Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
We do not use cookies of this type.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
We do not use cookies of this type.
Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
We do not use cookies of this type.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
We do not use cookies of this type.
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
We do not use cookies of this type.
In December 2020, the world witnessed one of the most invasive Cyberattacks in history, targeting SolarWinds and impacting 18,000 clients, including critical U.S. government agencies.
At the time we extensively researched this incident and provided crucial evidence to the Senate Intelligence Committee, we authored “Stuxnet to Sunburst: 20 Years of Digital Exploitation.”
It was later confirmed, perfectly aligned to our research and findings, SolarWinds had been exploited by compromised Not Secure and Insecure subdomains and servers.
Despite our ongoing efforts to assist SolarWinds and Tim Brown in addressing the identified security vulnerabilities, it is with profound disappointment that we report their continued exposure to Cyber Threats.
Our recent investigation uncovered alarming evidence of NOT SECURE SolarWinds Orion subdomains and INSECURE DNS servers, illustrating a persistent negligence in SolarWinds cybersecurity measures.
The original exploitation of these weaknesses by malicious actors, who injected harmful code into the Orion software (Sunburst) which was subsequently trusted and downloaded automatically by users—highlighted a severe oversight that remains unrectified.