ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

SolarWinds Puts the Blame on their Intern for the Supply Chain Attack

As cyber-researchers look into the Solarigate supply chain attack and measure it’s true impact, the company blamed one of its intern for a critical password lapse that went unnoticed for several years.

The password is said to have been “solarwinds123” and is believed to have been publicly accessible via a GitHub repository since June 17, 2018, before the issue was rectified on November 22, 2019.

As of this writing, at least nine government agencies and over hundred private companies have been breached in what’s being described as the most complicated and well-orchestrated attack.

Solarwinds CEO, Ramakrishna testified that the leaked password was believed to be from one of their interns who used it on his servers back in 2017. He added that the issue was reported t the security team and it was immediately removed. Former CEO Kevin Thompson seconded Ramakrishna’s statement during the testimony saying that the mistake that the intern made violated their password policies.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.