- Kevin thompson solarwinds update#
- Kevin thompson solarwinds software#
- Kevin thompson solarwinds code#
- Kevin thompson solarwinds password#
Three weeks ago, SolarWinds posted a job ad seeking a new vice president for security the position is still listed as open. 9 announced that Thompson would be replaced by Sudhakar Ramakrishna, the former chief executive of Pulse Secure. The firm has long mooted the idea of spin-off of its managed service provider business and on Dec.
Kevin thompson solarwinds software#
Others - including Kyle Hanslovan, the cofounder of Maryland-based cybersecurity company Huntress - noticed that, days after SolarWinds realized their software had been compromised, the malicious updates were still available for download.
Kevin thompson solarwinds password#
Neither the password nor the stolen access is considered the most likely source of the current intrusion, researchers said. "This could have been done by any attacker, easily," Kumar said.
Kevin thompson solarwinds update#
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds' update server by using the password "solarwinds123" Arena informed his company's clients, which include U.S. One of those offering claimed access over the Exploit forum in 2017 was known as "fxmsp" and is wanted by the FBI "for involvement in several high-profile incidents," said Mark Arena, chief executive of cybercrime intelligence firm Intel471. In one previously unreported issue, multiple criminals have offered to sell access to SolarWinds' computers through underground forums, according to two researchers who separately had access to those forums. SolarWinds' security, meanwhile, has come under new scrutiny. The company's stock has tumbled more than 23% from $23.50 on Friday - before Reuters broke the news of the breach - to $18.06 on Tuesday. officials ordered anyone running Orion to immediately disconnect it. The impact on SolarWinds was more immediate. "We may not know the true impact for many months, if not more – if not ever," she said. The malicious updates - sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections - was "perfect timing for a perfect storm," said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird's cybersecurity preparedness and response team.Īssessing the damage would be difficult, she said. In a statement issued Sunday, the company said "we strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect our customers."Ĭybersecurity experts are still struggling to understand the scope of the damage. He did not provide on-the-record answers to questions sent via email. Three people familiar with the investigation have told Reuters that Russia is a top suspect, although others familiar with the inquiry have said it is still too early to tell.Ī SolarWinds representative, Ryan Toohey, said he would not be making executives available for comment.
Kevin thompson solarwinds code#
The hackers inserted malicious code into Orion software updates pushed out to nearly 18,000 customers.Īnd while the number of affected organizations is thought to be much more modest, the hackers have already parlayed their access into consequential breaches at the U.S. On Monday, SolarWinds confirmed that Orion - its flagship network management software - had served as the unwitting conduit for a sprawling international cyberespionage operation. Now that dominance has become a liability - an example of how the workhorse software that helps glue organizations together can turn toxic when it is subverted by sophisticated hackers. "We don't think anyone else in the market is really even close in terms of the breadth of coverage we have," he said.
0 kommentar(er)
