Microsoft security researchers suggest recent SolarWinds campaign is the handiwork of Chinese threat actors.
Cybersecurity researchers at Microsoft have revealed that China-based threat actors were behind the recent campaign, which exploited the now-patched vulnerabilities in a couple of SolarWinds Serv-U products. Microsoft brought this to the attention of SolarWinds who then released a hotfix to patch the remote code execution (RCE) vulnerability in Serv-U’s implementation of the Secure Shell (SSH) protocol. “Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks.
