CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks | SC Media
Breach

CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks

January 8, 2021
CISA noted evidence of initial access vectors beyond SolarWinds’ Orion platform, and abuse of SAML authentication tokens that mirror behaviors of the actor behind the compromise. ("Peter @ Solarwinds office" by ecooper99 is licensed under CC BY 2.0)
prestitial ad