Hackers hit SolarWinds again — what CISOs should know

SolarWinds, a software company that was struck in one of the biggest data breaches to date, said that hackers are leveraging a vulnerability to hit networks again.

Five things to know:

  1. The company said a Microsoft vulnerability was used to launch attacks aimed at Solarwinds' file transfer network to target its customers, according to CyberScoop. The attack could also allow hackers to install programs, view or delete data, or run their own programs, SolarWinds said in a July 10 news release.

  2. "Microsoft has provided evidence of limited, targeted customer impact, though SolarWinds does not currently have an estimate of how many customers may be directly affected by the vulnerability," Solarwinds said. "SolarWinds is unaware of the identity of the potentially affected customers."

  3. The last time SolarWinds encountered a data breach in December, at least one health system, the California Department of State Hospitals, is known to have been affected.

  4. SolarWinds and Microsoft have mobilized to address the attack quickly, the news release stated.

  5. Microsoft said July 12 that it was set to acquire cybersecurity startup RiskIQ to expand its security business. The tech giant has faced several other security challenges, such as having to ask companies to hold off printing on its devices because of a vulnerability. The company has also experienced several reports of email vulnerabilities that exposed customers to hackers.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars