SolarWinds Articles

Updated 2024-01-20 05:49zZ

Malware used in the attack (195 articles)

1. SolarWinds Patches High-Severity Flaws in Access Rights Manager (SecurityWeek)
2. SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities - Nessus (InfosecMatter)
3. White House national security adviser asks software ...
4. White House national security adviser asks software companies to discuss cybersecurity
5. White House national security adviser asks software companies to discuss cybersecurity (Reuters)
6. Remote code execution in SolarWinds Database Performance Analyzer (Apache Log4j component)
7. SolarWinds Trust Center Security Advisories (CVE-2021-44228)
8. CVE-2021-35248 (SolarWinds Orion Settings access control)
9. CVE-2021-35234 (SolarWinds Orion sql injection)
10. SolarWinds Orion sql injection [CVE-2021 (35234] – Yet Another News Aggregator Channel)
11. The new PseudoManuscrypt malware puts over 35,000 PCs at risk (TheDigitalHacker)
12. Nobelium gang malware evolves one year after SolarWinds
13. CVE-2021-35235 (SolarWinds Kiwi Syslog Server ASP.NET Debugging information disclosure)
14. New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack
15. Tomiris backdoor and its connection to Sunshuttle and Kazuar (Securelist)
16. House passes legislation to strengthen federal cybersecurity workforce (hill)
17. ‘Tomiris’ Backdoor Linked to SolarWinds Malware (tpost)
18. Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers
19. Experts Uncover Several C&C Servers Linked to WellMess Malware (News Nation USA)
20. Microsoft admits certifying a driver loaded with rootkit malware, says 'small number' of customers compromised by SolarWinds hackers (HITBSecNews)
21. Hackers Disguise Rootkit as Microsoft Drivers
22. Investigating and Mitigating Malicious Drivers (Microsoft Security Response Center)
23. Microsoft accidentally approved malware that could spy on Windows users
24. Biden weighs direct action against Russian targets following cyberattacks (WHAM)
25. NobleBaron (New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs)
26. Poisoned Installers Found in SolarWinds Hackers Toolkit (Flizzyy News)
27. New sophisticated email-based attack from NOBELIUM (MS Security)
28. Microsoft has discovered yet more SolarWinds malware | #microsoft | #hacking (#cybersecurity - National Cyber Security News Today)
29. Fact Sheet: Russian SVR Activities Related to SolarWinds Compromise
30. CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached
31. More US agencies potentially hacked, this time with Pulse Secure exploits (ars)
32. Security News in Review: Emotet Uninstalled Worldwide; Babuk “Goes Dark” (secblvd)
33. APT actors increasingly turn to exploits to launch attacks (TahawulTech.com)
34. Another top VPN is reportedly being used to spread the SolarWinds hack
35. APT actors increasingly turn to exploits to launch attacks (ITProPortal)
36. Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (All Tech News)
37. An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)
38. Well (known VPN used to steal credentials on SolarWinds servers)
39. Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)
40. CISA warns of theft of credentials via SolarWinds and PulseSecure VPN
41. CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)
42. CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)
43. Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)
44. SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)
45. SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)
46. Supernova Attack Leveraged SolarWinds, Pulse Secure
47. SolarWinds hacking campaign puts Microsoft in the hot seat
48. Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)
49. Analysts Uncover More Servers Used in SolarWinds Attack
50. Supernova Attack Leveraged SolarWinds, Pulse Secure
51. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)
52. APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network
53. When a Ripple Becomes a Wave: Cyberattack Fallout (secblvd)
54. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (Times News Express)
55. New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
56. Researchers Find Additional Infrastructure Used By SolarWinds Hackers
57. New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)
58. Supernova Malware Actors Masqueraded as Remote ...
59. Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)
60. CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)
61. CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)
62. Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
63. cyber.dhs.gov - Emergency Directive 21 (03: pulse secure)
64. US agencies assess Pulse Secure VPN exploitation. New Sunburst infestation found. Facebook shuts down Paletinian spy groups.
65. Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds
66. CISA Identifies SUPERNOVA Malware During Incident Response (CISA)
67. More SolarWinds command and control hacking servers found - Security (iTnews)
68. Feds Find More Malware Tied to SolarWinds Supply Chain Compromise
69. Samir on Twitter: "if you see an instance of dwDrvInst.exe (unsigned by Solarwinds) running with cmdline like "smartcard -install" that could be a sign of successful RCE exploitation of CVE-2019 (3980 https://t.co/FyZvQ2IYVj https://t.co/8OIarbbqeQ" / Twit)
70. CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
71. NSA: 5 Security Bugs Under Active Nation-State Cyberattack (tpost)
72. Russian SVR blamed for SolarWinds supply chain compromise, cyber espionage action (Industrial Cyber)
73. VirusTotal Community profile for CYBERCOM_Malware_Alert (VirusTotal)
74. Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (secblvd)
75. Snort Blog: Snort rule update for April 15, 2021
76. Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? (Krebs on Security)
77. White House: Russians Behind SolarWinds and 5 More Technology Attacks
78. Russian SVR Targets U.S. and Allied Networks
79. Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks (Homeland Security Today)
80. CISA and CNMF Analysis of SolarWinds (related Malware)
81. MAR-10327841-1.v1 – SUNSHUTTLE (CISA)
82. US Cyber Command, DHS (CISA release Russian malware samples tied to SolarWinds compromise > U.S. Cyber Command > News)
83. Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks > National Security Agency Central Security Service > Article View
84. U.S. Agencies: Russian SolarWinds Hackers Leveraging Five Older Vulnerabilities (My TechDecisions)
85. Supply chain attacks: what we know about the SolarWinds ‘Sunburst’ exploit, and why it still matters (Check Point Software)
86. USA to publish detailed analysis of SolarWinds hacking tools
87. US to publish details on suspected Russian hacking tools used in SolarWinds espionage
88. What We Know (and Don't Know) So Far About the ...
89. iTWire (SolarWinds speaks out, and software dev can never be the same again)
90. Raindrop Loader delivers Cobalt Strike; SolarWinds - AlienVault (Open Threat Exchange)
91. SolarWinds Experimenting With New Software Build ... (Go Decrypt)
92. New Code Execution Flaws In Solarwinds Orion Platform (SecurityWeek.Com)
93. SilverFish: Swiss researchers identify threat actor with links to SolarWinds hack
94. Three Vulnerabilities Exposed During SolarWinds Attack & How It Could Have Been Prevented (CPO Magazine)
95. SolarWinds explainer
96. Did you get burned by the SolarWinds attack?US Releases Tools for Post-Infringement Detection (Texas News Today)
97. SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (ZDNet)
98. SilverFish Group Threat Actor Report
99. SolarWinds, SUNBURST, and supply chain security.
100. Microsoft Probing Whether Leak Played Role in Suspected Chinese Hack (WSJ)
101. There is Still More to SolarWinds Attack (Cyware Alerts - Hacker News)
102. Be on the Lookout: Impact of SolarWinds Orion Compromise on
103. Chinese hackers presumably behind SolarWinds hack new evidence revealed (Secure Blink)
104. Security researchers discover Supernova web shell activity linked to Chinese hackers | 2021-03-10 (Security Magazine)
105. Chinese suspected of two attacks on internet (facing SolarWinds server)
106. FireEye and Microsoft Uncover More Malware Strains Used in SolarWinds Hack (Toolbox Security)
107. Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
108. Researchers Describe a Second, Separate SolarWinds Attack
109. More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
110. SolarWinds Sunburst backdoor supply chain attack: Why it still matters | Security (ITP.net)
111. SolarWinds just keeps getting worse: New strain of backdoor malware found in probe (Register)
112. More clues appear to link Supernova web shell activity to Chinese hackers (TechRadar)
113. Hackers hiding Supernova malware in SolarWinds Orion linked to China
114. Chinese hackers targeted SolarWinds customers in parallel with Russian op (ars)
115. Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks (ZDNet)
116. Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
117. Researchers Identify More Malware Used By SolarWinds Hack Group
118. Security report: Lessons learned investigating the SUNBURST software supply chain attack (ITWeb)
119. GoldMax, GoldFinder, and Sibot, are the 3 new Malwares Used by SolarWinds Hackers (IT Security News)
120. Microsoft: We’ve found three more pieces of malware used by the SolarWinds attackers (Bestgamingpro)
122. Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet - PressboltNews)
123. Microsoft Reveals 3 New Malware Variants Relating to SolarWinds Cyberattack
124. GoldMax, GoldFinder, and Sibot, 3 new malware used by SolarWinds attackers (IT Security News)
125. Second (stage backdoor possibly linked to Solorigate campaign. Hafnium exploits Exchange Server vulnerabilities.)
126. SolarWinds SUNBURST Backdoor DGA and Infected Domain Analysis (Cybersecurity Insiders)
127. Second (stage backdoor in SolarWinds compromise victim. Exchange Server exploitation. RedEcho as staging. Leaky clouds.)
128. Microsoft shares details on three new malware strains used in SolarWinds hack
129. Researchers Find 3 New Malware Strains Used by SolarWinds Hackers (WP Guy News)
130. Three New Malware Strains Linked to SolarWinds Hackers (TerabitWeb Blog)
131. Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
132. Microsoft discovers more malware used by SolarWinds attacker while FireEye finds new backdoor (IT World Canada News)
133. Microsoft Drops 'Solorigate' for 'Nobelium' in Ongoing SolarWinds Attack Investigations - (Redmondmag.com)
134. FireEye finds new malware likely linked to SolarWinds hackers - AlienVault (Open Threat Exchange)
135. New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (Mandiant)
136. CYBERCOM Plays ‘Key Role’ As SolarWinds Unfolds: Gen. Nakasone « Breaking Defense (Defense industry news, analysis and commentary)
137. Microsoft: We've found three more pieces of malware used by the SolarWinds attackers (ZDNet)
138. Microsoft, FireEye Uncover More Malware Used in the ...
139. Researchers Disclose More Malware Used in SolarWinds Attack
140. Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers (tpost)
141. New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 (fireeye)
142. What happened at SolarWinds? - sunburst in action! (Stinet)
143. SolarWinds attack – What is Known and How to Stay Protected (Check Point Software)
144. SolarWinds Update: Russian Threat-Actor Re (Used Components from Other)
145. Microsoft failed to shore up defenses that could have limited SolarWinds hack: U.S. senator | Y100 WNCY | Your Home For Country & Fun (Green Bay, WI)
146. Microsoft Releases Free Tool for Hunting SolarWinds ...
147. Microsoft Releases Free Tool for Hunting SolarWinds ...
148. Anatomy of the SolarWinds Attack: Five Types of Malware (Blumira)
149. Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)
150. On SolarWinds, Supply Chains and Enterprise Networks
151. Symantec Enterprise Podcasts
152. Software supply chain attacks – everything you need to know (The Daily Swig)
153. Zero Day Initiative — Three More Bugs in Orion’s Belt
154. VirusTotal
155. VirusTotal
156. MAR-10318845-1.v1 - SUNBURST (CISA)
157. More SolarWinds News (secblvd)
158. Second SolarWinds Attack Group Breaks into USDA Payroll — Report (tpost)
159. More exploitable flaws found in SolarWinds software, says cybersecurity firm
160. More SolarWinds News (Schneier)
161. Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities (Trustwave)
162. 3 New Severe Security Vulnerabilities Found In SolarWinds Software
163. New malware uncovered by experts examining SolarWinds strike Blog (Galaxkey)
164. Here's How SolarWinds Hackers Stayed Undetected for Long Enough
165. Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so long (ZDNet)
166. Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
167. Microsoft Releases New Info on SolarWinds Attack Chain
168. Fourth malware strain discovered in SolarWinds incident (ZDNet)
169. Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack
170. A New SolarWinds Malware Strain Is Discovered
171. Raindrop: New Malware Discovered in SolarWinds Investigation (Symantec Blogs)
172. SolarWinds Cyber (Attack Affects Developers and Contractors)
173. Sunspot malware scoured servers for SolarWinds builds to trojanize them
174. Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
175. SolarWinds malware was sneaked out of the firm's Orion build environment 6 months before anyone realised it was there (report • The Register)
176. Third malware strain discovered in SolarWinds supply chain attack (ZDNet)
177. Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.
178. SolarWinds Hack Potentially Linked to Turla APT (tpost)
179. Sunburst backdoor – code overlaps with Kazuar (Securelist)
180. SUNSPOT Malware: A Technical Analysis (CrowdStrike)
181. SolarWinds Malware Arsenal Widens with Raindrop (tpost)
182. SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar (Symantec Blogs)
183. Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)
184. SUNBURST Additional Technical Details (fireeye)
185. SolarWinds roundup: Fixes, new bad actors, and what the company knew (Network World)
186. VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
187. Microsoft: A 2nd Group May Have Also Breached SolarWinds
188. VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)
189. SolarWinds SUNBURST Backdoor: Inside the APT Campaign (SentinelLabs)
190. Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers (MS Security)
191. GitHub (fireeye/sunburst_countermeasures)
192. SolarWinds Orion vulnerability being actively exploited - updated advisory (CERT NZ)
193. Russian hack’s sophistication impresses even the experts (wapo)
194. red_team_tool_countermeasures/CVEs_red_team_tools.md at master · fireeye/red_team_tool_countermeasures (GitHub)
195. Solarwinds : Security vulnerabilities

About this site

• Home
• contact
• about
• security projects
• links
• services
• blog
• SolarWinds Articles

Projects

• Past Development projects