IMicrosoft ikhiphe imininingwane eyengeziwe mayelana nokuhlaselwa ezibeka engcupheni ingqalasizinda ye SolarWinds esebenze umnyango wangemuva epulatifomu yokuphathwa kwengqalasizinda yeSolarWinds Orion, ebisetshenziswa kwinethiwekhi yezinkampani zeMicrosoft.
Ukuhlaziywa kwalesi sigameko kukhombisile lokho abahlaseli bathole ukufinyelela kwamanye ama-akhawunti ezinkampani ze-Microsoft nangesikhathi sokucwaningwa kwamabhuku, kwavezwa ukuthi lawa ma-akhawunti asetshenziselwe ukufinyelela kumakhosombe angaphakathi anekhodi yomkhiqizo weMicrosoft.
Kusolwa lokho amalungelo ama-akhawunti afakwe engozini avunyelwe kuphela ukubona ikhodi, kodwa awazange anikeze amandla okwenza izinguquko.
IMicrosoft iqinisekise abasebenzisi ukuthi ukuqinisekiswa okunye kuqinisekisile ukuthi azikho izinguquko ezinonya ezenziwe enqolobaneni.
Futhi, akukho mkhondo wokuhlasela kwabahlaseli kwimininingwane yamakhasimende e-Microsoft etholakele, imizamo yokuyekethisa izinsizakalo ezinikeziwe kanye nokusetshenziswa kwengqalasizinda ye-Microsoft ukwenza ukuhlaselwa kwezinye izinkampani.
Kusukela kuhlaselwe iSolarWinds kuholele ekwethulweni kwangaphandle kwangaphandle hhayi kuphela kunethiwekhi ye-Microsoft, kodwa nakwezinye izinkampani eziningi nezinhlangano zikahulumeni usebenzisa umkhiqizo weSolarWinds Orion.
Ukuvuselelwa kwangemuva kweSolarWinds Orion ifakiwe kwingqalasizinda yamakhasimende angaphezu kwe-17.000 kusuka kwaSolarWinds, kufaka phakathi izinkampani ezingama-425 ezithintekile ze-Fortune 500, kanye nezikhungo ezinkulu zezezimali namabhange, amakhulu amanyuvesi, izigaba eziningi zamasosha ase-US kanye ne-UK, i-White House, i-NSA, uMnyango Wezwe wase-US I-USA nePhalamende laseYurophu.
Amakhasimende eSolarWinds afaka nezinkampani ezinkulu njengeCisco, i-AT & T, i-Ericsson, i-NEC, iLucent, i-MasterCard, i-Visa USA, i-Level 3 ne-Nokia.
Ingaphandle langemuva ivumele ukufinyelela kwesilawuli kude kunethiwekhi yangaphakathi yabasebenzisi beSolarWinds Orion. Ushintsho olunonya lwathunyelwa ngezinguqulo zeSolarWinds Orion zika-2019.4 - 2020.2.1 ezikhishwe kusuka ngoMashi kuya kuJuni 2020.
Ngesikhathi sokuhlaziywa kwesigameko, ukunganakwa kokuphepha kwavela kubahlinzeki bezinhlelo ezinkulu zebhizinisi. Kucatshangwa ukuthi ukufinyelela kwingqalasizinda yeSolarWinds kutholwe nge-akhawunti ye-Microsoft Office 365.
Abahlaseli bathole ukufinyelela esitifiketini se-SAML esisetshenziselwe ukukhiqiza amasiginesha edijithali futhi basebenzise lesi sitifiketi ukukhiqiza amathokheni amasha avumela ukufinyelela okulungelo kwinethiwekhi yangaphakathi.
Ngaphambi kwalokhu, ngoNovemba 2019, abacwaningi bezokuphepha bangaphandle bakuphawulile ukusetshenziswa kwephasiwedi encane ethi "SolarWind123" ukuthola ukufinyelela kwiseva ye-FTP ngezibuyekezo zomkhiqizo weSolarWinds, kanye nokuvuza kwephasiwedi yesisebenzi. kusuka eSolarWinds endaweni yokugcina yomphakathi ye-git.
Ngokwengeziwe, ngemuva kokuthi kutholwe umnyango wangemuva, iSolarWinds iqhubekile nokusabalalisa izibuyekezo ngezinguquko ezinonya isikhathi esithile futhi ayisusulanga ngokushesha isitifiketi esisetshenziselwe ukusayina imikhiqizo yaso ngokwamanani (inkinga yavela ngoDisemba 13 isitifiketi sahoxiswa ngoDisemba 21 ).
Ngokuphendula izikhalazo ezinhlelweni zokuxwayisa ezikhishwe yizinhlelo zokuthola i-malware, Amakhasimende akhuthazwe ukuthi akhubaze ukuqinisekiswa ngokususa izexwayiso ezingezona ezamanga.
Ngaphambi kwalokho, abamele iSolarWinds bagxeke kakhulu imodeli yokuthuthuka komthombo ovulekile, beqhathanisa ukusetshenziswa komthombo ovulekile nokudla imfoloko engcolile futhi bethi imodeli yokuthuthuka evulekile ayikuvimbeli ukuvela kwamabhukhimakhi futhi imodeli yokuphathelene kuphela enganikeza lawula ikhodi.
Ngaphezu kwalokho, uMnyango Wezobulungiswa wase-US udalule imininingwane ukuthi abahlaseli bathole ukufinyelela kuseva yeposi yoMnyango ngokususelwa kupulatifomu yeMicrosoft Office 365. Kukholakala ukuthi lokhu kuhlasela kuveze okuqukethwe ngamabhokisi eposi ezisebenzi ezingaba ngu-3.000 XNUMX zoNgqongqoshe.
Ngokwabo, iThe New York Times neReuters, ngaphandle kokuthola imininingwane ngomthombo, kubike uphenyo lwe-FBI kusixhumanisi esikhona phakathi kweJetBrains nokuzibandakanya kweSolarWinds. ISolarWinds isebenzise uhlelo lokuhlanganisa oluqhubekayo lweTeamCity olunikezwa yiJetBrains.
Kucatshangwa ukuthi abahlaseli bebengakuthola ukufinyelela ngenxa yezilungiselelo ezingalungile noma ukusetshenziswa kwenguqulo ephelelwe yisikhathi yeTeamCity equkethe ukuba sengozini okungafakwanga.
Umqondisi weJetBrains ukuchithile ukuqagela ngokuxhumeka yenkampani ehlaselwe futhi bakhombisa ukuthi abathintwanga yi-ejensi yezomthetho noma abamele iSolarWinds mayelana nokuzibophezela okungenzeka yiTeamCity kwingqalasizinda yeSolarWinds.
Umthombo: https://msrc-blog.microsoft.com