack

    Here's a short TLDR courtesy Reddit user ToranMallow:

    "It was a supply chain attack on a network monitoring product called Orion that gets used all over the place in big organizations. Bad guys created some malware that was served up as an update from SolarWind's own servers, signed by their own cryptographic key. It would look like a valid update on a trusted product and likely got installed without much of a second thought.

    The problem is that most networks are set up to allow Orion to access almost everything. It has to be able to reach out and communicate with anything it is trying to monitor. Firewalls would all be set to allow the traffic as completely trusted, etc.

    It's bad. Real bad."

    https://www.sans.org/blog/what-you-n...-chain-attack/
    Last edited by zqwerty; 18-12-2020 at 04:40 PM.
    It's not the least charm of a theory that it is refutable. The hundred-times-refuted theory of "free will" owes its persistence to this charm alone; some one is always appearing who feels himself strong enough to refute it - Friedrich Nietzsche

Similar Threads

  1. msn hack?
    By nerd in forum PressF1
    Replies: 4
    Last Post: 22-08-2008, 10:57 PM
  2. Replies: 2
    Last Post: 05-04-2002, 09:29 PM
  3. could someone please hack me....
    By in forum PressF1
    Replies: 7
    Last Post: 02-02-2002, 03:08 PM
  4. How do you hack?
    By in forum PressF1
    Replies: 11
    Last Post: 25-01-2002, 09:32 AM
  5. Hack Prevention
    By in forum PressF1
    Replies: 0
    Last Post: 26-09-2000, 02:15 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •