We noted infrastructure overlaps and indicator sharing between this and Prevailion’s “Autumn Aperture” report, including similar malware and the same author name – “windosmb” – present across multiple lure documents utilised in both campaigns.
Prevailion CEO Karim Hijazi discusses SolarWinds compromise with TD Ameritrade Network’s Oliver Renick.
As of mid-day Monday, the malicious update was still available for download on SolarWind’s website, according to Karim Hijazi, founder and chief executive of Prevailion Inc., a Maryland-based cybersecurity firm. Hijazi said his team compared the available download with security alerts identifying the tampered update, and it’s an exact match.
Yahoo Finance’s Brian Sozzi, Myles Udland, and Julie Hyman speak with Prevailion CEO Karim Hijazi about yesterday’s big tech hearing.