An apocalyptic cyber security compromise has occurred (SolarWinds NC2452)

HammerDown

HammerDown

Joined
Aug 17, 2020
Posts
29,592
Reaction score
60,644
Bookie:
$ 4,434.00
Location
SoCal. The Promised Land.
CISA Issues Emergency Directive to Mitigate the Compromise of Solarwinds Orion Network Management Products | CISA

This is a massive catastrophe.

The attacker could potentially have a full blueprint of a companies infrastructure (all traffic, all communications, all configurations in and out) depending on how much of the SolarWinds suite they are using.

Here's a list of companies that use SolarWinds, to what degree is not stated but federal organizations (including the federal reserve bank which was recently compromised) are big customers. 425 of the fortune 500 companies use their software.

h̶t̶t̶p̶s̶:̶/̶/̶w̶w̶w̶.̶s̶o̶l̶a̶r̶w̶i̶n̶d̶s̶.̶c̶o̶m̶/̶c̶o̶m̶p̶a̶n̶y̶/̶c̶u̶s̶t̶o̶m̶e̶r̶s̶

Edit: The company has now torched the original page but archived backups are available

SolarWinds Customers



Potentially compromised (from the list of companies they work with):

  • More than 425 of the US Fortune 500
  • All ten of the top ten US telecommunications companies
  • All five branches of the US Military
  • The US Pentagon, State Department, NASA, NSA, Postal Service, NOAA, Department of Justice, and the Office of the President of the United States
  • All five of the top five US accounting firms
  • Hundreds of universities and colleges worldwide
  • Dominion Voting uses their software..
  • .. and many many more shown above in the archived links.

This might be one of the biggest cyber security compromises in history and we won't know what the fallout is right away but it's gonna rock the boat for sure. Apparently the compromise has been around since March. :omg:

That's potentially 9 months of working time attackers had to collect data or run exploits on those companies servers using their access to the SolarWinds update servers.
 
Last edited:
Top 10 Cybersecurity Memes
 
fucking US Secret Service?!?!
 
If it can be traced to a nation-state, this is basically an act of war.
 
This is even worse than the Ashley Madison breach, technically.
 
HammerDown said:
CISA Issues Emergency Directive to Mitigate the Compromise of Solarwinds Orion Network Management Products | CISA

This is a massive catastrophe.

The attacker could potentially have a full blueprint of a companies infrastructure (all traffic, all communications, all configurations in and out) depending on how much of the SolarWinds suite they are using.

Here's a list of companies that use SolarWinds, to what degree is not stated but federal organizations (including the federal reserve bank which was recently compromised) are big customers. 425 of the fortune 500 companies use their software.

h̶t̶t̶p̶s̶:̶/̶/̶w̶w̶w̶.̶s̶o̶l̶a̶r̶w̶i̶n̶d̶s̶.̶c̶o̶m̶/̶c̶o̶m̶p̶a̶n̶y̶/̶c̶u̶s̶t̶o̶m̶e̶r̶s̶

Edit: The company has now torched the original page but archived backups are available

SolarWinds Customers



Potentially compromised (from the list of companies they work with):

  • More than 425 of the US Fortune 500
  • All ten of the top ten US telecommunications companies
  • All five branches of the US Military
  • The US Pentagon, State Department, NASA, NSA, Postal Service, NOAA, Department of Justice, and the Office of the President of the United States
  • All five of the top five US accounting firms
  • Hundreds of universities and colleges worldwide
  • Dominion Voting uses their software..
  • .. and many many more shown above in the archived links.

This might be one of the biggest cyber security compromises in history and we won't know what the fallout is right away but it's gonna rock the boat for sure. Apparently the compromise has been around since March. :omg:

That's potentially 9 months of working time attackers had to collect data or run exploits on those companies servers using their access to the SolarWinds update servers.
Click to expand...



And what do you think your hero Trump will do about it?

Zip, zero, nada. What a gutless fuck.
 
This is a hugely serious breach. It does not seem to be alarming to a lot of people, but I am shocked at this vulnerability.

Suppose they corrupted your bank's database and backups?
 
You must log in or register to reply here.
Back
Top