I am looking at the Kim Zetter article. https://www.yahoo.com/now/hackers-last-year-conducted-a-dry-run-of-solar-winds-breach-215232815.html So Kim discusses the changes in October of 2019.
Source Reference:
CISA has released Alert (AA20-352A) on December 17, 2020. https://us-cert.cisa.gov/ncas/alerts/aa20-352a (The image below is from "Appendix A")
So the tampered code "2019.4.5200.8890" was in the October 2019.
Minor note: Today the podcast is listed as "SN 799 Security Now!" in Overcast and Apple Podcasts. The notes however are titled, "Security Now! #798 - 12-29-20 Sunburst & Supernova" https://www.grc.com/sn/SN-798-Notes.pdf
Radioteacher
"The patching will continue until security improves!"
Source Reference:
CISA has released Alert (AA20-352A) on December 17, 2020. https://us-cert.cisa.gov/ncas/alerts/aa20-352a (The image below is from "Appendix A")
So the tampered code "2019.4.5200.8890" was in the October 2019.
Minor note: Today the podcast is listed as "SN 799 Security Now!" in Overcast and Apple Podcasts. The notes however are titled, "Security Now! #798 - 12-29-20 Sunburst & Supernova" https://www.grc.com/sn/SN-798-Notes.pdf
Radioteacher
"The patching will continue until security improves!"
Last edited: