SecurityWeek

SolarWinds Patches Four Critical Serv-U Vulnerabilities

SolarWinds has patched four critical-severity remote code execution vulnerabilities in the Serv-U enterprise file transfer product.
CSO Online

New Serv-U bugs extend SolarWinds’ run of high-severity disclosures

Four newly disclosed critical CVEs could allow attackers to create privileged accounts and execute arbitrary code, and they reinforce SolarWinds’ status as a high-value target.
HotHardware

Microsoft Discovers 0-Day Vulnerability Actively Exploited In SolarWinds FTP Product

Yesterday, Microsoft reported that it had detected a 0-day remote code execution exploit being used in the wild against SolarWinds’ Serv-U FTP product. The vulnerability that allowed this exploit has ...
Bleeping Computer

Chinese hackers use new SolarWinds zero-day in targeted attacks

China-based hackers known to target US defense and software companies are now targeting organizations using a vulnerability in the SolarWinds Serv-U FTP server. Today, SolarWinds released a security ...
Bleeping Computer

Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks

The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices. The Serv-U Managed File ...
Threat Post

SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover

The by-now infamous company has issued patches for three security vulnerabilities in total. Three serious vulnerabilities have been found in SolarWinds products: Two in the Orion User Device Tracker ...
ZDNet

SolarWinds releases security advisory after Microsoft says customers 'targeted' through vulnerability

SolarWinds released updates for their Serv-U Managed File Transfer and Serv-U Secure FTP tools this weekend after being notified of Microsoft's vulnerability. In an advisory sent out on Friday and ...