New Indicators for SolarWinds Orion Incident

Updated: Dec 19, 2020


Additional indicators have been published in event 45773 that were not provided by Fireeye or CISA. These indicators are available for our customers. Login to the Jigsaw Security MISP instance for updates. We will be releasing new information as it becomes available from our teams in the field that are investigating the scope of the incident. Additional updates are coming in often so this event will be updated frequently.


Additional Indicators:

deftsecurity[.]com

thedoccloud[.]com

freescanonline[.]com

avsvmcloud[.]com

mhdosoksaccf9sni9icp[.]appsync-api[.]eu-west-1[.]avsvmcloud[.]com

k5kcubuassl3alrf7gm3[.]appsync-api[.]eu-west-1[.]avsvmcloud[.]com

ihvpgv9psvq02ffo77et[.]appsync-api[.]us-east-2[.]avsvmcloud[.]com

gq1h856599gqh538acqn[.]appsync-api[.]us-west-2[.]avsvmcloud[.]com

7sbvaemscs0mc925tb99[.]appsync-api[.]us-west-2[.]avsvmcloud[.]com

6a57jk2ba1d9keg15cbg[.]appsync-api[.]eu-west-1[.]avsvmcloud[.]com

zupertech[.]com

websitetheme[.]com

panhardware[.]com

incomeupdate[.]com

highdatabase[.]com

databasegalore[.]com

51[.]89[.]125[.]18

5[.]252[.]177[.]25

5[.]252[.]177[.]21

204[.]188[.]205[.]176

139[.]99[.]115[.]204

appsync-api[.]us-west-2[.]avsvmcloud[.]com

appsync-api[.]us-east-2[.]avsvmcloud[.]com

appsync-api[.]us-east-1[.]avsvmcloud[.]com

appsync-api[.]eu-west-1[.]avsvmcloud[.]com

highdatebase[.]com

databasegalaore[.]com

13[.]59[.]205[.]66

54[.]193[.]127[.]66

54[.]215[.]192[.]52

34[.]203[.]203[.]23

204[.]188[.]125[.]18

167[.]114[.]213[.]199

virtualdataserver[.]com

webcodez[.]com

virtualwebdata[.]com

solartrackingsystem[.]net

seobundlekit[.]com

lcomputers[.]com

kubecloud[.]com

globalnetworkissues[.]com

digitalcollege[.]org

20[.]141[.]48[.]154

196[.]203[.]11[.]89

8[.]18[.]145[.]131

8[.]18[.]145[.]21

8[.]18[.]145[.]3

8[.]18[.]145[.]33

13[.]57[.]184[.]217

18[.]217[.]225[.]111

184[.]72[.]145[.]34

184[.]72[.]209[.]33

184[.]72[.]21[.]54

8[.]18[.]145[.]181

18[.]220[.]219[.]143

184[.]72[.]1[.]3

184[.]72[.]101[.]22

184[.]72[.]113[.]55

184[.]72[.]212[.]52

184[.]72[.]224[.]3

184[.]72[.]240[.]3

184[.]72[.]229[.]1

184[.]72[.]245[.]1

184[.]72[.]48[.]22

3[.]16[.]81[.]254

3[.]87[.]182[.]149

34[.]219[.]234[.]134

8[.]18[.]144[.]11

8[.]18[.]144[.]12

8[.]18[.]144[.]130

8[.]18[.]144[.]135

8[.]18[.]144[.]136

8[.]18[.]144[.]149

8[.]18[.]144[.]156

8[.]18[.]144[.]158

8[.]18[.]144[.]165

8[.]18[.]144[.]170

8[.]18[.]144[.]180

8[.]18[.]144[.]188

8[.]18[.]144[.]20

8[.]18[.]144[.]40

8[.]18[.]144[.]44

8[.]18[.]144[.]62

8[.]18[.]144[.]9

8[.]18[.]145[.]134

8[.]18[.]145[.]136

8[.]18[.]145[.]139

8[.]18[.]145[.]150

8[.]18[.]145[.]157

8[.]18[.]145[.]36


65 views0 comments

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2020 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business