More American organizations are confirmed as SolarWinds targets, though targets aren't necessarily victims, as data was not stolen from every company that was infiltrated. Amongst the confirmed newly-discovered targets are Qualys, a $5 billion market cap cybersecurity company on the Nasdaq, and the Virginia State Corporation Commission, which regulates businesses in the region. Both said they had installed the SolarWinds Orion tool that was laced with malware in 2020 before being downloaded by thousands of customers. “The State Corporation Commission used the SolarWinds Orion platform to monitor various aspects of its IT infrastructure,” a spokesperson said. Palo Alto said its own tools detected the malware by looking at its anomalous behavior, and so it was blocked.

Source: Forbes January 25, 2021 18:08 UTC