July 18, 2024 at 06:05PM A judge dismissed part of the SEC’s case against SolarWinds and its CISO Tim Brown, post-breach, but allowed claims related to misrepresenting cybersecurity posture pre-breach to proceed. The ruling is seen as guidance for public companies in disclosing cyber incidents. SolarWinds is pleased but will defend claims in the upcoming … Read more
July 18, 2024 at 05:17PM A judge has mostly dismissed a lawsuit by America’s financial watchdog against SolarWinds and its CISO for misleading investors about computer security practices and the backdooring of its Orion product after the SUNBURST attack. The judge ruled in favor of SolarWinds on post-SUNBURST claims but sustained the SEC’s securities fraud … Read more
July 18, 2024 at 11:57AM SolarWinds addressed critical vulnerabilities in its Access Rights Manager software, including RCE and directory traversal flaws. These flaws could allow unprivileged attackers to execute code, delete files, and obtain sensitive information. The company released version 2024.3 with security fixes. SolarWinds has yet to confirm if exploits for the flaws are … Read more
June 21, 2024 at 05:24AM A high-severity flaw in SolarWinds Serv-U file transfer software (CVE-2024-28995, CVSS score: 8.6) allows attackers to read sensitive files. Security researcher Hussein Daher discovered the flaw, and a proof-of-concept exploit has been made available. Rapid7 described it as trivial to exploit. Users are urged to apply updates promptly to mitigate … Read more
June 20, 2024 at 05:10PM Midnight Blizzard, a Russia-backed advanced persistent threat, continues to pose an active threat to French diplomatic entities. Recently targeted by the group are institutions including the French Ministry of Culture and the National Agency for Territorial Cohesion. Tactics include phishing and forged documents to access networks and exfiltrate data, per … Read more
June 20, 2024 at 11:54AM Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability using publicly available proof-of-concept exploits. The CVE-2024-28995 flaw allows unauthenticated attackers to read arbitrary files from the filesystem. SolarWinds released a fix, but public exploits are available, making it crucial for administrators to apply the security updates promptly. Based on … Read more
June 20, 2024 at 10:58AM State-sponsored cyber attacks targeting French diplomatic entities have been linked to Russia by the country’s information security agency. The attacks, attributed to a cluster named Midnight Blizzard, use phishing emails and compromised accounts to initiate malicious actions. The threat actor, known as Nobelium, has also targeted European embassies and leveraged … Read more
June 7, 2024 at 02:23PM SolarWinds released version 2024.2 with new features, upgrades, and security patches. This includes fixing high-severity SWQL injection bug (CVE-2024-28996), reported by a NATO-affiliated penetration tester. Other flaws fixed are a high-severity cross-site scripting flaw (CVE-2024-29004) and a medium-severity race condition vulnerability. The update also enhances map functionality and overall stability. … Read more
June 7, 2024 at 10:09AM The tech industry faced wake-up calls in 2020 and 2021 with incidents like SolarWinds, Log4j, and Kaseya’s VSA, emphasizing the critical need to refine response strategies to vulnerabilities and supply chain attacks. Both large and small organizations must prioritize comprehensive asset inventories and software bills of materials to effectively respond … Read more
June 7, 2024 at 07:00AM SolarWinds released patches for high-severity vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a NATO pentester. Version 2024.2 includes fixes for three security defects and multiple bugs in third-party components. The vulnerabilities impact SolarWinds Platform 2024.1 SR 1 and previous versions. Users are urged to update … Read more