Microsoft has updated its Defender Antivirus to mitigate the ProxyLogon flaw on vulnerable Exchange Servers automatically. Cybersecurity and Infrastructure Security Agency has released CHIRP, a forensic tool that can help defenders find IoCs associated with the SolarWinds attackers’ activities. The tool is meant to be run manually and provides results in a. format, which can be perused via a SIEM system, web browser, or text editor. It does not make any changes on the underlying system.
Source: https://www.helpnetsecurity.com/2021/03/19/iocs-solarwinds-attackers/