Thirtyseven4 & SolarWinds Vulnerability
Regarding the announced cyberattack made to insert a vulnerability in SolarWinds Orion Platform software builds.
Below is the statement from SolarWinds about what happened:
SolarWinds has been made aware of a cyberattack that inserted a vulnerability within SolarWinds® Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion products run. SolarWinds has been advised that this incident was likely the result of a highly sophisticated, targeted, and manual supply chain attack by an outside nation state, but SolarWinds has not independently verified the identity of the attacker.
Below is the advisory from SolarWinds:
Below is the FAQ addressed by SolarWinds:
Below are the steps proactively taken by Thirtyseven4 Endpoint Security to mitigate the risks posed by the described vulnerability within SolarWinds Orion Software:
1. The following Thirtyseven4 detections were available:
2. Thirtyseven4 is blocking all active (and proactively blocking yet be active) associated Command & Control (CnC) domains.
3. Detection safeguards added within Thirtyseven4 IDS/IPS (Intrusion Detection System/Intrusion Prevention System):
Interested Thirtyseven4 Endpoint Security? You can request a Quote today!
Born out of a desire to better connect antivirus protection solutions with premium customer support and service, Thirtyseven4, LLC seeks to protect schools, businesses, governmental agencies and home‐users with the best antivirus products available. Thirtyseven4 is an American company built on honesty, trust and value for the customer. http://www.thirtyseven4.com.
Thirtyseven4, LLC is dedicated to serving customers with a full palette of security solutions including AntiVirus, AntiMalware, Anti-Ransomware and Zero-Day Threat Protection.