New SolarWinds Activity Detection Tool Released By CISA
The Cybersecurity and Infrastructure Security Agency (CISA) has created a new tool to detect SolarWinds malicious activity in enterprise environments. The Python-based tool is called CISA Hunt and Incident Response Program (CHIRP). It scans for the signs of APT compromise within an on-premises environment. "In this release, CHIRP, by default, searches for IOCs associated with malicious activity detailed in AA20-352A and AA21-008A that has spilled into an on-premises enterprise environment," stated CISA. Read more...