Collaborate Disseminate
Remember when Igor Kuznetsov and Costin Raiu announced that two of the victims in FireEye’s SUNBURST IOC list were ***net.***.com and central.***.gov on Kaspersky’s Securelist blog in December? Reuters later reported that these victims were Cox Communi… Continue reading Twenty-three SUNBURST Targets Identified
Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. Continue reading SolarWinds Hack Potentially Linked to Turla APT
While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years. Continue reading Sunburst backdoor – code overlaps with Kazuar
Many of us spent the holidays hunting for Solarwinds backdoors. So where are we now? What did we learn? Whats left to be done? SUNBURST in 2021.
The post SUNBURST – Where We Are Now – 2021 appeared first on Infocyte.
The post SUNBURST – Where We Are No… Continue reading SUNBURST – Where We Are Now – 2021
By Deeba Ahmed
According to a report, the SolarWinds attack has impacted over 250 organizations, including government agencies and private businesses.
This is a post from HackRead.com Read the original post: SolarWinds supply chain attack affected 250 … Continue reading SolarWinds supply chain attack affected 250 organizations
A suspected nation-state sophisticated cyber-attack of SolarWinds which led to the distribution of a tainted version the SolarWinds Orion network monitoring tool, compromising their customers, dominated the cyber headlines in mid-December 2020. This w… Continue reading Cyber Security Roundup for January 2021
Cybersecurity vendor FireEye recently disclosed a sophisticated attack which led to the “unauthorized access of their red team tools.” A…
The post Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack appeared… Continue reading Using SOAR Technology to Orchestrate Detection and Response to the SolarWinds Sunburst Attack
Ben Reardon – Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the SolarWinds pa… Continue reading Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example
In episode 152 for December 21st 2020: A discussion about the SolarWinds Orion backdoor, third-party security, and the threat of supply chain attacks with co-host Kevin Johnson. ** Links mentioned on the show ** US govt, FireEye breached after SolarWin… Continue reading SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security
CISA warns government agencies & critical infrastructure providers about sophisticated APT cyberattacks that go beyond breaching the SolarWinds Orion platform.
The post CISA Alert: Sophisticated, Ongoing Cyberattacks Go Beyond SolarWinds appeared f… Continue reading CISA Alert: Sophisticated, Ongoing Cyberattacks Go Beyond SolarWinds