VentureBeat

CISA warns of credential theft via SolarWinds and PulseSecure VPN

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Attackers targeted both the Pulse Secure VPN appliance and the SolarWinds ...
TechRadar

SolarWinds left some serious security flaws in its Web Desk Help platform, and now it's under attack

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Security researchers have uncovered a critical-severity vulnerability in one of SolarWinds' most ...
CRN

Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds

Hackers entered the unidentified victim’s network through a Pulse Secure VPN appliance, moved laterally to the victim’s SolarWinds Orion sever, installed Supernova malware, and stole credentials, ...
Bleeping Computer

SolarWinds Web Help Desk flaw is now exploited in attacks

CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late ...
Bleeping Computer

SolarWinds fixes hardcoded credentials flaw in Web Help Desk

SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials. Web Help Desk (WHD) is an IT help desk ...
Dark Reading

SolarWinds Attack Reinforces Importance of Principle of Least Privilege

The SolarWinds attack is historic for its multidimensional sophistication. As we continue to learn of new victims, techniques, and implications, it's important that chief information security officers ...
Infosecurity-magazine.com

Malwarebytes: SolarWinds Hackers Read Our Emails

Malwarebytes has confirmed that the SolarWinds attackers managed to access internal emails, although via a different intrusion vector to many victims. While many of the organizations caught up in the ...