3 September 2021

Autodesk admits it was victim of the SolarWinds supply-chain attack


Autodesk admits it was victim of the SolarWinds supply-chain attack

Autodesk, a software company that makes CAD software for manufacturing, has confirmed it was targeted as part of the SolarWinds supply-chain attack last year.

In a SEC filing Autodesk said that it identified a compromised server and immediately took steps to contain and remediate the incidents.

"While we believe that no customer operations or Autodesk products were disrupted as a result of this attack, other, similar attacks could have a significant negative impact on our systems and operations," the company said.

An Autodesk spokesperson told BleepingComputer that the compromised SolarWinds server was discovered on December 13, 2020. Attackers planted a backdoor called Sunburst on the server, but besides this implant no other malware was discovered on the compromised server.

"Autodesk’s Security team has concluded their investigation and observed no malicious activity beyond the initial software installation," the Autodesk representative said.


Back to the list

Latest Posts

Windows MSHTML bug used in ransomware attacks, Microsoft says

Windows MSHTML bug used in ransomware attacks, Microsoft says

According to the Windows maker, in the wild exploitation of CVE-2021-40444 began on August 18.
17 September 2021
State-backed hackers actively exploiting recently disclosed Zoho RCE bug

State-backed hackers actively exploiting recently disclosed Zoho RCE bug

The targeted entities include academic institutions, defense contractors, as well as critical infrastructure entities.
17 September 2021
Free REvil/Sodinokibi ransomware universal decryptor released

Free REvil/Sodinokibi ransomware universal decryptor released

The tool works for all REvil victims whose files were encrypted in attacks prior to July 13, 2021.
17 September 2021
Featured vulnerabilities
Multiple vulnerabilities in cflinuxfs3
Medium Patched | 17 Sep, 2021
Information disclosure in cflinuxfs3
Medium Patched | 17 Sep, 2021
Information disclosure in Git
Medium Patched | 17 Sep, 2021
Multiple vulnerabilities in GLPI
Medium Patched | 17 Sep, 2021
Multiple vulnerabilities in cflinuxfs3
Medium Patched | 17 Sep, 2021