Request a Demo
Free 3PTY Ratings
Phone

801.758.0560

Email

sales(@)riskrecon(.)com

Contact Us

Resources for the SolarWinds Breach

Helpful videos, articles, and links to keep you informed on all the latest happenings with the SolarWinds cyberattack.

iconemail-box

Subscribe to our newsletter

Subscribe to get the most up-to-date third-party risk management information and resources.

SolarWinds Resources

Looking for more info?

RiskRecon Academy
FEATURED VIDEO

SolarWinds and the Supply Chain, the Threat We’ve Ignored for Too Long

SolarWinds-Webinar-Graphic-250
Watch this panel discussion featuring Jim Routh, Head of Enterprise Cyber Security at MassMutual and Robert Brese, VP at Gartner and the former CIO of the US DoE examining the immediate impact of the SolarWinds hack, including what could have been done to prevent this incident and how to ensure it does not happen to your firm. 
Watch the video >

RiskRecon Assets

State-of-SolarWinds-Response---250
Download the paper
rrfavicon
White Paper

The State of the Global Response to the SolarWinds Orion Breach

In this new white paper, RiskRecon provides a view from the Internet of the SolarWinds Orion breach that has yielded important lessons for managing enterprise cybersecurity risks.

Orion-Listing-Image
Read the blog
rrfavicon
Blog

How the World Responded to SolarWinds Orion

Upon disclosure of the SolarWinds breach, RiskRecon immediately focused its open-source intelligence analytics engines on helping its customers and the larger community to identify potentially breached companies. This blog dives into how RiskRecon has monitored SolarWinds' exposure, providing a valuable view into how companies have responded to the incident.

CyberAttacks-1
Learn more
rrfavicon
Data File

Analysis of SUNBURST Signaling Entities

RiskRecon is making the list of potentially impacted entities available to risk professionals. If you would like to receive the data file containing the list of the companies identified, along with the associated data, please click the learn more button and our Customer Support team can validate your request.

CyberAttack-1
Read the blog
rrfavicon
Blog

Entities Signaling to SUNBURST C2 Infrastructure

RiskRecon’s analysis of nearly 140,000 SUNBURST C2 subdomains reveals 129 distinct entities potentially signaling to the SUNBURST command and control servers, ranging from defense contractors to the United Nations. This blog post details the analysis conducted by the RiskRecon team including the Data Sources and Methodology.

Key Articles

Reuters logo-1
Read the article
rrfavicon
Article

Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency

Suspected Chinese hackers exploited a flaw in software made by SolarWinds Corp to help break into U.S. government computers last year, five people familiar with the matter told Reuters, marking a new twist in a sprawling cybersecurity breach that U.S. lawmakers have labeled a national security emergency.

Wall Street Journal
Read the article
rrfavicon
Article

Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says

The hackers had accessed at least one of the company’s Office 365 accounts by December 2019, and then leapfrogged to other Office 365 accounts used by the company, Sudhakar Ramakrishna said in an interview Tuesday.

Krebs-1
Read the article
rrfavicon
Article

SolarWinds Hack Could Affect 18K Customers

Krebs on Security provides in-depth coverage on the possible ecosystem of the breach that could affect as many as 18,000 SolarWinds customers.

Government Notifications

APT-1
Read the alert
rrfavicon
Alert

Alert (AA20-352A) - Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.

Compromised Code-1
Read the directive
rrfavicon
Directive

Emergency Directive 21-01-Mitigate SolarWinds Orion Code Compromise

This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Emergency Directive 21-01, “Mitigate SolarWinds Orion Code Compromise”.
gartner_peer_insights

“BitSight has been great to work with, they are always very responsive and have one of the best post-sales support teams I have worked with.”

Director, IT Security in the Finance Industry at a $3B - $10-B organization
READ MORE REVIEWS
SUBMIT A REVIEW

Bi-weekly group demos & live Q&A

We will demonstrate different product features, best practices, and how to tackle varying use cases.

REGISTER TO ATTEND
© Copyright 2021. | Privacy Policy