36 matches found
Microsoft Internal Solorigate Investigation Update
As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...
Microsoft Internal Solorigate Investigation Update
As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...
Microsoft Internal Solorigate Investigation Update
As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...
Using Microsoft 365 Defender to protect against Solorigate
Microsoft security researchers continue to investigate and respond to the sophisticated cyberattack known as Solorigate also referred to as Sunburst by FireEye involving a supply chain compromise and the subsequent compromise of cloud assets. While the related investigations and impact assessment...
Using Microsoft 365 Defender to protect against Solorigate
Microsoft security researchers continue to investigate and respond to the sophisticated cyberattack known as Solorigate also referred to as Sunburst by FireEye involving a supply chain compromise and the subsequent compromise of cloud assets. While the related investigations and impact assessment...
Advice for incident responders on recovery from systemic identity compromises
As Microsoft alongside our industry partners and the security community continues to investigate the extent of the Solorigate attack, our goal is to provide the latest threat intelligence including IOCs and guidance across our products and solutions to help the community fight back against, harde...
Advice for incident responders on recovery from systemic identity compromises
As Microsoft alongside our industry partners and the security community continues to investigate the extent of the Solorigate attack, our goal is to provide the latest threat intelligence including IOCs and guidance across our products and solutions to help the community fight back against, harde...
Nobelium Resource Center - updated March 4, 2021
UPDATE: Microsoft continues to work with partners and customers to expand our knowledge of the threat actor behind the nation-state cyberattacks that compromised the supply chain of SolarWinds and impacted multiple other organizations. Microsoft previously used ‘Solorigate’ as the primary...
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. While investigations are underway, we want to provide the defender community with intelligence to understand the scope, impact, remediation guidance, and product detections and...
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. While investigations are underway, we want to provide the defender community with intelligence to understand the scope, impact, remediation guidance, and product detections and...
SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack
Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory...
SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack
Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory...
Ensuring customers are protected from Solorigate
Microsoft is monitoring a dynamic threat environment surrounding the discovery of a sophisticated attack that included compromised binaries from a legitimate software. These binaries, which are related to the SolarWinds Orion Platform, could be used by attackers to remotely access devices. We hav...
Ensuring customers are protected from Solorigate
Microsoft is monitoring a dynamic threat environment surrounding the discovery of a sophisticated attack that included compromised binaries from a legitimate software. These binaries, which are related to the SolarWinds Orion Platform, could be used by attackers to remotely access devices. We hav...
Solorigate/Sunburst : FireEye Breach Leveraged SolarWinds Orion Software
Update Dec 23, 2020: Added new section describing how to reduce risk with File Integrity Monitoring. Update Dec 22, 2020: FireEye Red Team tools & Solorigate/SUNBURST On December 13, SolarWinds released a security advisory regarding a successful supply-chain attack on the Orion management platfor...
Solorigate/Sunburst : Theft of Cybersecurity Tools | FireEye Breach
Update Jan 5, 2021: New patching section with two new dashboard widgets showing the number of missing FireEye-related patches in your environment and the number of assets in your environment missing one of those patches. Update Dec 23, 2020: Added a new section on compensating controls. Update De...