SolarWinds Software Exploitation

Alert ID: 
JMCIRT-AL-2020.004
Alert Date: 
Monday, December 14, 2020
Threat Level: 
High

Active Exploitation of SolarWinds Software
Original release date: December 13, 2020 | Last revised: December 14, 2020

The Jamaica Cyber Incident Response Team (JaCIRT)is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020.

The Jamaica Cyber Incident Response Team advises users and administrators to peruse the SolarWinds and FireEye security advisories for more information and FireEye’s GitHub page for detection countermeasures:

 

References

  1.        https://us-cert.cisa.gov/
  2.        https://www.solarwinds.com/securityadvisory
  3.        https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-le...
  4.        https://github.com/fireeye/sunburst_countermeasures