New York Cyber Security Firm Develops SolarWinds Breach Detection Tool; Sharing The Script Via GitHub

3,319
Among those who have acknowledged the SolarWinds breach are the U.S. departments of Treasury and Commerce. SolarWinds claims that 18,000 of its 300,000 customers had downloaded the malicious code into updated versions of Orion, a network safety tool. Photo credit: Travel with me / Shutterstock.com, licensed.
Among those who have acknowledged the SolarWinds breach are the U.S. departments of Treasury and Commerce. SolarWinds claims that 18,000 of its 300,000 customers had downloaded the malicious code into updated versions of Orion, a network safety tool. Photo credit: Travel with me / Shutterstock.com, licensed.

HAUPPAUGE, NY – As news of the SolarWinds hack rocks the cyber security community, some companies have taken it upon themselves to provide new tools to combat cybercriminals. The New York based Stetson Cybergroup is sharing a script via GitHub that can download the Yara rules created by FireEye to detect indications of compromise (IoC).

CEO of Stetson Cybergroup and cybersecurity expert Brian Busto said,

“As soon as we heard about the breach and the potential impact, we immediately started working on a specific tool to run internally to detect the indications of compromise, or IoC’s, on our network and the clients we serve.”

The SolarWinds breach exposed thousands of clients in sensitive industries including Fortune 500 companies and government agencies. Among those who have acknowledged a data breach are the U.S. departments of Treasury and Commerce. SolarWinds claims that 18,000 of its 300,000 customers had downloaded the malicious code into updated versions of Orion, a network safety tool.

Stetson Director of Cybersecurity Operations Joe Wagner cautioned, 

“With an exploit in the wild like this, everyone should have access to a quick and easy way to determine if they have been compromised. We need to stop the bleeding. We need to find out how deep this got into our infrastructure, to make sure it is contained.”

The Stetson Cybergroup will continually update its detection tool with any new IoC’s that are discovered. For more information and links to the Stetson Cybergroup’s downloads go to SolarWindsIoCScanner.

Comment via Facebook

Corrections: If you are aware of an inaccuracy or would like to report a correction, we would like to know about it. Please consider sending an email to [email protected] and cite any sources if available. Thank you. (Policy)


Comments are closed.