{"id":23732,"date":"2022-03-21T00:25:05","date_gmt":"2022-03-20T23:25:05","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=23732"},"modified":"2022-03-21T00:25:05","modified_gmt":"2022-03-20T23:25:05","slug":"solarwinds-kunden-sollten-web-help-desk-entfernen","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/03\/21\/solarwinds-kunden-sollten-web-help-desk-entfernen\/","title":{"rendered":"SolarWinds customers should remove Web Help Desk"},"content":{"rendered":"

\"Sicherheit[German<\/a>]U.S. manufacturer Solarwinds warns its customers of possible cyber attacks and recommends uninstalling Web Help Desk (WHD) 12.7.5 in a security message dated March 15, 2022. The background is attacks on Web Help Desk (WHD) 12.7.5 reported by customers. So far it is still unclear what exactly happened, it is probably a precautionary measure.<\/p>\n

<\/p>\n

\"\"SolarWinds was, after all, the victim of a supply chain attack in 2020, where customers' systems were hacked. Suspected state hackers had managed to manipulate SolarWinds' widely deployed network and security products around the world. A supply chain attack rolled out a Trojan or the SunBurst backdoor with a software update. This affected a great many SolarWinds customers. <\/p>\n

Therefore, it is no wonder that the US vendor SolarWinds is now reacting very quickly and on suspicion. I came across the security alert Advisory \/ Unauthenticated Access in Web Help Desk (WHD) 12.7.5<\/a>  via the following tweet<\/a> as well as other press reports.<\/p>\n

\"SolarWinds<\/a><\/p>\n

The advisory states that a SolarWinds customer noticed and reported an external attack attempt on its instance of Web Help Desk (WHD) 12.7.5. The customer's Endpoint Detection and Response (EDR) system blocked the attack and alerted the customer to the problem. SolarWinds, which was hobbled by a supply chain attack, is currently investigating the report. The vendor writes that it was not able to reproduce the scenario. But they are working with the customer to continue the investigation.<\/p>\n

SolarWinds recommends all Web Help Desk customers whose Web Help Desk implementation is accessible from the Internet remove it from the public, Internet-accessible, infrastructure as a precaution until the vendor has further insight. Those who cannot do so should monitor the SolarWinds infrastructure for attacks using EDR software.<\/p>\n

Similar articles:<\/strong>
FireEye hacked, Red Team tools stolen<\/a>
US Treasury and US NTIA hacked<\/a>
SolarWinds products with SunBurst backdoor, cause of FireEye and US government hacks?<\/a>
Sloppiness at SolarWinds responsible for compromised software?<\/a>
News in the fight against SUNBURST infection, domain seized<\/a>
SUNBURST malware: Analytic Tool SolarFlare, a 'Kill Switch' and EINSTEIN's fail<\/a>
SUNBURST malware was injected into SolarWind's source code base<\/a>
SUNBURST: US nuclear weapons agency also hacked, new findings<\/a>
SolarWinds hack: Microsoft and others also affected?<\/a>
SUNBURST hack: Microsoft's analysis and news<\/a>
2nd backdoor found on infected SolarWinds systems<\/a>
SolarWinds hackers had access to Microsoft source code<\/a>
SolarWinds hack: Hacker goals; outsourcing are under investigation?<\/a>
News from the SolarWinds hack; JetBrains software as a gateway?<\/a>
Kaspersky: SolarWinds Sunburst backdoor resembles Russian ATP malware<\/a>
SolarLeaks allegedly offers source code from Cisco, Microsoft and SolarWinds<\/a>
Malwarebytes also successfully hacked by the SolarWinds attackers<\/a>
Four more security vendors confirm SolarWinds incidents<\/a>
Accusation: Microsoft failed with security in the SolarWinds hack<\/a>
SolarWinds: Update for Orion software; attackers had access to top DHS accounts<\/a>
SolarWinds patches critical Serv-U vulnerability (July 2021)<\/a>
27 U.S. Attorney's Offices Affected by SolarWinds Hack<\/a>
SolarWinds attackers target Microsoft partners \u2013 lack of basic cyber-security<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

[German]U.S. manufacturer Solarwinds warns its customers of possible cyber attacks and recommends uninstalling Web Help Desk (WHD) 12.7.5 in a security message dated March 15, 2022. The background is attacks on Web Help Desk (WHD) 12.7.5 reported by customers. So … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547],"tags":[69],"class_list":["post-23732","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/23732","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=23732"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/23732\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=23732"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=23732"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=23732"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}