Advisories

Discover Organizations/Events News

Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers

Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers

Microsoft is open-sourcing the CodeQL queries that it used to investigate the impact of Sunburst or Solarigate malware planted in the SolarWinds Orion software updates, enabling other organizations to use the queries to perform a similar analysis. Mike Hanley, CSO of GitHub, says  CodeQL provides, "key guardrails that help developers avoid incidents and shipping vulnerabilities". 

Microsoft released the queries as part of its response to the attack on SolarWinds Orion network monitoring software, which was used to selectively compromise nine US federal agencies and 100 private sector firms, many of which were from the tech sector.

Suspected Russian government-backed hackers compromised SolarWinds' build system in early 2020 to pull off the supply chain attack discovered by Microsoft and FireEye — a feat that Microsoft estimated took at least 1,000 engineers.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.