SolarWinds' widely-used Orion IT platform has been the subject of a supply-chain compromise by an unidentified threat actor. The attack was discovered in December 2020, but it appears to have begun in March 2020 when the attacker used trojan malware to open a backdoor on SolarWinds customers around the world.

Is your organization prepared to mitigate Distributed Denial of Service (DDoS) attacks against mission-critical cloud-based applications? A DDoS attack is a cyber attack that uses bots to flood the targeted server or application with junk traffic, exhausting its resources and disrupting service for real human users. DDoS attacks are on the rise, with over 4.83 million attacks reported in the first half of 2020 - an increase of more than 250% compared to the same period in 2019.

In the mid of December, SolarWinds disclosed that the company experienced a highly sophisticated, manual supply chain attack on versions of the Orion network monitoring product released in March – June 2020. The company shared that the attack was most likely conducted by foreign hackers and intended to be narrow, remarkably targeted, and manually executed attack.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we are exploring the concept of supply chain cybersecurity in a time when there is a rising number of third-party cyberattacks.

In this blog, we break down the timeline of the number one hacker threat to ecommerce sites today – Magecart. The 2020 Magecart timeline includes all the significant Magecart attacks in 2020. With 4,800 formjacking attacks each month alone, this timeline only represents a small proportion of attacks reported in the public domain in 2020.

The SolarWinds hack, which has affected high-profile Fortune 500 companies and large U.S. federal government agencies, has put the spotlight on software development security — a critical issue for the DevOps community and for JFrog. At a fundamental level, if the code released via CI/CD pipelines is unsafe, all other DevOps benefits are for naught.

Solarwinds is a 21-year old publicly traded monitoring and network management vendor with 300,000+ customers across the world. It’s familiar to IT operations and monitoring teams across enterprises big and small. And this week, it found itself in the news for all the wrong reasons.

Confidentiality, integrity and availability are the three basic laws of security. Availability is a kind of wayward son who becomes prodigal when he likes to, even if it is just to write eulogies with it when the systems go down, although the truth is that it is the most neglected out of the three of them and perhaps that is why monitoring has become more approached for what it may come from outside than what it is inside.

Flowmon Anomaly Detection System from Kemp now contains Indicators of Compromise (IoC) for the SUNBURST trojan specifically. Users of the Flowmon network detection and response (NDR) tool can check if they are under attack and set up measures to detect SUNBURST. This December, the world shook at the news of several US government bodies falling victim to a highly sophisticated attack.

On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds. We soon discovered that we had been the victim of a malicious cyberattack that impacted our Orion Platform products as well as our internal systems.