Threat Advisory: SolarWinds supply chain attack

Update 12/17: Additional IOCs added related to teardrop secondary payload.
Update 12/16: Based on the announcement from FireEye, Microsoft, and GoDaddy avsvmcloud[.]com has been unblocked as it is now functioning as a kill switch in an effort to help limit adversaries access. Please note that this does not imply that this is a complete protection from these attacks. Additional remediation steps will should and must be taken. Additional detailsĀ here.
Update 12/14: We note there is a…

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Go to Source

You may also like...