SolarWinds' Orion monitoring platform may have been tampered with by attackers

stacksofplates

@DustinB3403 said in SolarWinds' Orion monitoring platform may have been tampered with by attackers:

but if SolarWinds supplied MD5 and SHA256 checksums for their installations, and organizations verified it against what they downloaded they might have noticed that something was at least off

Sadly this most likely wouldn't have caught it. If the vulnerability was done during the build pipeline (source code injection, artifact injection, etc) the check sums would still match.

DustinB3403

@stacksofplates that's true

scottalanmiller

https://thenewstack.io/solarwinds-the-worlds-biggest-security-failure-and-open-sources-better-answer/

stacksofplates

@scottalanmiller said in SolarWinds' Orion monitoring platform may have been tampered with by attackers:

https://thenewstack.io/solarwinds-the-worlds-biggest-security-failure-and-open-sources-better-answer/

Looks like someone doesn't know what k8s Network Policies are and has never used a service mesh