all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Getting hundreds of failed login attemps from our solarwinds VM to all other servers and VMs. This is not normal, right?

Add to bookmarks
March 11, 2024, 12:40 a.m. | /u/saadjumani

cybersecurity www.reddit.com

Hi, I recently joined a firm and we are in process of implementing SIEMs and IDPS and the very first thing we notice is that there are hundreds of login attempts coming from our solarwinds VM to our all other servers which include our email server, file server, etc.

Obviously the working theory is that the machine is compromised and whatever hacker/malware is in there is trying to expand to other systems via brute force, but since I haven't worked …

coming cybersecurity idps joined login login attempts normal notice process servers solarwinds vms

Visit resource

More from www.reddit.com / cybersecurity

Hackers of all kinds are attacking routers across the world | TechRadar 2 hours ago | www.reddit.com
cybersecurity hackers routers world
🤣 Ivanti is hiring an Offensive Security Engineer 3 hours ago | www.reddit.com
assessment cybersecurity old team +3
Migrating to Australia as a cybersecurity consultant 5 hours ago | www.reddit.com
australia clients consultant cybersecurity +11
Why is an entry level job so hard to get? 7 hours ago | www.reddit.com
automatic cybersecurity don down +7
REvil hacker behind Kaseya ransomware attack gets 13 years in prison 9 hours ago | www.reddit.com
cybersecurity
Veza releases the "State of Access" report based on 1.2B permissions 9 hours ago | www.reddit.com
access cybersecurity permissions releases +3
From S3 bucket to internal network operation 10 hours ago | www.reddit.com
cybersecurity internal internal network network +1
Investigating Microsoft Graph Activity Logs 10 hours ago | www.reddit.com
cybersecurity graph logs microsoft
Too much? 11 hours ago | www.reddit.com
clients control cybersecurity deploy +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote
View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC
View on infosec-jobs.com
View more jobs