So I just saw a friend's post on Facebook where he was calling it a Russian hack of Solarwinds. That's why they got raided by the US Marshalls. He is a long term city of Austin employee and a hugely outspoken Democrat.

Russia, Russia, Russia!

Layne Staley said:

---

So I just saw a friend's post on Facebook where he was calling it a Russian hack of Solarwinds. That's why they got raided by the US Marshalls. He is a long term city of Austin employee and a hugely outspoken Democrat.

Russia, Russia, Russia!

---

The mind of a lib is a fascinating place.

Nothing can stop what is coming.

Rebel Yell said:

---

Layne Staley said:

---

So I just saw a friend's post on Facebook where he was calling it a Russian hack of Solarwinds. That's why they got raided by the US Marshalls. He is a long term city of Austin employee and a hugely outspoken Democrat.

Russia, Russia, Russia!

---

The mind of a lib is a fascinating place.

---

if the cube root of y is = to the tangent of (crazy/insane) then russia...russia.....russia

This is likely the largest breach (risk wise) in history.

The tool was compromised (the code) and was distributed to clients for download. This code provided a possible foothold into 275,000 possible clients that downloaded the infected code from march 2020 to now.

The list of customers and their roles is massive.

The control that Solarwinds had via administrative access to client servers so it could monitor is even worse. Most administrators just made the Solarwinds software full "domain admin" because it was easier.

Time will tell what companies were hit, and to what degree the damage is. The threat actor in question was very sophisticated and worked hard to hide their work. FireEye caught it last week. We will see plenty more companies come forward over time.

anything new on this?

ruddyduck said:

---

anything new on this?

---

During the raid, the FBI accidentally deleted the evidence.

Damn the bad luck.

kb2001 said:

---

OldArmyBrent said:

---

kb2001 said:

---

Lots of companies use Solarwinds, our network team included. They were pretty much the gold standard 10 years ago, and are still a major player in network monitoring and management.

This is really bad. Primarily because it was compromised a while ago, and managed to put the malicious code into Orion software updates, so customers who are keeping up with patching are all impacted. The group basically waited until all their intended targets were susceptible before attacking.

---

If someone was able to insert code with the digital signature of SW, why should we believe there nothing else being exploited right now? That's why everything Solarwinds was turned off. I realize I'm oversimplifying, but this is terrifying. Orion was not the only thing compromised.

---

Agreed, this is really bad. The compromise was to a SAML assertion that allowed the attackers to generate high level users. Who knows what else they could have done to any products, they could still have sleeper accounts in SW's infrastructure. This is really bad

---

Yikes. Just yikes.

And today's Russian ICBM tests were not connected at all.

Layne Staley said:

---

n/m

---

When you can't even trust your monitoring software....

2 days later and still no raid.

Don't read Gateway Pundit folks.

Lol. You'd think people would figure this thing out. But, there seems to be a process;

1. Tweet something out that supports a conspiracy (must include red sirens and odd font).
2. Link to the story in some questionable news source. Gateway Pundit and Epoch Times are two favorites...or if they won't run it, then something with "America" or "Patriot" in the name.
3. Those that want to believe eat it up.
4. Nothing ever develops
5. Repeat "satanic child molesters under DC Pizza Parlors", "people are being detained in Guantanamo" and "general ________ says that ___________ branch is a secret ops team disguised as the janitorial staff at _______ base in ___________, they've uncovered _______."
6. Anyone that questions it as BS is a lib or a concerned moderate that hates America
7. When exposed as BS, either pretend it never happened or include it in the great conspiracy and move on to the next BS story.

Ask yourselves, how many times have you fallen for this crap? Are you not ashamed? Are you not tired? don't know if people believe this stuff, want to believe it or if these little booster shots of hope help dealing with the election of the worst/most corrupted political candidate in a very long time.

Feel better now?

I thought they were an alternate energy venture

100,000x better.

See no. 6 of my post

Dominion IT Rep said:

---

2 days later and still no raid.

Don't read Gateway Pundit folks.

---

Boy do I feel better, no raid, everything is just fine.

Dominion IT Rep said:

---

2 days later and still no raid.

Don't read Gateway Pundit folks.

---

Are you saying the raid at solar winds didn't happen?

well, it did. Not sure where you are hearing otherwise.

Rebel Yell said:

---

Layne Staley said:

---

So I just saw a friend's post on Facebook where he was calling it a Russian hack of Solarwinds. That's why they got raided by the US Marshalls. He is a long term city of Austin employee and a hugely outspoken Democrat.

Russia, Russia, Russia!

---

The mind of a lib is a fascinating place.

---

Nothing is fascinating? Since when?

Did anybody ever note there was no "raid" not even in the OP article? It's like calling the police after a bank gets robbed and saying the police "raided" the bank.

What was the final verdict on this?

In a wild turn of events the US Marshals now hit by ransomware attack.

Took 3-years to go from investigator to victim.

please sweet digital baby jesus, let the hackers release the data.