Critical Security Alert for SolarWinds Customers

FireEye security breach presents potential environment impact

From our trusted partner, Infocyte:

Every organization using Solarwinds Orion versions 1029.4 through 2020.2.1 for server monitoring is advised to assume that their servers and networks are compromised.

If you’ve been following the news lately, you may have caught wind of the recent large scale security breach related to FireEye – one of the world’s largest and most well-known cybersecurity firms that specialize in threat prevention, detection and response capabilities. Last week, FireEye publicly disclosed that they were successfully breached by threat actor group APT29 in what they called a sniper-like attack, meaning it was a very targeted, sophisticated, and intentional attack.

Yesterday, FireEye announced that this was a supply chain attack that occurred due to a vulnerability in SolarWinds Orion IT monitoring and management software. The implications of this breach are likely to be widespread, affecting many other organizations who also leverage SolarWinds software.

The implications of this breach are likely to be widespread, affecting many other organizations who also leverage SolarWinds software.

We are sharing this message to put you on high alert for potential impact to your own environments, especially those leveraging SolarWinds software. Current guidance regarding affected versions as well as recommended courses of action can be found through Cybersecurity & Infrastructure Security Agency (CISA) and the following Emergency Directive.

If you have questions or concerns about potential impact or environment compromise, Candoris is a trusted Infocyte partner. Please contact us or reach out to your Candoris Account Executive today. Our team is not only trained and knowledgeable on deploying this tool to assess environments for indicators of compromise, but we are also skilled in Incident Response to help with what comes next if your organization has in fact experienced a compromise.”


Related Posts on Security

About the author

Director of Professional Services

Kelly is a security solutions expert with an impressive portfolio of education and professional certifications. She served in the United States Air Force and has 13 years of security experience spanning industry verticals from financial services and insurance, to healthcare, education, and government. Kelly is passionate about bridging business gaps with technical solutions and specializes in developing highly successful and effective security programs to help businesses maintain operational efficiencies.