SolarWinds WHD Attacks Highlight Risks of Exposed Apps
Summary
Exposing SolarWinds Web Help Desk (WHD) instances to the public internet creates significant risks for organizations, making them attractive targets for attackers. Organizations should take steps to ensure their WHD is not publicly exposed. These attacks highlight the danger of misconfigured or inadequately protected web applications.
IFF Assessment
The article describes how easily attackers are targeting exposed SolarWinds WHD, making defenders' jobs harder.
Severity
Defender Context
This article highlights the need for defenders to conduct thorough external attack surface management, identifying and securing exposed applications like SolarWinds WHD. Defenders should ensure WHD is properly secured behind a VPN or firewall and that appropriate access controls are in place. The trend of targeting exposed applications continues to be a popular attack vector.