Isolation is a good option but might be difficult for anyone who heavily relies on them and is monitoring systems without the agent. If this is the case then traffic monitoring might be the only option.
If you are running Solarwinds Orion, things you can do: Determine patch levels and ensure you are running the latest. Isolate / contain all Solarwinds servers at this time until all full details come out. Begin analysis from those servers dating back from at least March.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Actual attack might happen after monitoring system is isolated/offline.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Or switch to Tipping Point / Trend Micro.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Or if possible just disable the service entirely until patch is released- again only if possible
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
finally somebody with some sense. too many "cyber security journalists" on twitter with no helpful info for those affected other than "stay tuned", I feel sorry for them.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Bend over and kiss Christmas freeze good bye ;)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Start looking for data being exfilled in outbound traffic. Look for top talkers..
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
My org didn't do any Orion updates in 2020 except for October with v2020.2.1. No signs of compromise, using the IOCs published so far.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Should not everything be contained within it’s own VLAN? Is everyone else not using segmentation?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.