Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![Cybereason.webp](./Ressources/img/Cybereason.webp) |
2021-01-21 14:08:16 |
SolarWinds Attacks Highlight Importance of Operation-Centric Approach (lien direct) |
We're still learning the full extent of the SolarWinds supply chain attacks. On January 11, for instance, researchers published a technical breakdown of a malicious tool detected as SUNSPOT that was employed as part of the infection chain involving the IT management software provider's Orion platform. |
Tool
|
Solardwinds
Solardwinds
|
|
![Cybereason.webp](./Ressources/img/Cybereason.webp) |
2021-01-05 19:42:44 |
Contextualizing Microsoft\'s Source Code Exposure in the SolarWinds Attacks (lien direct) |
In the middle of December, IT management software provider SolarWinds revealed in a security advisory that it had fallen victim to a sophisticated supply chain attack. The offensive involved the placement of a backdoor known as SUNBURST into versions 2019.4 HF 5, 2020.2 with no hotfix installed and 2020.2 HF 1 of the company's Orion Platform software. If executed, SUNBURST allowed an attacker to compromise the server running the Orion build. |
|
Solardwinds
Solardwinds
|
|
![Cybereason.webp](./Ressources/img/Cybereason.webp) |
2020-12-22 21:14:06 |
Cybereason vs. SolarWinds Supply Chain Attack (lien direct) |
On December 13, 2020, IT infrastructure management provider SolarWinds issued a Security Advisory regarding their SolarWinds Orion Platform after experiencing a “highly sophisticated” supply chain attack. The activity is reported to have begun as early as Spring 2020, as reported by researchers from security firm FireEye. |
|
Solardwinds
|
|