Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Cisco Partner Summit Digital 2020 HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 Avaya Newsroom Experiences That Matter Lenovo GoChannelFirst The IoT Integrator NetApp Data Fabric Intel Tech Provider Zone

10 Things To Know About The SolarWinds Breach And Its U.S. Government Impact

From how nation-state hackers evaded detection to why federal agencies were ordered to immediately power down Orion to its impact on the SolarWinds MSP business, here are the most important things to know about the SolarWinds breach.

Back 1   2   3   ... 11 Next
photo

10. Hack Comes Months After Zero-Day Exploit Of RMM Tool

This isn’t the first time that SolarWinds’ technology has been open to exploitation. A zero-day vulnerability in SolarWinds MSP’s remote monitoring and management (RMM) tool n-Central announced in January 2020 allowed security researchers to steal the administrative credentials of an account holder, security vendor Huntress said at the time.

The flaw was reported in October 2019 and remained open for more than three months, according to Huntress. SolarWinds said at the time that the exploit was never used by malicious actors to compromise any partner accounts, and deployed hotfixes for the flaw in January 2020. It also released a mitigation tool that could be used in the event the hotfix couldn’t be applied.

SolarWinds told CRN at the time that the researcher reported the flaw to the company in October but there was no proof of concept. Following its internal protocol, the company monitored the findings and began working on a patch in late January when a proof of concept was disclosed.

 
 
Back 1   2   3   ... 11 Next

sponsored resources