Latest SolarWinds news

SolarWinds fixes critical RCE bugs in access rights audit solution

SolarWinds has patched five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities that allow unauthenticated exploitation.
- Sergiu Gatlan
- February 16, 2024
- 01:32 PM
- 0
SEC sues SolarWinds for misleading investors before 2020 hack

The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before a December 2020 linked to APT29, the Russian Foreign Intelligence Service (SVR) hacking division.
- Sergiu Gatlan
- October 30, 2023
- 05:54 PM
- 1
Critical RCE flaws found in SolarWinds access audit solution

Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges.
- Bill Toulas
- October 20, 2023
- 10:59 AM
- 1
RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam

The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution.
- Bill Toulas
- November 03, 2022
- 03:36 PM
- 0
Microsoft: Windows 11 KB5012643 update will break some apps

Microsoft has warned Windows 11 users that they might experience issues launching and using some .NET Framework 3.5 applications.
- Sergiu Gatlan
- May 04, 2022
- 10:06 AM
- 3
SolarWinds warns of attacks targeting Web Help Desk instances

SolarWinds warned customers of attacks targeting Internet-exposed Web Help Desk (WHD) instances and advised removing them from publicly accessible infrastructure (likely to prevent the exploitation of a potential security flaw).
- Sergiu Gatlan
- March 16, 2022
- 04:18 PM
- 0
Microsoft: SolarWinds fixes Serv-U bug exploited for Log4j attacks

SolarWinds has patched a new Serv-U vulnerability discovered by Microsoft that threat actors attempted to use to propagate Log4j attacks to internal LDAP servers.
- Lawrence Abrams
- January 19, 2022
- 05:32 PM
- 0
Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks

The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices.
- Bill Toulas
- November 09, 2021
- 09:54 AM
- 0
Autodesk reveals it was targeted by Russian SolarWinds hackers

Autodesk has confirmed that it was also targeted by the Russian state hackers behind the large-scale SolarWinds Orion supply-chain attack, almost nine months after discovering that one of its servers was backdoored with Sunburst malware.
- Sergiu Gatlan
- September 02, 2021
- 07:30 AM
- 0
DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices

The US Department of Justice says that the Microsoft Office 365 email accounts of employees at 27 US Attorneys' offices were breached by the Russian Foreign Intelligence Service (SVR) during the SolarWinds global hacking spree.
- Sergiu Gatlan
- July 30, 2021
- 08:12 PM
- 0
Chinese hackers use new SolarWinds zero-day in targeted attacks

China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server.
- Lawrence Abrams
- July 13, 2021
- 07:54 PM
- 0
SolarWinds patches critical Serv-U vulnerability exploited in the wild

SolarWinds is urging customers to patch a Serv-U remote code execution vulnerability exploited in the wild by "a single threat actor" in attacks targeting a limited number of customers.
- Sergiu Gatlan
- July 12, 2021
- 10:17 AM
- 0
Russian hackers had months-long access to Denmark's central bank

Russian state hackers compromised Denmark's central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected.
- Ionut Ilascu
- June 29, 2021
- 01:48 PM
- 4
US sanctions cryptocurrency addresses linked to Russian cyberactivities

The US government sanctioned this week twenty-eight cryptocurrency addresses allegedly associated with entities or individuals linked to Russian cyberattacks or election interference.
- Lawrence Abrams
- April 18, 2021
- 12:07 PM
- 1
US government confirms Russian SVR behind the SolarWinds hack

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies.
- Ionut Ilascu
- April 15, 2021
- 10:54 AM
- 11
SolarWinds patches critical code execution bug in Orion Platform

SolarWinds has released security updates to address four vulnerabilities impacting the company's Orion IT monitoring platform, two o them allowing remote attackers to execute arbitrary code following exploitation.
- Sergiu Gatlan
- March 26, 2021
- 09:19 AM
- 0
CISA releases new SolarWinds malicious activity detection tool

The Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to detect post-compromise malicious activity associated with the SolarWinds hackers in on-premises enterprise environments.
- Sergiu Gatlan
- March 18, 2021
- 03:56 PM
- 2
Hackers hiding Supernova malware in SolarWinds Orion linked to China

Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China.
- Ionut Ilascu
- March 08, 2021
- 03:06 PM
- 0
Microsoft reveals 3 new malware strains used by SolarWinds hackers

Microsoft has revealed information on newly found malware the SolarWinds hackers deployed on victims' networks as second-stage payloads.
- Sergiu Gatlan
- March 04, 2021
- 02:05 PM
- 0
FireEye finds new malware likely linked to SolarWinds hackers

FireEye discovered a new "sophisticated second-stage backdoor" on the servers of an organization compromised by the threat actors behind the SolarWinds supply-chain attack.
- Sergiu Gatlan
- March 04, 2021
- 01:04 PM
- 0