Last week, SolarWinds announced that its Orion platform was compromised in a sophisticated cyberattack that ultimately used the platform’s update server to distribute malware to over 18,000 SolarWinds customers. While GraVoc does not have the SolarWinds Orion platform deployed in any of our environments, we do use the SolarWinds RMM platform to deliver IT managed services to many of our customers.
Upon receiving notice of the attack, we reached out to SolarWinds and they ensured us that the RMM platform was not affected by the attack. Nevertheless, we will continue to monitor the situation and keep an open line of communication with SolarWinds to ensure that our environments remain unaffected. As this situation develops and as new information is released, we will update this page of any changes that would have a material impact on GraVoc and our customers. Furthermore, as a precautionary measure, we are working with SolarWinds to update any certificates associated with the RMM console. Target timeline for completion of this is January 8, 2021.
In the meantime, please contact us if you have any questions or concerns on this matter.
In our second episode of How Do Hackers Do Things, GraVoc Security Consultant, Josh, shows you how hackers harvest email addresses for malicious purposes.
The New York State Department of Financial Services (DFS) released guidance on a cyber fraud campaign targeting websites that collect non-public information (NPI).
In our first episode of How Do Hackers Do Things, GraVoc Security Consultant, Josh Jenkins, shows you how hackers can take advantage of Shodan; a freely available tool on the Internet that allows anyone to preform advanced recon on a target URL.