What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-05 18:52:59 | 6 Best Practices for SecOps in the Wake of the Sunburst Threat Campaign (lien direct) | 
1. Attackers have a plan, with clear objectives and outcomes in mind. Do you have one? Clearly this was a motivated and patient adversary. They spent many months in the planning and execution of an attack that was not incredibly sophisticated in its tactics, but rather used multiple semi-novel attack methods combined with persistent, stealthy […]
|
Threat | Solardwinds Solardwinds | |
|
2021-02-04 17:20:56 | SOCwise Series: Practical Considerations on SUNBURST (lien direct) | 
This blog is part of our SOCwise series where we’ll be digging into all things related to SecOps from a practitioner’s point of view, helping us enable defenders to both build context and confidence in what they do. Although there's been a lot of chatter about supply chain attacks, we're going to bring you a slightly different […]
|
Solardwinds Solardwinds | ★★ | |
|
2020-12-23 23:45:25 | Why SolarWinds-SUNBURST is our Cyber Pearl Harbor (lien direct) | 
On December 13, 2020, FireEye announced that threat actors had compromised SolarWinds's Orion IT monitoring and management software and used it to distribute a software backdoor to dozens of that company's customers, including several high profile U.S. government agencies. Many are referring to the SolarWinds-SUNBURST campaign incidents as the long-prophesied “Cyber Pearl Harbor.” We agree, […]
|
Threat | Solardwinds | |
|
2020-12-21 21:32:24 | (Déjà vu) How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise (lien direct) | 
In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds's Orion IT monitoring and management software with a trojanized version of SoalrWinds.Orion.Core.BusinessLayer.dll delivered as part of a digitally-signed Windows Installer Patch. The trojanized file delivers a backdoor, dubbed SUNBURST by FireEye (and Solorigate by Microsoft), that communicates to third-party servers for […]
|
Threat Mobile | Solardwinds Solardwinds | |
|
2020-12-17 23:27:06 | Additional Analysis into the SUNBURST Backdoor (lien direct) | 
Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the broader campaign has resulted in detection against specific IoCs associated with the Sunburst trojan, the focus within the Advanced Threat Research (ATR) team has been to determine the possibility of additional persistence measures. Our analysis […]
|
Threat Mobile | Solardwinds Solardwinds | |
|
2020-12-16 16:48:26 | SUNBURST Malware and SolarWinds Supply Chain Compromise (lien direct) | 
Part I of II Situation In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds's Orion IT monitoring and management software with a trojanized version of SoalrWinds.Orion.Core.BusinessLayer.dll. The trojanized file delivers the SUNBURST malware through a backdoor as part of a digitally-signed Windows Installer Patch. Use of a Compromised Software Supply […]
|
Malware Threat | Solardwinds |
1
We have: 6 articles.
We have: 6 articles.
To see everything:
Our RSS (filtrered)
