SUNBURST – Page 2 – WindowsTechs.com

Extending NDR visibility in AWS IaaS

Posted on April 8, 2021 by Vijit Nair

By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams to ensure that logging is c… Continue reading Extending NDR visibility in AWS IaaS→

SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs

Posted on February 19, 2021 by Richi Jennings

Microsoft would like you to know that it’s finished investigating the SolarWinds breach, and everything’s just fine. Yeah, right.
The post SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs appeared first on Security Boulevard.
Continue reading SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs→

Twenty-three SUNBURST Targets Identified

Posted on January 25, 2021 by Erik Hjelmvik

Remember when Igor Kuznetsov and Costin Raiu announced that two of the victims in FireEye’s SUNBURST IOC list were ***net.***.com and central.***.gov on Kaspersky’s Securelist blog in December? Reuters later reported that these victims were Cox Communi… Continue reading Twenty-three SUNBURST Targets Identified→

SolarWinds Hack Potentially Linked to Turla APT

Posted on January 11, 2021 by Tara Seals

Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. Continue reading SolarWinds Hack Potentially Linked to Turla APT→

Sunburst backdoor – code overlaps with Kazuar

Posted on January 11, 2021 by Georgy Kucherin

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years. Continue reading Sunburst backdoor – code overlaps with Kazuar→

SUNBURST – Where We Are Now – 2021

Posted on January 6, 2021 by Chris Gerritz

Many of us spent the holidays hunting for Solarwinds backdoors. So where are we now? What did we learn? Whats left to be done? SUNBURST in 2021.
The post SUNBURST – Where We Are Now – 2021 appeared first on Infocyte.
The post SUNBURST – Where We Are No… Continue reading SUNBURST – Where We Are Now – 2021→

SolarWinds supply chain attack affected 250 organizations

Posted on January 5, 2021 by Deeba Ahmed

By Deeba Ahmed
According to a report, the SolarWinds attack has impacted over 250 organizations, including government agencies and private businesses.
This is a post from HackRead.com Read the original post: SolarWinds supply chain attack affected 250 … Continue reading SolarWinds supply chain attack affected 250 organizations→

Cyber Security Roundup for January 2021

Posted on January 1, 2021 by SecurityExpert

A suspected nation-state sophisticated cyber-attack of SolarWinds which led to the distribution of a tainted version the SolarWinds Orion network monitoring tool, compromising their customers, dominated the cyber headlines in mid-December 2020. This w… Continue reading Cyber Security Roundup for January 2021→

Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack

Posted on December 22, 2020 by Nimmy Reichenberg

Cybersecurity vendor FireEye recently disclosed a sophisticated attack which led to the “unauthorized access of their red team tools.” A…
The post Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack appeared… Continue reading Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack →

Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example

Posted on December 22, 2020 by Ben Reardon

Ben Reardon – Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the SolarWinds pa… Continue reading Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example→