SolarWinds Articles

Updated 2024-01-20 05:49zZ

Drilldown: Detailed, low-level analysis of malware and TTP (93 articles)

1. Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply (Chain Attack)
2. EETimes (SolarWinds Fallout: When Will Breach Reporting Become Mandatory?)
3. A Year After the SolarWinds Hack, Supply Chain Threats Still Loom (WIRED)
4. Biden to Sign Cyber Security Executive Order (nyt)
5. SolarWinds Identifies, Patches Critical Vulnerability in Serv-U (My TechDecisions)
6. 4 key takeaways from Biden’s Executive Order on cybersecurity (secblvd)
7. Lawmaker, Tech Companies Clash on Software Transparency Requirements (Nextgov)
8. Government-mandated SBOMs to throw light on software supply chain security (CSO Online)
9. Software bills of materials (SBOM) could help improve cybersecurity (CNX Software)
10. Biden’s executive order on cybersecurity should include behavior transparency (TechCrunch)
11. Google’s latest framework aims to prevent SolarWinds (like supply chain attacks)
12. Google dishes out homemade SLSA, a recipe to thwart software supply (chain attacks • The Register)
13. Binary Authorization for Borg: how Google verifies code provenance and implements code identity
14. Open-source security: Google has a new plan to stop software supply chain attacks (ZDNet)
15. How LF communities enable security measures required by the US Executive Order on Cybersecurity (Linux Foundation)
16. Poisoned Installers Found in SolarWinds Hackers Toolkit (Flizzyy News)
17. Russian SolarWinds Hacker Launches New Phishing Campaign-Security (Illinois News Today)
18. Federal Register :: Software Bill of Materials Elements and Considerations
19. CrowdStrike breaks down 'Golden SAML' attack
20. 12 Lessons Learned From The SolarWinds Breach: RSA Conference
21. To avoid insider threats, security strategies call for behavioral profiling and anomaly comparison | 2021-05-20 (Security Magazine)
22. Linux and open-source communities rise to Biden's cybersecurity challenge (ZDNet)
23. US-UK Gov Warning: SolarWinds Attackers Add Open-Source PenTest Tool to Arsenal (SecuritNEWS)
24. Fact Sheet: Russian SVR Activities Related to SolarWinds Compromise
25. Further TTPs associated with SVR cyber actors
26. Survey Finds Broad Concern Over Third (Party App ...)
27. The Ticking Time Bomb in Every Company's Code
28. DOD Zero Trust Reference Architecture
29. Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (The Open Security)
30. Dark Reading | Security (Protect The Business)
31. An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)
32. Abusing Replication: Stealing AD FS Secrets Over the Network (fireeye)
33. Well (known VPN used to steal credentials on SolarWinds servers)
34. Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)
35. SolarWinds hack and security - What is a software bill of materials? (JAXenter)
36. CISA warns of theft of credentials via SolarWinds and PulseSecure VPN
37. CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)
38. CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)
39. Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)
40. SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)
41. SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)
42. Supernova Attack Leveraged SolarWinds, Pulse Secure
43. SolarWinds hacking campaign puts Microsoft in the hot seat
44. Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)
45. Analysts Uncover More Servers Used in SolarWinds Attack
46. Supernova Attack Leveraged SolarWinds, Pulse Secure
47. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)
48. APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network
49. New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
50. Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)
51. CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)
52. CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)
53. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
54. Russian Cyber Threat Defense – Now and Looking Forward (secblvd)
55. Researchers shed more light on APT29 activity during SolarWinds attack
56. CISA Identifies SUPERNOVA Malware During Incident Response (CISA)
57. Research Uncovers New Command Servers Used in SolarWinds Campaign (Zero Day)
58. SolarWinds: Advancing the Story (RiskIQ Community Edition)
59. SolarWinds: Illuminating the Hidden Patterns That Advance the Story (RiskIQ)
60. Exploring three more serious flaws in SolarWinds Orion products (TechNative)
61. Supply chain risk: Addressing a multitude of single points of failure - (FCW)
62. Malware Wants to Phone Home. Trinity Cyber Doesn’t Try to Block It
63. MAR-10327841-1.v1 – SUNSHUTTLE (CISA)
64. Fireeyye - [Report] M (Trends 2021)
65. What We Know (and Don't Know) So Far About the ...
66. In wake of giant software hacks, defenders & dev teams must fix AppSec
67. iTWire (SolarWinds speaks out, and software dev can never be the same again)
68. SolarWinds hack: the mystery of one of the biggest cyberattacks ever (CyberNews)
69. SolarWinds CEO: Here’s What We’re Doing to Prevent Another Attack (SDxCentral)
70. Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft (Reuters)
71. Swiss cybersecurity firm says it accessed servers of SolarWinds hacking group (The Bharat Express News)
72. Swiss Cyber Security Firm Says It Accessed Servers of a SolarWinds Hacking Group
73. Swiss Firm Says It Accessed SolarWinds Attackers' Servers
74. Swiss Cybersecurity Firm says it Accessed Servers of a SolarWinds Hacker
75. Researchers discover threat actors with links to SolarWinds hack (IT PRO)
76. Swiss firm says it has accessed servers of a SolarWinds hacker that attacked 4,700 targets, Tech News News & Top Stories (The Straits Times)
77. SolarWinds explainer
78. Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker (Bloomberg)
79. SilverFish Group Threat Actor Report
80. Mimecast confirms hackers behind SolarWinds supply chain attack accessed limited amount of customer information (The Daily Swig)
81. The US must adopt Software Bill of Materials to thwart cyberattacks (hill)
82. NTIA Software Component Transparency (National Telecommunications and Information Administration)
83. Microsoft Releases Free Tool for Hunting SolarWinds ...
84. The Anatomy of the SolarWinds Attack Chain (secblvd)
85. Orion SDK - The Orion Platform (THWACK)
86. CyberArk Labs: The Anatomy of the SolarWinds Attack (Techwire)
87. Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (fireeye)
88. SolarWinds Cyber (Attack Affects Developers and Contractors)
89. Preventing Supply Chain Attacks like SolarWinds (Linux Foundation)
90. Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations (CISA)
91. Dark Halo Leverages SolarWinds Compromise to Breach Organizations (Volexity)
92. cyber.dhs.gov - Emergency Directive 21 (01)
93. Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor (fireeye)

About this site

• Home
• contact
• about
• security projects
• links
• services
• blog
• SolarWinds Articles

Projects

• Past Development projects