Microsoft Has Open-Sourced CodeQL Queries To Scan Code For Malicious SolarWinds Implants
Previously Microsoft has disclosed that their systems were compromised in SolarWinds supply-chain attack and allowed attackers to gain access to the limited amounts of Azure, Exchange, and Intune source code. To make sure none of their code has been modified by the attackers Microsoft has released their SolarWinds QL Queries for users to scan their source code for malicious implants. Using these queries, developers can check their software for malicious modifications similar to those used in the SolarWinds supply-chain attack. Read more...