Skip to Content.
Sympa Menu

netsec-sig - [Security-WG] Fw: Active Exploitation of SolarWinds Software

Subject: Internet2 Network Security SIG

List archive

[Security-WG] Fw: Active Exploitation of SolarWinds Software


Chronological Thread 
    < Chronological >      < Thread >
  • From: Paul Howell <>
  • To: "" <>
  • Cc: Rob Vietzke <>
  • Subject: [Security-WG] Fw: Active Exploitation of SolarWinds Software
  • Date: Mon, 14 Dec 2020 15:05:17 +0000
Hello Everyone,

Passing along an urgent security advisory regarding active exploitation of SolarWinds.   If you are using SolarWinds, then immediate actions are necessary to thwart compromise.  Please read the links noted below.

Regards,
Paul


Paul Howell

Chief Cyberinfrastructure Security Officer

Network Services, Internet2

100 Phoenix Drive, STE 111

Ann Arbor, MI 48108

Office: 734-352-4212

Email:




From: US-CERT <>
Sent: Sunday, December 13, 2020 11:30 PM
To: Paul Howell <>
Subject: Active Exploitation of SolarWinds Software
 

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

Active Exploitation of SolarWinds Software

12/13/2020 10:23 PM EST

Original release date: December 13, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, released between March 2020 and June 2020.

CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:

This product is provided subject to this Notification and this Privacy & Use policy.

Having trouble viewing this message? View it as a webpage

  • [Security-WG] Fw: Active Exploitation of SolarWinds Software, Paul Howell, 12/14/2020

Archive powered by MHonArc 2.6.19.

Top of Page