The SolarWinds® Orion Platform is a powerful, scalable infrastructure monitoring and management platform. Recently, it was reported that SolarWinds product Orion was compromised by distributing backdoor software on their software update system.

SolarWinds.Orion.Core.BusinessLayer.dll is a SolarWinds digitally-signed component of the Orion software framework that contains the backdoor that communicates via HTTP to third party servers also the exploit will be dormant for 1-2 weeks.

The domain avsvmcloud[.]com was the command and control (C&C) server for the backdoor delivered to around 18,000 SolarWinds customers through tainted updates for the SolarWinds Orion app.

Here is the workflow of the malware released by FireEye

FireEye threat research about Sunburst

Sunbust malware

Microsoft security

Domain generation algorithm

DokuWiki is an Open Source project that thrives through user contributions. A good way to stay informed on what's going on and to get useful tips in using DokuWiki is subscribing to the newsletter.

The DokuWiki User Forum is an excellent way to get in contact with other DokuWiki users and is just one of the many ways to get support.

Of course we'd be more than happy to have you getting involved with DokuWiki.