Author: Jane Edwards|| Date Published: December 15, 2020
The Cybersecurity and Infrastructure Security Agency has released an emergency directive directing all federal civilian agencies to mitigate a compromise that threat actors are exploiting in SolarWinds' (NYSE: SWI) Orion Network Management products.
CISA Acting Director Brandon Wales said in a statement published Sunday the vulnerability “poses unacceptable risks to the security of federal networks.”
“Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation,” Wales added.
According to the directive, an attacker uses the vulnerability to get access to network traffic management systems and agencies should immediately disconnect from their networks SolarWinds Orion products versions 2019.4 to 2020.2.1 HF1.
Agencies using SolarWinds products were advised to submit completion reports to CISA by Dec. 14, Monday.
“The Department of Homeland Security is aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response,” Alexei Woltornist, assistant secretary for public affairs at DHS, said in a statement Monday.
Northrop Grumman has secured a $303.6 million indefinite-delivery/indefinite-quantity contract for the repair and return of radar components used on F-16…
Quantum computing firm IonQ has unveiled plans to acquire Skyloom Global, a Colorado-based developer of optical communication systems for space-based quantum networks. The…
Shareholders at identity security company CyberArk have approved Palo Alto Networks’ proposed acquisition offer. Cyberthreats are escalating, and government data…
