Solorigate - Microsoft's Guidance on current SolarWinds attacks
Hi all! I would have liked my first post in the Partner community to be not about ongoing cyberattacks, but here it goes 🙂
Microsoft security researchers continue to investigate and respond to the sophisticated cyberattack known as Solorigate (also referred to as Sunburst by FireEye) involving a supply chain compromise and the subsequent compromise of cloud assets. While the related investigations and impact assessments are ongoing, Microsoft is providing visibility into the attack chains and related threat intelligence to the defender community as early as possible so organizations can identify and take action to stop this attack, understand the potential scope of its impact, and begin the recovery process from this active threat.
We have established a resource center that is constantly updated as more information becomes available at https://aka.ms/solorigate : This website can be leveraged as the main source of truth for Microsoft-related content to the attack.
You can instead leveraging the following article as a Baseline for how to leverage Microsoft 365 Security to protect against Solorigate: https://www.microsoft.com/security/blog/2020/12/28/using-microsoft-365-defender-to-coordinate-protection-against-solorigate/