SolarWinds Articles

Updated 2024-01-20 05:49zZ

Analysis of the attack (214 articles)

1. What to know about the SEC’s case against SolarWinds (wapo)
2. SolarWinds: The Untold Story of the Boldest Supply-Chain Hack (WIRED)
3. Lessons Learned from Cyberattacks on Critical Infrastructure (Toolbox It-security)
4. Ten Questions We Hope the Cyber Safety Review Board Answers—and Three It Should Ignore (Lawfare)
5. A Year After the SolarWinds Hack, Supply Chain Threats Still Loom (WIRED)
6. Inside the response to the massive Russian SolarWinds hack (Axios)
7. Attacks against SolarWinds Serv (U SW were possible due to the lack of ASLR mitigationSecurity Affairs)
8. SolarWinds and the Holiday Bear Campaign: A Case Study for the Classroom (Lawfare)
9. FERC and NERC Publish Whitepaper on SolarWinds and Related Supply Chain Compromise (Akin Gump Strauss Hauer & Feld LLP - JDSupra)
10. SolarWinds and Related Supply Chain Compromise
11. FERC, NERC whitepaper warns of supply (chain risk)
12. SolarWinds and Related Supply Chain Compromise (Federal Energy Regulatory Commission)
13. 12 Lessons Learned From The SolarWinds Breach: RSA Conference
14. Subscribe to read (FT)
15. Why the Colonial Pipeline Ransomware Attack and the SolarWinds Hack Were All but Inevitable (California News Times)
16. A Tale of Two Hacks: From SolarWinds to Microsoft Exchange (tpost)
17. How Russia Used SolarWinds To Hack Microsoft, Intel, Pentagon, Other Networks : NPR
18. US to publish details on suspected Russian hacking tools used in SolarWinds espionage
19. House Lawmakers Ask Agencies to Provide More Details on SolarWinds Hack
20. Swiss Cybersecurity Firm Reveals Vital Details of Solarwinds Hackers (KoDDoS Blog)
21. Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker (Bloomberg)
22. Solarwinds Orion Attack
23. Was SolarWinds a Different Type of Cyber Espionage? (Lawfare)
24. DIB Take Note: SolarWinds Hack and DHS CISA Emergency Directive on Cyber Vulnerabilities Point to the Need to be Prepared for APTs (Lexology)
25. China’s and Russia’s Spying Sprees Will Take Years to Unpack (WIRED)
26. The danger in calling the SolarWinds breach an ‘act of war’
27. Understanding the Results of the Audit of the DoD FY 2020 Financial Statements > Department of Defense Office of Inspector General > DoD OIG Reports
28. Essays: Why Was SolarWinds So Vulnerable to a Hack? (Schneier)
29. Lessons Learned from a Cyberattack: A Conversation with SolarWinds (Part 1 of 2) (Center for Strategic and International Studies)
30. N-able: The Path Forward for the Former SolarWinds MSP (ChannelE2E)
31. 5 minutes with Michael Bahar - The aftermath of the SolarWinds Orion breach | 2021-02-19 (Security Magazine)
32. Microsoft Internal Solorigate Investigation – Final Update (Microsoft Security Response Center)
33. Microsoft says SolarWinds hackers downloaded some Azure, Exchange, and Intune source code (ZDNet)
34. The "largest and most sophisticated hack ever" - The Backstory with Matt Bevan - RN Breakfast (ABC Radio National)
35. Former top cybersecurity official on why U.S. intelligence missed Russia's SolarWinds hack
36. Microsoft: SolarWinds attack took more than 1,000 engineers to create (ZDNet)
37. Microsoft says it found 1,000 (plus developers' fingerprints on the SolarWinds attack • The Register)
38. Cybersecurity experts say U.S. needs to strike back after SolarWinds hack
39. SolarWinds hack was 'largest and most sophisticated attack' ever: Microsoft president (Reuters)
40. On SolarWinds, Supply Chains and Enterprise Networks
41. 7 Things We Know So Far About the SolarWinds Attacks
42. Experts laud SolarWinds post-attack efforts, but why’d it take a massive cyber incident to make changes? (FRN)
43. MAR-10318845-1.v1 - SUNBURST (CISA)
44. SolarWinds Fallout: Practices to strengthen data protection - (GCN)
45. Multiple new flaws uncovered in SolarWinds software just weeks after high-profile supply chain attack (The Daily Swig)
46. SolarWinds chases multiple leads in breach investigation
47. Another SolarWinds Orion Hack (Schneier)
48. More SolarWinds News (secblvd)
49. More exploitable flaws found in SolarWinds software, says cybersecurity firm
50. Continuing Our Journey to Becoming Secure by Design (Orange Matter)
51. Findings From Our Ongoing Investigations (Orange Matter)
52. More SolarWinds News (Schneier)
53. Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says (WSJ)
54. Kevin Mandia: Discovering SolarWinds Hack ‘Validates Our Intelligence and Expertise’
55. Audit of DoD Actions Taken to Protect DoD Information Network Resulting From the SolarWinds Orion Compromise
56. SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat (tpost)
57. Azure-Sentinel/RareProcbyServiceAccount.yaml at master · Azure/Azure (Sentinel · GitHub)
58. Security Advisory FAQ (SolarWinds)
59. Russia’s SolarWinds Attack and Software Security (Schneier)
60. Azure-Sentinel/MailPermissionsAddedToApplication.yaml at master · Azure/Azure (Sentinel · GitHub)
61. Hackers exploit U.S. Agency Supply Chain (IT Security Guru)
62. Validating the SolarWinds N-central “Dumpster Diver” Vulnerability | by Kyle Hanslovan (Huntress)
63. ConnectWise Control MSP Security Vulnerabilities Are ‘Severe:’ Bishop Fox
64. Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so long (ZDNet)
65. Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop (MS Security)
66. Microsoft Releases New Info on SolarWinds Attack Chain
67. SolarWinds Hackers Access Malwarebytes’ Office 365 Emails
68. Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
69. Azure-Sentinel/FirstAppOrServicePrincipalCredential.yaml at master · Azure/Azure (Sentinel · GitHub)
70. A closer look at the SolarWinds hack (Cyprus Mail)
71. SolarWinds Says It’s Closer to Finding Source of Cyberattack
72. SolarWinds Close to Figuring Out How Cyberattack Occurred
73. Sunburst Malware Information (FireEye)
74. SolarWinds defense: How to stop similar attacks (ZDNet)
75. SolarWinds aftermath continues with SolarLeaks (Blueliv)
76. Sunspot malware scoured servers for SolarWinds builds to trojanize them
77. Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
78. UNC2452: What We Know So Far
79. Austin's SolarWinds closer to understanding source of massive breach
80. SolarWinds Says It Has Found Source of Massive Cyberattack (TheStreet)
81. Researchers Find Links Between Sunburst and Russian Kazuar Malware
82. Sunburst backdoor – code overlaps with Kazuar (Securelist)
83. New Findings From Our Investigation of SUNBURST (Orange Matter)
84. SUNSPOT Malware: A Technical Analysis (CrowdStrike)
85. SolarWinds Malware Arsenal Widens with Raindrop (tpost)
86. Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek.Com)
87. CEO Refutes Reports of Involvement in SolarWinds Campaign (Infosecurity Magazine)
88. SolarWinds to pay former CEO US$312K to assist with investigations - Software (CRN Australia)
89. SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar (Symantec Blogs)
90. SolarWinds hack: Who’s to blame? It’s complicated. (TechBeacon)
91. SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack
92. We Should Have Known SolarWinds Would Be a Target (CoFR)
93. Life After the SolarWinds Supply Chain Attack
94. Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)
95. Essays: The Solarwinds Hack Is Stunning. Here’s What Should Be Done (Schneier)
96. Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA) (CISA)
97. SolarWinds Breach is the Rule, Not an Exception (secblvd)
98. SolarWinds attack: CrowdStrike says no impact
99. Latest on the SVR’s SolarWinds Hack (Schneier)
100. Severe SolarWinds Hacking: 250 Organizations Affected?
101. Microsoft downplays threat after admitting SolarWinds attackers accessed source code (The Daily Swig)
102. Solar Winds Blow Hard (secblvd)
103. The Grim Lessons of the SolarWinds Breach (reason)
104. SolarWinds hack poses risk to cloud services' API keys and IAM identities
105. SolarWinds Breach ‘Much Worse’ Than Feared (SDxCentral)
106. SolarWinds: The more we learn, the worse it looks (ZDNet)
107. How to Get Rich Sabotaging Nuclear Weapons Facilities (BIG by Matt Stoller)
108. The threats arising from the massive SolarWinds hack (CBS News)
109. As Understanding of Russian Hacking Grows, So Does Alarm (nyt)
110. GitHub - Azure/Azure-Sentinel: Cloud (native SIEM for intelligent security analytics for your entire enterprise.)
111. This Week In Security: Deeper Dive Into SolarWinds, Bouncy Castle, And Docker Images (Hackaday)
112. Microsoft Internal Solorigate Investigation Update (Microsoft Security Response Center)
113. Security Advisory (SolarWinds)
114. Learning from SolarWinds: Five steps to fortify your cloud supply chain | Article (Compliance Week)
115. Extracting Security Products from SUNBURST DNS Beacons (NETRESEC Blog)
116. Agencies scrambling to get a grip after SolarWinds hack (FRN)
117. Op (ed: What nobody else will say about the new cybersecurity crisis)
118. Russia’s SolarWinds Attack (Schneier)
119. In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021 (scmedia)
120. Analysis: The Impact of SolarWinds Hack (BankInfoSecurity)
121. SolarWinds SUNBRUST backdoor investigation using ShiftLeft’s Code Property Graph (secblvd)
122. How did SolarWinds' massive data breach go undetected for months? (YouTube)
123. Dissecting The SolarWinds Hack For Greater Insights With A Cybersecurity Evangelist
124. SolarWinds releases updated advisory for new SUPERNOVA malware
125. A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
126. SUNBURST Additional Technical Details (fireeye)
127. SolarWinds hack: Cybersecurity company calls for more transparency with what happened (KXAN Austin)
128. Here's a simple explanation of the SolarWinds hack (BI)
129. From the Solarwinds supply chain attack (Golden Chain Bear) to see the covert operations in APT operations
130. SolarWinds roundup: Fixes, new bad actors, and what the company knew (Network World)
131. Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)
132. Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they are (CyberScoop)
133. Massive data breach may have been discovered due to 'unforced error' by suspected Russian hackers (CNNPolitics)
134. The Facts and Mysteries About Russia’s Hack of the U.S.
135. Experts say SolarWinds hack could impact Kern County businesses
136. SolarWinds hack exploited weaknesses we continue to tolerate (FT)
137. solorigate_sample_source/OrionImprovementBusinessLayer.cs at main · Shadow0ps/solorigate_sample_source (GitHub)
138. SolarWinds Compromise May Have Begun 5 Months Earlier Than Suspected
139. Infosec pros warned of second SolarWinds Orion vulnerability (IT World Canada News)
140. A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says
141. Azure AD workbook to help you assess Solorigate risk (Microsoft Tech Community)
142. Prevasio: Sunburst Backdoor, Part III: DGA & Security Software
143. Florida Investigating Server Hacking Through SolarWinds Software
144. The SolarWinds hack, and the danger of arrogance (scmedia)
145. Everything we know about the Solarwinds Hack! (Updated!) (YouTube)
146. SolarWinds: What It Means & What’s Next
147. Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead (Prevailion)
148. VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
149. All about the suspected Russian cyberattack that Microsoft has called ‘moment of reckoning’
150. Advanced Persistent Threat Actors Leverage SolarWinds Vulnerabilities
151. Advisory for SolarWinds Orion Vulnerabilities (secblvd)
152. A second hacking group has targeted SolarWinds systems (ZDNet)
153. Top Expert Backgrounder: Russia’s SolarWinds Operation and International Law
154. SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security (YouTube)
155. FireEye CEO: Hack was "totally unique," "utte... (CBS News)
156. Russia's SolarWinds Hack Is the Big One (BoonWorks)
157. Prevasio: Sunburst Backdoor, Part II: DGA & The List of Victims
158. NATO Checking Systems After US Cyberattack (SecurityWeek.Com)
159. SANS Institute (Newsletters - NewsBites)
160. VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
161. NSA on Authentication Hacks (Related to SolarWinds Breach) (Schneier)
162. What we know – and still don’t – about the worst-ever US government cyber-attack | Hacking (Guardian)
163. SolarWinds SUNBURST Backdoor: Inside the APT Campaign (SentinelLabs)
164. Reassembling Victim Domain Fragments from SUNBURST DNS (NETRESEC Blog)
165. SolarWinds Likely Hacked at Least One Year Before Breach Discovery (SecurityWeek.Com)
166. Hackers last year conducted a 'dry run' of SolarWinds breach
167. Sunburst: connecting the dots in the DNS requests (Securelist)
168. Bill That Trump Is Vowing to Veto Strengthens Hacking Defenses, Lawmakers Say (nyt)
169. Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)
170. DOE Update on Cyber Incident Related to Solar Winds Compromise (DOE)
171. SolarWinds Scandal Calls Attention to Supply Chain Security
172. SolarWinds Should Have Been More ‘Vigilant’: Palo Alto Networks CEO
173. Alex Stamos on Twitter: "There is a long history of "trickle down" effects in cyber, where a technique honed by a major player becomes commonplace. China's 2000s APTs -> Iran/DPRK/teenagers in the 2010s. Stuxnet ->smart ransomware. If supply (chain a)
174. Alex Stamos on Twitter: "@VickerySec So far, all of the activity that has been publicly discussed has fallen into the boundaries of what the US does regularly and what we explicitly excluded from the Obama (Xi deal. If we are going to set new red lines, th)
175. US cyber-attack: Cybersecurity agency warns suspected Russian hacking campaign broader than previously believed (CNNPolitics)
176. Hackers last year conducted a 'dry run' of SolarWinds breach
177. Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers (MS Security)
178. SolarWinds Hack ‘One Of The Worst In The Last Decade’: Analyst
179. More on the SolarWinds Breach (Schneier)
180. Cyber attack may be ‘worst in the history of America’ (LV Jrnl)
181. SUPERNOVA: A Novel .NET Webshell, an Analysis
182. The SolarWinds Orion SUNBURST supply-chain Attack (TRUESEC Blog)
183. Massive hack of US government launches search for answers as Russia named top suspect
184. Sunburst: Supply Chain Attack Targets SolarWinds Users (Symantec Blogs)
185. FireEye and SolarWinds Cyber Attack Information for Exabeam Customers and Partners
186. New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor
187. SunBurst_DGA_Decode/decode.py at main · RedDrip7/SunBurst_DGA_Decode (GitHub)
188. The SolarWinds and US government breach is not a marketing opportunity (ZDNet)
189. SolarWinds said no other products were compromised in recent hack (ZDNet)
190. SUNBURST – SolarWinds® Orion® IT Management Platform Security Advisory (ServerCentral Turing Group)
191. SolarWinds: Why the Sunburst hack is so serious (BBC News)
192. SunBurst: the next level of stealth
193. (1) Itay Cohen on Twitter: "The attackers behind the #SUNBURST malware put a lot of effort into trying to avoid detection by analysts and security vendors. Not only this, but they also tried to make sure to stay under the radar of #SolarWinds develope
194. GitHub (RedDrip7/SunBurst_DGA_Decode: SunBurst DGA Decode Script)
195. How suspected Russian hackers outed their massive cyberattack (POLITICO)
196. Russian hack into Treasury, Commerce, DHS raises federal alarms (Axios)
197. SolarFlare Release: Password Dumper for SolarWinds Orion :: malicious.link — welcome
198. GitHub (mubix/solarflare: SolarWinds Orion Account Audit / Password Dumping Utility)
199. Prevasio: Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware
200. Kyle Hanslovan on Twitter: "Although their string obfuscation techniques were anything but special, their codebase and domains successfully evaded security scrutiny for nearly a year ¯_(ツ)_/¯. Here are screenshots of some CryptoHelper and ZipHelper cl
201. Hackers at center of sprawling spy campaign turned SolarWinds' dominance against it (Reuters)
202. Quick Thoughts on the Russia Hack (Lawfare)
203. How bad is the hack that targeted US agencies
204. The SolarWinds Breach: Why Your Work Computers Are Down Today (Lawfare)
205. research/uniq (hostnames.txt at main · bambenek/research · GitHub)
206. 10 Things To Know About The SolarWinds Breach And Its U.S. Government Impact
207. US Treasury and commerce department targeted in cyber-attack (BBC News)
208. SolarWinds' Orion monitoring platform may have been tampered with by attackers - Security - Software (iTnews)
209. Dark Halo Leverages SolarWinds Compromise to Breach Organizations (Volexity)
210. Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor (fireeye)
211. Azure-Sentinel/ProcessEntropy.yaml at master · Azure/Azure (Sentinel · GitHub)
212. Create a Log Analytics workspace in the Azure portal - Azure Monitor (Microsoft Docs)
213. Azure-Sentinel/uncommon_processes.yaml at master · Azure/Azure (Sentinel · GitHub)
214. The Art of Finding Cyber-Dinosaur Skeletons (Securelist)

About this site

• Home
• contact
• about
• security projects
• links
• services
• blog
• SolarWinds Articles

Projects

• Past Development projects