Security News > 2020 > December > US govt, FireEye breached after SolarWinds supply-chain attack

Trojanized versions of SolarWinds' Orion IT monitoring and management software have been used in a supply chain attack leading to the breach of government and high-profile companies after attackers deployed a backdoor dubbed SUNBURST or Solorigate.
SolarWinds' customer listing [1, 2] includes over 425 of the US Fortune 500, all top ten US telecom companies, hundreds of universities and colleges, all five branches of the US Military, the US Pentagon, the State Department, NASA, NSA, Postal Service, NOAA, Department of Justice, and the Office of the President of the United States.
SolarWinds is also working with Microsoft to remove an attack vector leading to the compromise of targets' Microsoft Office 365 office productivity tools.
SolarWinds was made aware of an attack vector that was used to compromise the Company's emails and may have provided access to other data contained in the Company's office productivity tools.
The hacking group behind the SolarWinds supply chain attack are focusing their attacks against a large assortment of worldwide targets including "Government, consulting, technology, telecom and extractive entities in North America, Europe, Asia, and the Middle East.".
News URL
Related news
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)