SolarWinds roundup: Fixes, new bad actors, and what the company knew
The SolarWinds Orion security breach is unfolding at a rapid pace, and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern are the rate of infection and impact on government systems.In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework, was found to contain a backdoor that communicates via HTTP to third-party servers.[Get regularly scheduled insights by signing up for Network World newsletters.]
After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.To read this article in full, please click here READ MORE HERE…