About this site

Previous work

Projects

   

   

   

   

   

   

   

   

   

   

Tools Techniques and Procedures in the attack

Retrieved 2021-12-07

  • SolarWinds Attackers Spotted Using New Tactics, Malware (tpost)

    • Retrieved 2021-12-06

  • SolarWinds hackers have a whole bag of new tricks for mass compromise attacks (ars)
  • SolarWinds hackers have been quietly targeting governments, cloud providers (scmedia)
  • Russian group behind SolarWinds incident ramping up hacking efforts, analysis says (hill)
  • SolarWinds hackers kept busy in the year since the seminal hack, Mandiant finds
  • Suspected Russian Activity Targeting Government and Business Entities Around the Globe (Mandiant)
  • Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets
  • SolarWinds hackers have been quietly targeting governments, cloud providers (scmedia)
  • Mandiant: SolarWinds Attackers Continue to Innovate
  • The Microsoft paradox: Contributing to cyber threats and monetizing the cure (Fortune)

    • Retrieved 2021-10-25

  • SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks (tpost)

    • Retrieved 2021-10-18

  • How the SolarWinds Hack (almost) went Undetected

    • Retrieved 2021-10-16

  • (1293) SEC-T 0x0D: Erik Hjelmvik - Hiding in Plain Sight - How the SolarWinds Hack Went Undetected (YouTube)

    • Retrieved 2021-10-06

  • Mandia Alerted NSA on FireEye’s SolarWinds Breach

    • Retrieved 2021-09-22

  • APT focus: ‘Noisy’ Russian hacking crews are among the world’s most sophisticated (The Daily Swig)

    • Retrieved 2021-07-02

  • US, UK warn about Russia's brute force cyber campaign (Illinois News Today)

    • Retrieved 2021-05-20

  • To avoid insider threats, security strategies call for behavioral profiling and anomaly comparison | 2021-05-20 (Security Magazine)
  • 12 Lessons Learned From The SolarWinds Breach: RSA Conference

    • Retrieved 2021-05-08

  • U.S., U.K. Reveal Code Flaws Abused by SolarWinds Hackers

    • Retrieved 2021-05-07

  • US-UK Gov Warning: SolarWinds Attackers Add Open-Source PenTest Tool to Arsenal (SecuritNEWS)
  • Joint advisory: Further TTPs associated with SVR cyber actors (NCSC.GOV.UK)

    • Retrieved 2021-05-05

  • Further TTPs associated with SVR cyber actors

    • Retrieved 2021-04-26

  • 'Cock.li' Admin Says He's Not Surprised Russian Intelligence Uses His Site
  • Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders (CISA)

    • Retrieved 2021-03-25

  • SolarWinds Attack Illustrates Evolving Russian Cyber Tactics

    • Retrieved 2021-03-20

  • Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker

    • Retrieved 2021-03-17

  • TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise (Homeland Security Today)

    • Retrieved 2021-03-10

  • CISA: ‘Identity is everything’ for cyber defense post-SolarWinds (FRN)

    • Retrieved 2021-03-09

  • Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

    • Retrieved 2021-02-23

  • The Anatomy of the SolarWinds Attack Chain

    • Retrieved 2021-02-18

  • SolarWinds attack hit 100 companies and took months of planning, says White House (ZDNet)
  • SolarWinds fallout has enterprise CISOs on edge

    • Retrieved 2021-02-17

  • Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)

    • Retrieved 2021-02-07

  • SolarWinds CEO: “SolarWinds Orion Development Program was Exploited by the Hackers” - E Hacking News (Latest Hacker News and IT Security News)

    • Retrieved 2021-02-01

  • The Next Cyberattack Is Already Under Way (The New Yorker)
  • This is How They Tell Me the World Ends

    • Retrieved 2021-01-21

  • Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so long (ZDNet)

    • Retrieved 2021-01-20

  • SolarWinds Hackers Access Malwarebytes’ Office 365 Emails
  • Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop (MS Security)

    • Retrieved 2021-01-19

  • Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (fireeye)
  • Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
  • Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments - Malwarebytes Labs (Malwarebytes Labs)
  • SolarWinds Attack Underscores 'New Dimension' in ...

    • Retrieved 2021-01-14

  • SolarWinds defense: How to stop similar attacks (ZDNet)

    • Retrieved 2021-01-12

  • SolarWinds Hackers’ Attack on Email Security Company Raises New Red Flags (WSJ)

    • Retrieved 2021-01-07

  • SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar (Symantec Blogs)

    • Retrieved 2020-12-23

  • Massive data breach may have been discovered due to 'unforced error' by suspected Russian hackers (CNNPolitics)
  • Five Solution Providers Breached By SolarWinds Hackers: Researchers
  • Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)
  • Q:CYBER spots lateral movement as used in the SolarWinds (Sunburst) calamity | State (insidenova.com)

    • Retrieved 2020-12-22

  • SolarWinds Campaign Focuses Attention on 'Golden ...

    • Retrieved 2020-12-21

  • SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security (secblvd)
  • CISA warns that SolarWinds software may not be only entry point in latest breaches - (GCN)
  • After the FireEye and SolarWinds breaches, what’s your failsafe? (TechCrunch)
  • Trump's reluctance to name Russia in SolarWinds hack will hamper recovery (Axios)

    • Retrieved 2020-12-18

  • Microsoft president calls SolarWinds hack an “act of recklessness” (ars)
  • Hackers last year conducted a 'dry run' of SolarWinds breach
  • SolarWinds: UK assessing impact of hacking campaign (BBC News)
  • Five Russian hacks that transformed US cyber-security (BBC News)
  • Sygnia Advisory: Detection of Golden SAML attacks
  • Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)
  • Sunburst: connecting the dots in the DNS requests (Securelist)
  • Microsoft says it found malicious software in its systems (CNA)
  • NSA on Authentication Hacks (Related to SolarWinds Breach) (Schneier)

    • Retrieved 2020-12-17

  • Federal investigators find evidence of previously unknown tactics used to penetrate government networks (wapo)
  • Exclusive-Suspected Russian hacking spree reached into Microsoft -sources (Reuters)
  • CISA: SolarWinds Not the Only Initial Attack Vector ...
  • Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps
  • More Hacking Attacks Found, Officials Warn of Risk to U.S. Government (nyt)

    • Retrieved 2020-12-16

  • SunBurst: the next level of stealth
  • Thread by @megabeets_ on Thread Reader App (Thread Reader App)
  • SolarWinds' dominance became a liability in sprawling spy campaign (VentureBeat)
  • Trend data on the SolarWinds Orion compromise

    • Retrieved 2020-12-15

  • SolarWinds hackers have a clever way to bypass multi-factor authentication (ars)
  • What We Know (And Don’t) About The SolarWinds Orion Hack So Far

    • Retrieved 2020-12-14

  • Dark Halo Leverages SolarWinds Compromise to Breach Organizations (Volexity)
  • SolarWinds Breach: An RSAC Interview with Dmitri Alperovitch About Who, How and Why (RSA)

    • Retrieved 2020-12-13

  • Important steps for customers to protect themselves from recent nation-state cyberattacks (Microsoft On the Issues)
  • US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
  • Global Intrusion Campaign Leverages Software Supply Chain Compromise (fireeye)

    • Retrieved 2018-11-18

  • How to create a backdoor to Azure AD (part 1: Identity federation)

    • Contents copyright Ciexinc.com 2024; All rights reserved
    Cookie policy: This site neither sets nor collects cookies.
    blog1.2.5/pb1.2.7