Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-01-11 10:00:00 |
Sunburst backdoor – code overlaps with Kazuar (lien direct) |
While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years. |
Mobile
|
Solardwinds
Solardwinds
|
|
|
2020-12-23 11:30:52 |
How we protect our users against the Sunburst backdoor (lien direct) |
The detection logic has been improved in all our solutions to ensure our customers protection. We continue to investigate cyberattack on SolarWinds and we will add additional detection once they are required. |
|
Solardwinds
Solardwinds
|
|
|
2020-12-18 13:00:20 |
Sunburst: connecting the dots in the DNS requests (lien direct) |
We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs. |
Guideline
|
Solardwinds
|
|