HAUPPAUGE, NY – As news of the SolarWinds hack rocks the cyber security community, some companies have taken it upon themselves to provide new tools to combat cybercriminals. The New York based Stetson Cybergroup is sharing a script via GitHub that can download the Yara rules created by FireEye to detect indications of compromise (IoC).
“As soon as we heard about the breach and the potential impact, we immediately started working on a specific tool to run internally to detect the indications of compromise, or IoC’s, on our network and the clients we serve.”
The SolarWinds breach exposed thousands of clients in sensitive industries including Fortune 500 companies and government agencies. Among those who have acknowledged a data breach are the U.S. departments of Treasury and Commerce. SolarWinds claims that 18,000 of its 300,000 customers had downloaded the malicious code into updated versions of Orion, a network safety tool.
Big Tech is censoring our publication severely reducing our traffic and revenue. You can support our mission of truthful reporting by making a contribution. We refuse to let Silicon Valley crush us into becoming just another regurgitated, propaganda driven, echo-chamber of traditional news media and we need your support. You can also help by liking or sharing us on social media or by signing up for our featured story emails.
Stetson Director of Cybersecurity Operations Joe Wagner cautioned,
“With an exploit in the wild like this, everyone should have access to a quick and easy way to determine if they have been compromised. We need to stop the bleeding. We need to find out how deep this got into our infrastructure, to make sure it is contained.”
The Stetson Cybergroup will continually update its detection tool with any new IoC’s that are discovered. For more information and links to the Stetson Cybergroup’s downloads go to SolarWindsIoCScanner.