Remediation

Retrieved 2021-07-21

NIST Publishes 'Critical Software' Security Guidance

Retrieved 2021-05-11

SolarWinds CEO describes overhauled Orion build system after that 'very small, unique' security breach (Register)

SolarWinds CEO describes overhauled Orion build system after that 'very small, unique' security breach • The Register (SecuritNEWS)

Retrieved 2021-03-31

cyber.dhs.gov - Emergency Directive 21 (02)

Retrieved 2021-03-10

DHS CISA Shares Remediation, Risk Guidance for SolarWinds Compromise

Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)

Retrieved 2021-03-09

Guidance on Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise (CISA)

Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

Retrieved 2021-02-26

RABET-V Pilot Update and SolarWinds Mitigations (NASS)

Retrieved 2021-02-24

SolarWinds & Solorigate: What Happened, Why it Matters & What Happens Next (The Devolutions Blog)

Retrieved 2021-02-11

Software supply chain attacks – everything you need to know (The Daily Swig)

Retrieved 2021-02-09

SolarWinds security to-do list post hack (Utility Dive)

SolarWinds Recovery May Require Extreme Actions

Retrieved 2021-01-29

Manufacturing particularly at risk of Solorigate (linked breaches)

Retrieved 2021-01-16

Hackers abusing Mimecast certs to target Microsoft 365 users

Retrieved 2021-01-15

Sunburst Malware Information (FireEye)

Retrieved 2021-01-13

Top SolarWinds risk assessment resources for Microsoft 365 and Azure (CSO Online)

Mimecast: Hackers Compromised A Digital Certificate (My TechDecisions)

Retrieved 2021-01-12

Important Update from Mimecast (Mimecast Blog)

Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes (tpost)

Retrieved 2021-01-08

SolarWinds hires former Trump cyber security chief Chris Krebs

Retrieved 2021-01-07

SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack

CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks (scmedia)

Retrieved 2021-01-05

SolarWinds hack endangering cloud services’ API keys (DevOps Online)

Essays: The Solarwinds Hack Is Stunning. Here’s What Should Be Done (Schneier)

Retrieved 2021-01-04

SolarWinds hack may have been a global attack (TechRadar)

US issues advisory for agencies to update SolarWinds software (Express Computer)

CISA updates on SolarWinds compromise - (GCN)

Retrieved 2020-12-30

CISA updates SolarWinds guidance, tells US govt agencies to update right away (ZDNet)

Retrieved 2020-12-29

SolarWinds Orion: Fixes Aim to Block Sunburst and Supernova

Retrieved 2020-12-28

Using Microsoft 365 Defender to protect against Solorigate (MS Security)

Retrieved 2020-12-21

Continue Clean (up of Compromised SolarWinds Software)

Solorigate Resource Center – updated December 31st, 2020 (Microsoft Security Response Center)

Retrieved 2020-12-19

Hacked Networks Will Need to be Burned 'Down to the Ground' (SecurityWeek.Com)

Retrieved 2020-12-17

SolarWinds Deploys CrowdStrike To Secure Systems After Hack

SolarWinds MSP To Revoke Digital Certificates For Tools, Issue New Ones As Breach Fallout Continues

Retrieved 2020-12-16

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

SUNBURST – SolarWinds® Orion® IT Management Platform Security Advisory (ServerCentral Turing Group)

Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach (GeekWire)

SolarWinds Removes Customer List From Site as It Releases Second Hotfix (SecurityWeek.Com)

Retrieved 2020-12-15

Microsoft and industry partners seize key domain used in SolarWinds hack (ZDNet)

Retrieved 2020-12-14

US Calls On Federal Agencies To Power Down SolarWinds Orion Due To Security Breach

The SolarWinds Breach: Why Your Work Computers Are Down Today (Lawfare)

Retrieved 2020-12-13

cyber.dhs.gov - Emergency Directive 21 (01)

cyber.dhs.gov - Emergency Directive 21 (01)