This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.
Parents
  • Not sure why people are linking to the fireeye hack.  They had their internal systems compromised, and their red team tools stolen.  Which are basically open source tools, readily available.  They're also using known exploits and no 0days.

    From what I know of the Orion hack, this is a supply chain hack, so their FTP or similar has been compromised, and their code replaced with additional code.  Seems the US government was the target, as they've advised two departments have been compromised.

    This is concerning either way, especially as it seems this hack has been present for quite some time.  And I would've expected a company the size of SolarWinds to be having pentests regularly to find these issues.

Reply
  • Not sure why people are linking to the fireeye hack.  They had their internal systems compromised, and their red team tools stolen.  Which are basically open source tools, readily available.  They're also using known exploits and no 0days.

    From what I know of the Orion hack, this is a supply chain hack, so their FTP or similar has been compromised, and their code replaced with additional code.  Seems the US government was the target, as they've advised two departments have been compromised.

    This is concerning either way, especially as it seems this hack has been present for quite some time.  And I would've expected a company the size of SolarWinds to be having pentests regularly to find these issues.

Children