Security News

LogRhythm vs. SolarWinds: SIEM tool comparison
2022-03-25 16:54

The LogRhythm NextGen SIEM Platform and SolarWinds Security Events Manager both provide SIEM tools to users who wish to ensure the security of their organizational networks and digital devices. The LogRhythm NextGen SIEM Platform uses multidimensional analytics to detect and stop security threats.

SolarWinds vs. Splunk: SIEM tool comparison
2022-03-24 17:57

SolarWinds Security Event Manager is a SIEM tool that collects and analyzes security event log records to help organizations improve their security and compliance practices. SolarWinds Security Event Manager has real-time automated threat detection capabilities, with continuous system-wide threat detection, monitoring and alerting.

SolarWinds warns of attacks targeting Web Help Desk instances
2022-03-16 20:18

SolarWinds warned customers of attacks targeting Internet-exposed Web Help Desk instances and advised removing them from publicly accessible infrastructure. "A SolarWinds customer reported an external attempted attack on their instance of Web Help Desk 12.7.5. The customer's endpoint detection and response system blocked the attack and alerted the customer to the issue," SolarWinds said.

The Solarwinds Tipping Point
2022-02-25 00:00

What makes the SolarWinds attack so astonishing is its scale. The infected Orion software was sold to more than 33,000 customers.

New Malware Used by SolarWinds Attackers Went Undetected for Years
2022-02-03 02:21

The threat actor behind the supply chain compromise of SolarWinds has continued to expand its malware arsenal with new tools and techniques that were deployed in attacks as early as 2019, once indicative of the elusive nature of the campaigns and the adversary's ability to maintain persistent access for years. According to cybersecurity firm CrowdStrike, which detailed the novel tactics adopted by the Nobelium hacking group last week, two sophisticated malware families were placed on victim systems - a Linux variant of GoldMax and a new implant dubbed TrailBlazer - long before the scale of the attacks came to light.

Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks
2022-01-22 22:42

Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked as CVE-2021-35247, the issue is an " input validation vulnerability that could allow attackers to build a query given some input and send that query over the network without sanitation," Microsoft Threat Intelligence Center said.

Microsoft: Attackers Tried to Login to SolarWinds Serv-U Via Log4j Bug
2022-01-20 18:39

Threat actors have weaponized a newly discovered bug in SolarWinds Serv-U file-sharing software to launch Log4j attacks against networks' internal devices, Microsoft warned on Wednesday. SolarWinds fixed the vulnerability in Serv-U version 15.3, released on Tuesday.

New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks
2022-01-20 10:18

Attackers looking to exploit recently discovered Log4j vulnerabilities are also trying to take advantage of a previously undisclosed vulnerability in the SolarWinds Serv-U software. It affects version 15.2.5 and previous versions of Serv-U, and has been patched by SolarWinds in version 15.3.

Microsoft: SolarWinds fixes Serv-U bug exploited for Log4j attacks
2022-01-19 22:32

SolarWinds has patched a Serv-U vulnerability discovered by Microsoft that threat actors actively used to propagate Log4j attacks to internal devices on a network. Microsoft says they discovered the vulnerability during their monitoring of the Log4j attacks.

SolarWinds Hackers Targeting Government and Business Entities Worldwide
2021-12-07 19:16

Nobelium, the threat actor attributed to the massive SolarWinds supply chain compromise, has been once again linked to a series of attacks targeting multiple cloud solution providers, services, and reseller companies, as the hacking group continues to refine and retool its tactics at an alarming pace in response to public disclosures. The revelations come exactly a year after details emerged of a Kremlin-backed hacking campaign that breached the servers of network management provider SolarWinds to distribute tainted software binaries to a number of high-profile customers, including nine U.S. federal agencies.