SolarWinds Confirms New Zero-Day Flaw Under Attack

I get a lot of marketing emails from SolarWinds. They’ve tried hard to re-establish their market presence since the previous attacks. This won’t help…:

[…] SolarWinds has shipped an urgent hotfix  — available at the customer portal — to address the vulnerability, which affects Serv-U 15.2.3 HF1 and all prior Serv-U versions.

The company has released some Indicators of Compromise (IOCs) to help detect signs of compromise but full technical details of the vulnerability will be kept under wraps to give customers time to test and deploy the newest patches.


Original article