SolarWinds Articles
Updated 2024-01-20 05:49zZ
Malware used in the attack (195 articles)
-
SolarWinds Patches High-Severity Flaws in Access Rights Manager (SecurityWeek)
-
SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities - Nessus (InfosecMatter)
-
White House national security adviser asks software ...
-
White House national security adviser asks software companies to discuss cybersecurity
-
White House national security adviser asks software companies to discuss cybersecurity (Reuters)
-
Remote code execution in SolarWinds Database Performance Analyzer (Apache Log4j component)
-
SolarWinds Trust Center Security Advisories (CVE-2021-44228)
-
CVE-2021-35248 (SolarWinds Orion Settings access control)
-
CVE-2021-35234 (SolarWinds Orion sql injection)
-
SolarWinds Orion sql injection [CVE-2021 (35234] – Yet Another News Aggregator Channel)
-
The new PseudoManuscrypt malware puts over 35,000 PCs at risk (TheDigitalHacker)
-
Nobelium gang malware evolves one year after SolarWinds
-
CVE-2021-35235 (SolarWinds Kiwi Syslog Server ASP.NET Debugging information disclosure)
-
New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack
-
Tomiris backdoor and its connection to Sunshuttle and Kazuar (Securelist)
-
House passes legislation to strengthen federal cybersecurity workforce (hill)
-
‘Tomiris’ Backdoor Linked to SolarWinds Malware (tpost)
-
Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers
-
Experts Uncover Several C&C Servers Linked to WellMess Malware (News Nation USA)
-
Microsoft admits certifying a driver loaded with rootkit malware, says 'small number' of customers compromised by SolarWinds hackers (HITBSecNews)
-
Hackers Disguise Rootkit as Microsoft Drivers
-
Investigating and Mitigating Malicious Drivers (Microsoft Security Response Center)
-
Microsoft accidentally approved malware that could spy on Windows users
-
Biden weighs direct action against Russian targets following cyberattacks (WHAM)
-
NobleBaron (New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs)
-
Poisoned Installers Found in SolarWinds Hackers Toolkit (Flizzyy News)
-
New sophisticated email-based attack from NOBELIUM (MS Security)
-
Microsoft has discovered yet more SolarWinds malware | #microsoft | #hacking (#cybersecurity - National Cyber Security News Today)
-
Fact Sheet: Russian SVR Activities Related to SolarWinds Compromise
-
CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached
-
More US agencies potentially hacked, this time with Pulse Secure exploits (ars)
-
Security News in Review: Emotet Uninstalled Worldwide; Babuk “Goes Dark” (secblvd)
-
APT actors increasingly turn to exploits to launch attacks (TahawulTech.com)
-
Another top VPN is reportedly being used to spread the SolarWinds hack
-
APT actors increasingly turn to exploits to launch attacks (ITProPortal)
-
Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (All Tech News)
-
An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)
-
Well (known VPN used to steal credentials on SolarWinds servers)
-
Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)
-
CISA warns of theft of credentials via SolarWinds and PulseSecure VPN
-
CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)
-
CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)
-
Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)
-
SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)
-
SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)
-
Supernova Attack Leveraged SolarWinds, Pulse Secure
-
SolarWinds hacking campaign puts Microsoft in the hot seat
-
Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)
-
Analysts Uncover More Servers Used in SolarWinds Attack
-
Supernova Attack Leveraged SolarWinds, Pulse Secure
-
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)
-
APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network
-
When a Ripple Becomes a Wave: Cyberattack Fallout (secblvd)
-
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (Times News Express)
-
New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
-
Researchers Find Additional Infrastructure Used By SolarWinds Hackers
-
New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
-
Supernova Malware Actors Masqueraded as Remote ...
-
Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)
-
CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)
-
CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)
-
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
-
cyber.dhs.gov - Emergency Directive 21 (03: pulse secure)
-
US agencies assess Pulse Secure VPN exploitation. New Sunburst infestation found. Facebook shuts down Paletinian spy groups.
-
Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds
-
CISA Identifies SUPERNOVA Malware During Incident Response (CISA)
-
More SolarWinds command and control hacking servers found - Security (iTnews)
-
Feds Find More Malware Tied to SolarWinds Supply Chain Compromise
-
Samir on Twitter: "if you see an instance of dwDrvInst.exe (unsigned by Solarwinds) running with cmdline like "smartcard -install" that could be a sign of successful RCE exploitation of CVE-2019 (3980 https://t.co/FyZvQ2IYVj https://t.co/8OIarbbqeQ" / Twit)
-
CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
-
NSA: 5 Security Bugs Under Active Nation-State Cyberattack (tpost)
-
Russian SVR blamed for SolarWinds supply chain compromise, cyber espionage action (Industrial Cyber)
-
VirusTotal Community profile for CYBERCOM_Malware_Alert (VirusTotal)
-
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (secblvd)
-
Snort Blog: Snort rule update for April 15, 2021
-
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (Krebs on Security)
-
White House: Russians Behind SolarWinds and 5 More Technology Attacks
-
Russian SVR Targets U.S. and Allied Networks
-
Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks (Homeland Security Today)
-
CISA and CNMF Analysis of SolarWinds (related Malware)
-
MAR-10327841-1.v1 – SUNSHUTTLE (CISA)
-
US Cyber Command, DHS (CISA release Russian malware samples tied to SolarWinds compromise > U.S. Cyber Command > News)
-
Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks > National Security Agency Central Security Service > Article View
-
U.S. Agencies: Russian SolarWinds Hackers Leveraging Five Older Vulnerabilities (My TechDecisions)
-
Supply chain attacks: what we know about the SolarWinds ‘Sunburst’ exploit, and why it still matters (Check Point Software)
-
USA to publish detailed analysis of SolarWinds hacking tools
-
US to publish details on suspected Russian hacking tools used in SolarWinds espionage
-
What We Know (and Don't Know) So Far About the ...
-
iTWire (SolarWinds speaks out, and software dev can never be the same again)
-
Raindrop Loader delivers Cobalt Strike; SolarWinds - AlienVault (Open Threat Exchange)
-
SolarWinds Experimenting With New Software Build ... (Go Decrypt)
-
New Code Execution Flaws In Solarwinds Orion Platform (SecurityWeek.Com)
-
SilverFish: Swiss researchers identify threat actor with links to SolarWinds hack
-
Three Vulnerabilities Exposed During SolarWinds Attack & How It Could Have Been Prevented (CPO Magazine)
-
SolarWinds explainer
-
Did you get burned by the SolarWinds attack?US Releases Tools for Post-Infringement Detection (Texas News Today)
-
SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (ZDNet)
-
SilverFish Group Threat Actor Report
-
SolarWinds, SUNBURST, and supply chain security.
-
Microsoft Probing Whether Leak Played Role in Suspected Chinese Hack (WSJ)
-
There is Still More to SolarWinds Attack (Cyware Alerts - Hacker News)
-
Be on the Lookout: Impact of SolarWinds Orion Compromise on
-
Chinese hackers presumably behind SolarWinds hack new evidence revealed (Secure Blink)
-
Security researchers discover Supernova web shell activity linked to Chinese hackers | 2021-03-10 (Security Magazine)
-
Chinese suspected of two attacks on internet (facing SolarWinds server)
-
FireEye and Microsoft Uncover More Malware Strains Used in SolarWinds Hack (Toolbox Security)
-
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
-
Researchers Describe a Second, Separate SolarWinds Attack
-
More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
-
SolarWinds Sunburst backdoor supply chain attack: Why it still matters | Security (ITP.net)
-
SolarWinds just keeps getting worse: New strain of backdoor malware found in probe (Register)
-
More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
-
Hackers hiding Supernova malware in SolarWinds Orion linked to China
-
Chinese hackers targeted SolarWinds customers in parallel with Russian op (ars)
-
Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks (ZDNet)
-
Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
-
Researchers Identify More Malware Used By SolarWinds Hack Group
-
Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
-
GoldMax, GoldFinder, and Sibot, are the 3 new Malwares Used by SolarWinds Hackers (IT Security News)
-
Microsoft: We’ve found three more pieces of malware used by the SolarWinds attackers (Bestgamingpro)
-
-
Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet - PressboltNews)
-
Microsoft Reveals 3 New Malware Variants Relating to SolarWinds Cyberattack
-
GoldMax, GoldFinder, and Sibot, 3 new malware used by SolarWinds attackers (IT Security News)
-
Second (stage backdoor possibly linked to Solorigate campaign. Hafnium exploits Exchange Server vulnerabilities.)
-
SolarWinds SUNBURST Backdoor DGA and Infected Domain Analysis (Cybersecurity Insiders)
-
Second (stage backdoor in SolarWinds compromise victim. Exchange Server exploitation. RedEcho as staging. Leaky clouds.)
-
Microsoft shares details on three new malware strains used in SolarWinds hack
-
Researchers Find 3 New Malware Strains Used by SolarWinds Hackers (WP Guy News)
-
Three New Malware Strains Linked to SolarWinds Hackers (TerabitWeb Blog)
-
Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
-
Microsoft discovers more malware used by SolarWinds attacker while FireEye finds new backdoor (IT World Canada News)
-
Microsoft Drops 'Solorigate' for 'Nobelium' in Ongoing SolarWinds Attack Investigations - (Redmondmag.com)
-
FireEye finds new malware likely linked to SolarWinds hackers - AlienVault (Open Threat Exchange)
-
New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (Mandiant)
-
CYBERCOM Plays ‘Key Role’ As SolarWinds Unfolds: Gen. Nakasone « Breaking Defense (Defense industry news, analysis and commentary)
-
Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet)
-
Microsoft, FireEye Uncover More Malware Used in the ...
-
Researchers Disclose More Malware Used in SolarWinds Attack
-
Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers (tpost)
-
New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (fireeye)
-
What happened at SolarWinds? - sunburst in action! (Stinet)
-
SolarWinds attack – What is Known and How to Stay Protected (Check Point Software)
-
SolarWinds Update: Russian Threat-Actor Re (Used Components from Other)
-
Microsoft failed to shore up defenses that could have limited SolarWinds hack: U.S. senator | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
-
Microsoft Releases Free Tool for Hunting SolarWinds ...
-
Microsoft Releases Free Tool for Hunting SolarWinds ...
-
Anatomy of the SolarWinds Attack: Five Types of Malware (Blumira)
-
Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)
-
On SolarWinds, Supply Chains and Enterprise Networks
-
Symantec Enterprise Podcasts
-
Software supply chain attacks – everything you need to know (The Daily Swig)
-
Zero Day Initiative — Three More Bugs in Orion’s Belt
-
VirusTotal
-
VirusTotal
-
MAR-10318845-1.v1 - SUNBURST (CISA)
-
More SolarWinds News (secblvd)
-
Second SolarWinds Attack Group Breaks into USDA Payroll — Report (tpost)
-
More exploitable flaws found in SolarWinds software, says cybersecurity firm
-
More SolarWinds News (Schneier)
-
Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities (Trustwave)
-
3 New Severe Security Vulnerabilities Found In SolarWinds Software
-
New malware uncovered by experts examining SolarWinds strike Blog (Galaxkey)
-
Here's How SolarWinds Hackers Stayed Undetected for Long Enough
-
Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so long (ZDNet)
-
Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
-
Microsoft Releases New Info on SolarWinds Attack Chain
-
Fourth malware strain discovered in SolarWinds incident (ZDNet)
-
Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack
-
A New SolarWinds Malware Strain Is Discovered
-
Raindrop: New Malware Discovered in SolarWinds Investigation (Symantec Blogs)
-
SolarWinds Cyber (Attack Affects Developers and Contractors)
-
Sunspot malware scoured servers for SolarWinds builds to trojanize them
-
Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
-
SolarWinds malware was sneaked out of the firm's Orion build environment 6 months before anyone realised it was there (report • The Register)
-
Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
-
Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.
-
SolarWinds Hack Potentially Linked to Turla APT (tpost)
-
Sunburst backdoor – code overlaps with Kazuar (Securelist)
-
SUNSPOT Malware: A Technical Analysis (CrowdStrike)
-
SolarWinds Malware Arsenal Widens with Raindrop (tpost)
-
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar (Symantec Blogs)
-
Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)
-
SUNBURST Additional Technical Details (fireeye)
-
SolarWinds roundup: Fixes, new bad actors, and what the company knew (Network World)
-
VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
-
Microsoft: A 2nd Group May Have Also Breached SolarWinds
-
VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
-
SolarWinds SUNBURST Backdoor: Inside the APT Campaign (SentinelLabs)
-
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers (MS Security)
-
GitHub (fireeye/sunburst_countermeasures)
-
SolarWinds Orion vulnerability being actively exploited - updated advisory (CERT NZ)
-
Russian hack’s sophistication impresses even the experts (wapo)
-
red_team_tool_countermeasures/CVEs_red_team_tools.md at master · fireeye/red_team_tool_countermeasures (GitHub)
-
Solarwinds : Security vulnerabilities