SolarWinds Issues Warning on Possible Web Help Desk Instances Attacks

SolarWinds Corporation is a company based in the United States that creates software to assist organizations in managing their networks, systems, and information technology infrastructure.

Back in 2020 SolarWinds was affected by a large-scale cyber incident in which attackers injected malware into some routine software updates, as they were being rolled out to as many as 18,000 government entities and Fortune 500 companies, all clients of SolarWinds. It’s important to note that following this cyberattack, the US Congress became interested in enacting a federal law requiring breach notifications.

What Happened?

SolarWinds alerted clients about assaults on Internet-exposed Web Help Desk (WHD) instances and recommended that they be removed from publicly accessible infrastructure (likely to prevent the exploitation of a potential security flaw).

WHD is corporate helpdesk ticketing and IT inventory management software that is meant to assist clients in automating ticketing and IT asset management operations.

A SolarWinds customer reported an external attempted attack on their instance of Web Help Desk (WHD) 12.7.5. The customer’s endpoint detection and response (EDR) system blocked the attack and alerted the customer to the issue.

SolarWinds is currently investigating this report. We have not been able to reproduce the scenario, and are working with

Read More: https://heimdalsecurity.com/blog/solarwinds-issues-warning-on-possible-web-help-desk-instances-attacks/