FireEye security breach presents potential environment impact
From our trusted partner, Infocyte:
Every organization using Solarwinds Orion versions 1029.4 through 2020.2.1 for server monitoring is advised to assume that their servers and networks are compromised.
If you’ve been following the news lately, you may have caught wind of the recent large scale security breach related to FireEye – one of the world’s largest and most well-known cybersecurity firms that specialize in threat prevention, detection and response capabilities. Last week, FireEye publicly disclosed that they were successfully breached by threat actor group APT29 in what they called a sniper-like attack, meaning it was a very targeted, sophisticated, and intentional attack.
Yesterday, FireEye announced that this was a supply chain attack that occurred due to a vulnerability in SolarWinds Orion IT monitoring and management software. The implications of this breach are likely to be widespread, affecting many other organizations who also leverage SolarWinds software.
We are sharing this message to put you on high alert for potential impact to your own environments, especially those leveraging SolarWinds software. Current guidance regarding affected versions as well as recommended courses of action can be found through Cybersecurity & Infrastructure Security Agency (CISA) and the following Emergency Directive.
If you have questions or concerns about potential impact or environment compromise, Candoris is a trusted Infocyte partner. Please contact us or reach out to your Candoris Account Executive today. Our team is not only trained and knowledgeable on deploying this tool to assess environments for indicators of compromise, but we are also skilled in Incident Response to help with what comes next if your organization has in fact experienced a compromise.”