There have been multiple news reports about the US Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) confirming that malicious threat actors have been and are actively exploiting vulnerabilities in SolarWinds Orion products, primarily by leveraging the SUNBURST malware.
SolarWinds Orion is an IT monitoring solution.
Arca Noae does not now, nor have we ever used any SolarWinds products. As a result, our customers’ information is not vulnerable to these exploits.
We strongly advise our enterprise clients who may be using the Orion platform to review available firewall updates to keep your internal systems secure. As always, Arca Noae stands ready to assist in assessing the overall security of your OS/2 infrastructure.
More information (including CVE links) may be found on the CISA page.