Toggle navigation
TWunroll
TWunroll
faq
Contact US
#Solorigate
Kim Zetter
KimZetter
"While updating the SolarWinds application, the embedded backdoor code loads before the legitimate code runs. Organizations are misled into believing that no malicious activity has occurred and that the program
Read more
Stephen McIntyre
ClimateAudit
Microsoft has technical article on SolarWinds hack. https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/ The few
Read more
Ramin
MalwareRE
As part of our commitment to keeping our customers/community protected & informed, we are releasing a blog that shines light on transition between Stage 1 and 2 of #Solorigate/#SUNBURST campaign,
Read more
Pwn All The Things
pwnallthethings
SolarWinds hackers accessed Microsoft source code, the company sayshttps://www.reuters.com/article/us-global-cyber-microsoft/solarwinds-hackers-accessed-microsoft-source-code-the-company-says-idUSKBN2951M9 And the MS statement on it https:/
Read more
Jake Williams
MalwareJake
This story is getting a lot of attention. Let me quickly break down for followers not in offensive security what it means.This is not great, but *the sky isn't falling*.
Read more
Kim Zetter
KimZetter
I have report from Microsoft about SolarWinds hack, including IoCs. Excerpts in this thread: "Microsoft security researchers recently discovered a sophisticated attack where an adversary inserted malicious code into a
Read more
Microsoft Security Intelligence
MsftSecIntel
As Solorigate continues to be the top security topic, it’s business as usual for some cybercrime operations. After being seen in short-lived campaigns before Christmas, Emotet is back this week
Read more
blueteamblog
blueteamblog
Quick Thread - Golden SAML (I am late to the party, I know) but thought some might find it useful.Firstly, what is Golden SAML? One of the major techniques used
Read more
Pete Bryan
MSSPete
@Mandiant have produced a great report on responding to the #Solorigate/#UNC2452 actor.It has some really useful guidance on detection and response that everyone should read (the guidance is much more
Read more
Katie Nickels
likethecoins
A brief thread on the @CrowdStrike blog on SUNSPOT...as I read it. This confirms CrowdStrike was one of SolarWinds' IR firms, which we'd heard rumblings of before. Why do I
Read more
Christopher Glyer
cglyer
2020 was full of major cyber events. Here is an end of year #ff thread of some of the most impactful people and research that I leveraged in my work
Read more
Maya Kaczorowski
MayaKaczorowski
Some observations on the SolarWinds supply chain attack, now that I'm all caught up!Just a rundown of what I learned - citations included, all opinions my own /1 (If
Read more
File411
File411
Analysis | The Cybersecurity 202: A Russian mega-hack is further damaging Trump’s cybersecurity legacy largest known Russian data theft in half a decade and is a sign Trump administration efforts
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our
Cookie Policy
to improve your experience.
I agree
