{"id":38976,"date":"2021-01-04T06:58:13","date_gmt":"2021-01-04T06:58:13","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/"},"modified":"2021-01-04T06:58:13","modified_gmt":"2021-01-04T06:58:13","slug":"solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/","title":{"rendered":"SolarWinds mess flared in the holidays &#8211; company confirms malware targeted crocked Orion product"},"content":{"rendered":"<p>The extent and impact of the SolarWinds hack became even more apparent \u2013 and terrifying \u2013 over the holiday break.<\/p>\n<p>On New Year\u2019s Eve, SolarWinds confirmed that it has identified malware that exploited the flaws introduced to Orion products.<\/p>\n<p>We already knew about <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/12\/21\/in_brief_security\/\" rel=\"noopener noreferrer\">\u201cSUNBURST\u201d<\/a>, the attack that poisoned Orion.<\/p>\n<p>SolarWinds\u2019 pre-party <a target=\"_blank\" href=\"https:\/\/www.solarwinds.com\/securityadvisory\" rel=\"noopener noreferrer\">post<\/a> revealed that \u201cSUPERNOVA\u201d is \u201cmalware that is separately placed on a server that requires unauthorized access to a customer\u2019s network and is designed to appear to be part of a SolarWinds product.\u201d<\/p>\n<p>\u201cThe SUPERNOVA malware consisted of two components,\u201d says SolarWinds\u2019 advisory. \u201cThe first was a malicious, unsigned webshell .dll &#8216;app_web_logoimagehandler.ashx.b6031896.dll&#8217; specifically written to be used on the SolarWinds Orion Platform. The second is the utilization of a vulnerability in the Orion Platform to enable deployment of the malicious code. This vulnerability in the Orion Platform has been resolved in the latest updates.\u201d<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2020\/12\/07\/putin.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"putin\"><\/p>\n<h2 title=\"So, you know, patch it\">Kremlin hackers are right now exploiting security hole in VMware software to hijack systems, NSA warns<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2020\/12\/07\/nsa_vmware_russia\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>The company\u2019s <a target=\"_blank\" href=\"https:\/\/www.solarwinds.com\/securityadvisory\/faq#question4\" rel=\"noopener noreferrer\">FAQ<\/a> says it is yet to find a link between SUPERNOVA and SUNBURST. The last update to the FAQ was made on December 31st, 2020. Friday January 1st was a Federal holiday in the USA, followed by the weekend.<\/p>\n<p>Microsoft, meanwhile, has offered further details of its brush with the attacks by <a target=\"_blank\" href=\"https:\/\/msrc-blog.microsoft.com\/2020\/12\/31\/microsoft-internal-solorigate-investigation-update\/\" rel=\"noopener noreferrer\">revealing<\/a> that it had indeed fallen victim to the hack \u2013 but not in a particularly bad way. Redmond\u2019s self-analysis \u201cfound no evidence of access to production services or customer data\u201d and \u201cno indications that our systems were used to attack others.\u201d<\/p>\n<p>But Microsoft\u2019s probe did find \u201cunusual activity with a small number of internal accounts and upon review\u201d one of which \u201chad been used to view source code in a number of source code repositories.\u201d<\/p>\n<p>The good news is that the account had look-don\u2019t-touch privileges, so no code was altered, and Microsoft was able to remediate the relevant accounts.<\/p>\n<p>Microsoft\u2019s post also revealed: \u201cour threat models assume that attackers have knowledge of source code. So viewing source code isn\u2019t tied to elevation of risk.\u201d<\/p>\n<p>Hopefully, other users of compromised Orion implementations were similarly cautious, because <i>The New York Times<\/i> <a target=\"_blank\" href=\"https:\/\/www.nytimes.com\/2021\/01\/02\/us\/politics\/russian-hacking-government.html?searchResultPosition=1\" rel=\"noopener noreferrer\">reports<\/a> that it is now felt that the attackers gained access to \u201cas many as 250 networks\u201d. That estimate handily tops the previous assessment of \u201ca few dozen\u201d compromises.<\/p>\n<p>Between SolarWinds\u2019 ongoing investigations and the unknown extent of the attack\u2019s penetration, this story is far from over. Indeed, December 30th supplemental guidance from the USA\u2019s Cybersecurity and Infrastructure Security Agency (CISA) not only ordered 24-hour upgrades to clean versions of Orion but promised to \u201cfollow up with additional supplemental guidance, to include further clarifications and hardening requirements.\u201d \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2021\/01\/04\/solarwinds_malware_confirmed\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA flags \u2018further hardening\u2019 advice as Microsoft reveals internal account compromises The extent and impact of the SolarWinds hack became even more apparent \u2013 and terrifying \u2013 over the holiday break.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":38977,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-38976","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SolarWinds mess flared in the holidays - company confirms malware targeted crocked Orion product 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SolarWinds mess flared in the holidays - company confirms malware targeted crocked Orion product 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-04T06:58:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"SolarWinds mess flared in the holidays &#8211; company confirms malware targeted crocked Orion product\",\"datePublished\":\"2021-01-04T06:58:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/\"},\"wordCount\":471,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/\",\"name\":\"SolarWinds mess flared in the holidays - company confirms malware targeted crocked Orion product 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg\",\"datePublished\":\"2021-01-04T06:58:13+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SolarWinds mess flared in the holidays &#8211; company confirms malware targeted crocked Orion product\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SolarWinds mess flared in the holidays - company confirms malware targeted crocked Orion product 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/","og_locale":"en_US","og_type":"article","og_title":"SolarWinds mess flared in the holidays - company confirms malware targeted crocked Orion product 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-01-04T06:58:13+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"SolarWinds mess flared in the holidays &#8211; company confirms malware targeted crocked Orion product","datePublished":"2021-01-04T06:58:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/"},"wordCount":471,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/","url":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/","name":"SolarWinds mess flared in the holidays - company confirms malware targeted crocked Orion product 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg","datePublished":"2021-01-04T06:58:13+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/solarwinds-mess-flared-in-the-holidays-company-confirms-malware-targeted-crocked-orion-product\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"SolarWinds mess flared in the holidays &#8211; company confirms malware targeted crocked Orion product"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38976","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=38976"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38976\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/38977"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=38976"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=38976"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=38976"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}