Author: Jane Edwards|| Date Published: December 15, 2020
The Cybersecurity and Infrastructure Security Agency has released an emergency directive directing all federal civilian agencies to mitigate a compromise that threat actors are exploiting in SolarWinds' (NYSE: SWI) Orion Network Management products.
CISA Acting Director Brandon Wales said in a statement published Sunday the vulnerability “poses unacceptable risks to the security of federal networks.”
“Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation,” Wales added.
According to the directive, an attacker uses the vulnerability to get access to network traffic management systems and agencies should immediately disconnect from their networks SolarWinds Orion products versions 2019.4 to 2020.2.1 HF1.
Agencies using SolarWinds products were advised to submit completion reports to CISA by Dec. 14, Monday.
“The Department of Homeland Security is aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response,” Alexei Woltornist, assistant secretary for public affairs at DHS, said in a statement Monday.
ServiceNow has finalized its $7.75 billion acquisition of Armis, unifying cyber asset visibility, identity intelligence and automated risk response within…
Intel has appointed semiconductor industry veteran Shawn Han as senior vice president and general manager of foundry services. Han will officially assume…
Naval Information Warfare Center Atlantic has issued a solicitation seeking contractor support for shipboard command, control, communications, computers, cyber and intelligence,…
