CISA ISSUES EMERGENCY DIRECTIVE TO MITIGATE THE COMPROMISE OF SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS

[Danil54grl]

https://www.cisa.gov/news/2020/12/1...-mitigate-compromise-solarwinds-orion-network
CISA ISSUES EMERGENCY DIRECTIVE TO MITIGATE THE COMPROMISE OF SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS
Original release date: December 13, 2020 | Last revised: December 14, 2020
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”
This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.

 

[Maverick]

And that comes in on the backdrop that Russian government hackers breaks into U.S. Treasury and Commerce Departments

 

[GeorgiaPeachie]

Dominion Voting Systems Uses Firm That Was Hacked

A company that provides voting systems in 28 states uses an Internet technology firm that was hacked.

Dominion Voting Systems uses SolarWinds software, according to a Dominion web page.

SolarWinds does not list Dominion on its partial customer listing but says its products and services are used by more than 300,000 customers around the world, including all five branches of the U.S. military and more than 425 of the U.S. Fortune 500.

 

[Proud Prepper]

Dominion Voting Systems Uses Firm That Was Hacked

A company that provides voting systems in 28 states uses an Internet technology firm that was hacked.

Dominion Voting Systems uses SolarWinds software, according to a Dominion web page.

SolarWinds does not list Dominion on its partial customer listing but says its products and services are used by more than 300,000 customers around the world, including all five branches of the U.S. military and more than 425 of the U.S. Fortune 500.

This is there plausible denyability plan. Its over now. The election is over for Biden, this is there escape plan.

 

[Maverick]

SolarWinds are owned by Silver Lake, Silver Lake own a lot of companies. By the way, was U.S. Treasury and Commerce Departments using SolarWinds?

Scroll down to see the list (how many are using SolarWinds)
https://en.wikipedia.org/wiki/Silver_Lake_(investment_firm)

 

[GeorgiaPeachie]

SolarWinds are owned by Silver Lake, Silver Lake own a lot of companies. By the way, was U.S. Treasury and Commerce Departments using SolarWinds?

Scroll down to see the list (how many are using SolarWinds)
https://en.wikipedia.org/wiki/Silver_Lake_(investment_firm)

“...services are used by more than 300,000 customers around the world, including all five branches of the U.S. military and more than 425 of the U.S. Fortune 500.

 

[GeorgiaPeachie]

https://www.cisa.gov/news/2020/12/1...-mitigate-compromise-solarwinds-orion-network
CISA ISSUES EMERGENCY DIRECTIVE TO MITIGATE THE COMPROMISE OF SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS
Original release date: December 13, 2020 | Last revised: December 14, 2020
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”
This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.

This is the REASON lots of the internet this morning was down for awhile! They were disconnecting from SolarWinds.

 

[David SB]

Only thing that will clear this up is blood...........lots of it

 

[LexiRae]

Interesting. Last night, my electricity didn’t go out, but the company sent out notices that it had. And then again this morning, that it was restored, at the same time google came back on.

 

[DrHenley]

This morning I noticed that my default search engine was switched from DuckDuckGo to Google. DuckDuckGo wasn't even in the list anymore.

 

[BillMasen]

Google and You tube crashed globally earlier today according to Down detector, dunno if hacking was involved.

 

[BillMasen]

SolarWinds asks all customers to upgrade immediately to Orion Platform version 2020.2.1 HF 1 to address a security vulnerability. More information is available here.

 

[Mountain Dragon]

If i was take an look on the map it looked to me like mainly the bigger cities and "hotspots" was affected more than the countryside - here in Europe

 

[GeorgiaPeachie]

SolarWinds asks all customers to upgrade immediately to Orion Platform version 2020.2.1 HF 1 to address a security vulnerability. More information is available here.

Our government demanded everyone get off it by end of day.

 

[BucketBack]

The Duck is still my default search engine.

 

[BillMasen]

The Duck is still my default search engine.

I like Firefox and its custom made extensions, plus the private viewing page option.

 

[tmttactical]

Opera browser and the FREE VPN. Duck for the search. Google / chrome for nothing.

 

[Danil54grl]

CEO of Solar Winds has turned over his passport to federal law enforcement officials.
Source Sean Hannity show on Sirius 125

 

[Maverick]

On December 13, 2020, the Washington Post reported that multiple government agencies were breached through SolarWinds's Orion software, "according to three people familiar with the matter..." It was reported, but not confirmed, that APT29, aka Cozy Bear, working for the Russian Foreign Intelligence Service (SVR) was behind the attack.[50] Victims of this attack include the cybersecurity firm FireEye, The US Treasury Department and the US Department of Commerce's National Telecommunications and Information Administration.[51] FireEye reported the hackers inserted "malicious code into legitimate software updates for the Orion software that allow an attacker remote access into the victim’s environment" and that they have found "indications of compromise dating back to the Spring of 2020."

According to Microsoft An on premise SAML token signing certificate was compromised. This SAML token was then used to generate other tokens for highly privileged authorized users.[52]

The attack used a backdoor in a SolarWinds library. When an update to SolarWinds occurred the malicious attack would go unnoticed due to the trusted certificate[53] The Cybersecurity and Infrastructure Security Agency issued Emergency Directive 21-01, only its fifth in history in response to the incident.

Also
The CEO Kevin Thompson was slated to leave SolarWinds December 31

 

[Danil54grl]

https://www.thegatewaypundit.com/20...clintons-china-hong-kong-us-election-process/