The vector or vectors used in the attack

Retrieved 2022-01-19

Microsoft: Hackers Exploiting New SolarWinds Serv (U Bug Related to Log4j Attacks)

Retrieved 2021-10-25

SolarWinds Attacker Targets Cloud Service Providers in New Supply Chain Threat

SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks (tpost)

Retrieved 2021-09-28

SolarWinds attackers drop 'FoggyWeb' backdoor on AD SSO servers - Security - Software (iTnews)

Microsoft warning: This malware creates a 'persistent' backdoor for hackers (ZDNet)

New malware from SolarWinds attackers leaves behind a backdoor (TechRadar)

SolarWinds hackers Nobelium spotted using a new backdoor

Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (SecurityWeek.Com)

Russia (Linked Nobelium Deploying New 'FoggyWeb' Malware)

How one red team exercise averted a new SolarWinds (style attack)

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor (tpost)

Retrieved 2021-09-10

This Week In Security: Ghoscript In Imagemagick, Solarwinds, And DHCP Shenanigans (Hackaday)

Retrieved 2021-09-06

Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack (News Nation USA)

Retrieved 2021-09-02

A deep-dive into the SolarWinds Serv-U SSH vulnerability (Microsoft Security Blog)

Retrieved 2021-07-30

Experts Uncover Several C&C Servers Linked to WellMess Malware (News Nation USA)

Retrieved 2021-07-28

Podcast: Why Securing Active Directory Is a Nightmare (tpost)

Retrieved 2021-07-08

Three new security plunders: Microsoft said it’s the same group behind SolarWinds hack

Retrieved 2021-07-02

Solar Winds Hackers Continue To Cause Grief (Cyber Security Hub)

Retrieved 2021-07-01

Microsoft Customers Warned of Targeted Scams by NOBELLIUM (Data Privacy + Cybersecurity Insider)

Retrieved 2021-06-30

SolarWinds Investigation Leads Microsoft to Another Security Breach Discovery (FindBiometrics)

SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (NY Press News)

NSA discloses hacking methods it says are used by Russia (The Seattle Times)

Retrieved 2021-06-29

SolarWinds Hackers Continue Assault With a New Microsoft Breach (Forbes Alert)

Microsoft: malicious cyber group Nobelium tried to attack entities in 36 countries (Israel Defense)

Retrieved 2021-06-28

Microsoft says new breach was discovered in probe by suspected SolarWinds hackers by Reuters (My Blog)

SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (The Cyber Security News)

Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)

Microsoft (NASDAQ:MSFT) customers compromised in a cyberattack

Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Regina Leader Post)

Microsoft says new breach discovered in probe of suspected SolarWinds hackers (The Star Phoenix)

SolarWinds hackers attack Microsoft, shocking security analysts (Techzine Europe)

Microsoft says hackers who compromised SolarWinds breached three new victims

Microsoft Discovers New Attacks by SolarWinds Group, Including One Against Its Own Agent - by Cynthia Brumfield (Metacurity)

Microsoft’s customer support targeted by SolarWinds hackers

Russian hackers breached Microsoft customer support to try phishing targets in 36 countries

Microsoft support agent and some basic customer details hit by SolarWinds attackers (ZDNet)

Microsoft Tracks Attack Campaign Against Customer ...

Microsoft customer support hacked in new campaign by APT29

The SolarWinds hackers are attacking again. (Aluria Tech)

Microsoft uncovers new breach while investigating SolarWinds hackers, Digital News (AsiaOne)

Microsoft Signed Malware That Spreads Through Gaming (tpost)

SolarWinds hack: Microsoft says new breach discovered during SolarWinds hack probe (The Economic Times)

Details of basic customers attacked by Microsoft support agents and SolarWinds attackers (Fuentitech)

Nobelium, After SolarWinds, Has Now Hit Microsoft (Cyberintel Magazine)

BreachExchange: SolarWinds hackers breach Microsoft support agent to target customers

Retrieved 2021-06-27

SolarWinds Hackers Accessed Microsoft Customer Service Tools (Teller Report)

SolarWinds hackers break into new victims, including Microsoft support agents (Fuentitech)

Microsoft Says SolarWinds Hackers Attacked Three in New Breach (usnewsmail)

SolarWinds hackers breach new victims, including a Microsoft support agent (HITBSecNews)

Microsoft says its own customer support tools were compromised by SolarWinds hackers (TechNewsBoy.com)

Retrieved 2021-06-26

SolarWinds backdoor gang pwns Microsoft support agent to turn sights on customers (Register)

Microsoft says its own customer support tools were compromised by SolarWinds hackers (Sports Grind Entertainment)

Microsoft reports previously undetected security breach while investigating SolarWinds hack — RT USA News

Microsoft: Russia (linked SolarWinds hackers breached three new entitiesSecurity Affairs)

SolarWinds hackers breach new victims, including a Microsoft support agent (ars)

Microsoft Discloses New Customer Hack Linked to SolarWinds Cyberattackers (WSJ)

Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Netscape Money & Business)

Microsoft claims its own customer support tools have been compromised by SolarWinds hackers – . (FR24 News English)

SolarWinds hackers breach new victims, together with a Microsoft help agent (EAUC News)

SolarWinds Hackers Breach New Victims, Including Microsoft Support Agent (Salesground)

SolarWinds hackers breach new victims, including a Microsoft support agent – Ars Technica (Million Dollar Business Blog)

SolarWinds hackers attack new victims, including Microsoft support agent – . (FR24 News English)

Microsoft admits to signing rootkit malware in supply-chain fiasco (Business Standard News)

Microsoft says a new breach was discovered in a suspected investigation into SolarWinds hackers (India News Republic)

Microsoft Corporation (NASDAQ:MSFT) - Microsoft Says Its Customer Support Tools, Users' Information Were Exploited By The Hackers Behind SolarWinds (Benzinga)

Retrieved 2021-06-25

Microsoft says new breach discovered in probe of suspected SolarWinds hackers (Reuters)

Microsoft says SolarWinds hacking group has breached three new victims (The Record by Recorded Future)

Microsoft says its own customer support tools were compromised by SolarWinds hackers (Verge)

Retrieved 2021-06-03

Russian SolarWinds hackers have launched a new campaign using their USAID email address, Microsoft said. (Illinois News Today)

Retrieved 2021-06-01

How SolarWinds Hackers ‘Nobelium’ Used Constant Contact in Mass Phishing Campaign

Russian SolarWinds Hacker Launches New Phishing Campaign-Security (Illinois News Today)

New breach by hackers behind SolarWinds 'mostly unsuccessful', says Microsoft (Secure books)

SolarWinds hackers launch phishing attack - (GCN)

U.S. seizes two domains used in cyberattacks that mimicked USAID communications (Nasdaq)

SolarWinds Threat Actors Behind New Email Attack Campaign

NobleBaron (New Poisoned Installers Could Be Used In Supply Chain Attacks - SentinelLabs)

Justice Department seizes domains used in Nobelium-USAID phishing campaign (ZDNet)

US seizes 2 domain names used in cyberespionage campaign (The Seattle Times)

Feds seize two domains used by SolarWinds intruders for malware spear (phishing op • The Register)

SolarWind Attackers Launch New Wave Of Phishing Attacks

US SolarWinds hackers seize domains used in cyber espionage attacks (Jioforme)

U.S. seizes domains used in USAID hack (UPI)

will over solarwinds latest massive phishing

Russia's Nobelium uses USAID's email system for hacking, according to Microsoft (Illinois News Today)

What Microsoft officials know about Russian phishing hacks aimed at USAID (Illinois News Today)

Retrieved 2021-05-31

Another Nobelium Cyberattack (Microsoft On the Issues)

Solarwinds: 150 companies massively targeted by APT29

Nobelium: The SolarWinds Hackers is Back With Another Cyber Attack (secblvd)

Russian hackers of SolarWinds back on the attack

New Wave of Phishing Attacks: SolarWinds Hackers Target Government and NGOs

SolarWinds Attackers Launch New Wave Of Nobelium Attacks - Malware News (Malware Analysis, News and Indicators)

Retrieved 2021-05-27

New sophisticated email-based attack from NOBELIUM (MS Security)

Retrieved 2021-04-30

More US agencies potentially hacked, this time with Pulse Secure exploits (ars)

CISA: 5 Agencies Using Pulse Secure VPNs Possibly Breached

Retrieved 2021-04-28

Another top VPN is reportedly being used to spread the SolarWinds hack

NSA: OT Security Guidance in Wake of SolarWinds Attack

Retrieved 2021-04-27

Well (known VPN used to steal credentials on SolarWinds servers)

An APT Group Exploits VPN to Deploy Supernova on SolarWinds Orion (Cyware Alerts - Hacker News)

Another SolarWinds lesson: Hackers are targeting Microsoft authentication servers (All Tech News)

APT actors increasingly turn to exploits to launch attacks (ITProPortal)

Retrieved 2021-04-26

CISA warns of theft of credentials via SolarWinds and PulseSecure VPN

Another top VPN is reportedly being used to spread SolarWinds hack (TechRadar)

Retrieved 2021-04-25

SolarWinds hacking campaign puts Microsoft in the hot seat (Columbia Basin Herald)

Microsoft in the hot seat due to SolarWinds hacking campaign (Compsmag)

CISA warns of credential theft via SolarWinds and PulseSecure VPN (VentureBeat)

CISA warns of credential theft via SolarWinds and PulseSecure VPN (Public News)

Retrieved 2021-04-23

Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (Times News Express)

When a Ripple Becomes a Wave: Cyberattack Fallout (secblvd)

APT abused Pulse Secure, SolarWinds appliances to plant Supernova webshell on enterprise network

Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion (IT Security News)

Supernova Attack Leveraged SolarWinds, Pulse Secure

Analysts Uncover More Servers Used in SolarWinds Attack

Hackers exploit SolarWinds, Pulse Secure for credential theft: Feds - Security (CRN Australia)

SolarWinds hacking campaign puts Microsoft in the hot seat

Supernova Attack Leveraged SolarWinds, Pulse Secure

SUPERNOVA malware discovered on SolarWinds Orion server (Malware Devil)

Retrieved 2021-04-22

CISA Identifies SUPERNOVA Malware During Incident Response (CISA)

Cybersecurity expert: If you use SolarWinds, they got you (POWERGRID International)

Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds

US agencies assess Pulse Secure VPN exploitation. New Sunburst infestation found. Facebook shuts down Paletinian spy groups.

cyber.dhs.gov - Emergency Directive 21 (03: pulse secure)

Russian Cyber Threat Defense – Now and Looking Forward (secblvd)

Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion

CISA Discovers Advanced Malware In VPN Device (Potomac Officers Club)

CISA Finds New Attacker Using Supernova Malware on SolarWinds Orion (Decipher)

Researchers Find New Chunk of SolarWinds Attackers' Infrastructure (Decipher)

New analysis uncovers extensive SolarWinds attack infrastructure (TechRadar)

Retrieved 2021-04-17

CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits

Retrieved 2021-04-15

Cybercriminals get bolder as impact from SolarWinds and ransomware grows (SiliconANGLE)

Retrieved 2021-04-14

Protecting The Integrity Of The Software Factory

Retrieved 2021-03-28

iTWire (SolarWinds speaks out, and software dev can never be the same again)

Retrieved 2021-03-26

SolarWinds Experimenting With New Software Build ... (Go Decrypt)

SolarWinds hack: the mystery of one of the biggest cyberattacks ever (CyberNews)

Retrieved 2021-03-22

Three Vulnerabilities Exposed During SolarWinds Attack & How It Could Have Been Prevented (CPO Magazine)

Retrieved 2021-03-19

Government Monitoring Won't Stop the Next SolarWinds Campaign, Experts Say (Zero Day)

Retrieved 2021-03-18

Has Your Organization Been Breached By Solar Winds Malware?

Retrieved 2021-03-17

What 2020 taught us about the need for deception technology (scmedia)

Mimecast confirms hackers behind SolarWinds supply chain attack accessed limited amount of customer information (The Daily Swig)

SolarWinds (Linked Attackers Target Microsoft 365 ...)

Retrieved 2021-03-12

Biden administration to respond in weeks to SolarWinds hackers-senior official | The Mighty 790 KFGO (KFGO)

Retaliation Options: US Cyber Responses To SolarWinds, Exchange Hacks « Breaking Defense (Defense industry news, analysis and commentary)

U.S. government to respond to SolarWinds hackers in weeks: senior official

How Should the U.S. Respond to the SolarWinds and Microsoft Exchange Hacks?  (Lawfare)

Post-SolarWinds, IT departments increase vendor scrutiny (CIO Dive)

Despite hacks, Biden admin not planning to step up government surveillance (Hindustan Times)

Retrieved 2021-03-11

Why embedded devices are the dangerous blind spot in the SolarWinds attack  (hill)

Retrieved 2021-03-10

FireEye CEO: Reckless Microsoft hack unusual for China | (leadertelegram.com)

What the Quad Must Learn From the SolarWinds Hack (The National Interest)

Retrieved 2021-03-09

SolarWinds Sunburst backdoor supply chain attack: Why it still matters | Security (ITP.net)

Why the SolarWinds Hack Is a Wake-Up Call (CoFR)

Retrieved 2021-03-08

EXCLUSIVE: I am Groot - POLITICO: one-on (wine with lead house cyber chair)

Latest target for hackers: A popular file-transfer program (WRAL TechWire)

Is it time to adopt an ‘assumed breach’ cyber policy? (BIC Magazine)

The SolarWinds attack and best practices for code (signing)

China (linked hackers exploited SolarWinds software in 2020 breach, researchers say)

Hackers hiding Supernova malware in SolarWinds Orion linked to China

Retrieved 2021-03-06

Casting a wide intrusion net: Dozens burned with single hack

Retrieved 2021-03-05

Risky business: 3 timeless approaches to reduce security risk in 2021 (Help Net Security)

Microsoft discovers more malware used by SolarWinds attacker while FireEye finds new backdoor (IT World Canada News)

Retrieved 2021-03-04

The March IronNet Threat Intelligence Brief (secblvd)

Retrieved 2021-03-03

How SolarWinds Busted Up Our Assumptions About Code ...

Still more questions than answers on SolarWinds attack - (Defense Systems)

Retrieved 2021-03-02

Extreme : SolarWinds – A Supply Chain Compromise (MarketScreener)

Hacking group targets organizations via Microsoft server software -researcher | WKZO | Everything Kalamazoo (590 AM · 106.9 FM)

SolarWinds (A Supply Chain Compromise)

A Briefing on the SolarWinds Threat (ACT-IAC)

Retrieved 2021-03-01

SolarWinds security fiasco may have started with simple password blunders (ZDNet)

NTIA Software Component Transparency (National Telecommunications and Information Administration)

SolarWinds Cyberattack Prompts Calls for Aggressive Countermeasures | The Well News (Pragmatic, Governance, Fiscally Responsible, News & Analysis)

Retrieved 2021-02-27

Critical VMware vSphere Vulnerability Is a Must (Patch)

Retrieved 2021-02-26

The anatomy of the SolarWinds attack chain (ITWeb)

CrowdStrike Exec Points to Active Directory 'Structural Problems' in Senate Solorigate Hearing - (Redmondmag.com)

Retrieved 2021-02-25

SolarWinds Hackers Targeted Cloud Services as a Key Objective  (AI Trends)

First Blackbaud, then SolarWinds. Supply chain cyber (attacks are proliferating – how secure is your business?)

SolarWinds Update: Russian Threat-Actor Re (Used Components from Other)

Former SolarWinds CEO blames intern for "solarwinds123" password leak (CNNPolitics)

Retrieved 2021-02-24

SolarWinds not the only company used to hack targets, tech execs say at hearing (CNET)

Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries

Senate SolarWinds Hearing: 4 Key Issues Raised

Google’s been lobbying for more scrutiny into Microsoft’s liability for SolarWinds hack » OnMSFT.com

SolarWinds Hack Leaves Entire Industry In Panic (Research Snipers)

Retrieved 2021-02-23

SolarWinds CEO to Testify at Second Hearing Friday; He Offers Details Now

What's Scarier Than the SolarWinds Breach? (secblvd)

Opinion (Why Was SolarWinds So Vulnerable to a Hack? - The New York Times)

The Anatomy of the SolarWinds Attack Chain (secblvd)

The Anatomy of the SolarWinds Attack Chain

SolarWinds hackers targeted NASA, Federal Aviation Administration networks (TechCrunch)

Executives testify SolarWinds hack was of unprecedented scale, scope (UPI)

SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate | Technology (Guardian)

Retrieved 2021-02-22

SolarWinds Cyber Attack: February 24 Webinar Will Address Lessons Learned

Retrieved 2021-02-18

Hiding in Plain Sight: What the SolarWinds Attack ...

What financial services should learn from the SolarWinds cyber attack

Microsoft wraps SolarWinds probe, nudges companies toward zero trust

Retrieved 2021-02-17

Suspected Russian Hackers Used U.S. Networks, Official Says (Bloomberg)

SolarWinds (style email compromise attacks go mainstream)

The Solarwinds Hack Is A One Of A Kind And Not The Norm (Information Security Buzz)

Targeting Process for the SolarWinds Backdoor (NETRESEC Blog)

CyberArk Labs: The Anatomy of the SolarWinds Attack (Techwire)

Retrieved 2021-02-16

France Just Suffered A Very 'Solar Winds' (Like Cyberattack)

SolarWinds Hack and the Case of DNS Security (secblvd)

Retrieved 2021-02-15

France Ties Russia's Sandworm to a Multiyear Hacking Spree (WIRED)

Microsoft: SolarWinds attack took more than 1,000 engineers to create (ZDNet)

Retrieved 2021-02-12

On SolarWinds, Supply Chains and Enterprise Networks

Retrieved 2021-02-11

Software supply chain attacks – everything you need to know (The Daily Swig)

Symantec Enterprise Podcasts

Retrieved 2021-02-09

SolarWinds security to-do list post hack (Utility Dive)

SolarWinds Shines Spotlight on Supply Chain Risks (CSO Online)

Our systems weren’t the entry point for SolarWinds attackers, says Microsoft (Channel Daily News)

Retrieved 2021-02-07

SolarWinds CEO: “SolarWinds Orion Development Program was Exploited by the Hackers” - E Hacking News (Latest Hacker News and IT Security News)

Retrieved 2021-02-05

Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector

Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector

Microsoft: No Evidence SolarWinds Was Hacked Via Office 365

Retrieved 2021-02-04

SolarWinds CEO Confirms Office 365 Email ‘Compromise’ Played Role In Broad (Based Attack)

Retrieved 2021-02-03

3 New Severe Security Vulnerabilities Found In SolarWinds Software

More exploitable flaws found in SolarWinds software, says cybersecurity firm

Second SolarWinds Attack Group Breaks into USDA Payroll — Report (tpost)

Chinese threat actor may have exploited SolarWinds. New SolarWinds vulnerabilities reported. Spyware in South Sudan. BEC gift card scams rise.

Hackers had access to SolarWinds email system for months: report (hill)

Nearly One (Third of Attack Targets Weren’t Running SolarWinds)

Retrieved 2021-02-02

Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says (WSJ)

Retrieved 2021-02-01

SolarWinds Hackers Cast a Wide Net (BankInfoSecurity)

Retrieved 2021-01-29

Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say (WSJ)

Retrieved 2021-01-28

CISA Warns of New Malware Threat to Vulnerable SolarWinds Orion Tech

Retrieved 2021-01-27

Fidelis Targeted By SolarWinds Hackers After Installing Orion

Retrieved 2021-01-26

Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access

Retrieved 2021-01-22

ConnectWise Control MSP Security Vulnerabilities Are ‘Severe:’ Bishop Fox

Retrieved 2021-01-20

SolarWinds Hackers Access Malwarebytes’ Office 365 Emails

Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop (MS Security)

Retrieved 2021-01-19

Malwarebytes said it was hacked by the same group who breached SolarWinds (ZDNet)

Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments - Malwarebytes Labs (Malwarebytes Labs)

Injecting a Backdoor into SolarWinds Orion (Schneier)

Retrieved 2021-01-15

Understanding third-party hacks in the aftermath of the SolarWinds breach (Help Net Security)

IOTW: As The SolarWinds Hack Investigation Continues, New Insights Reveal A New Suspect (Cyber Security Hub)

Retrieved 2021-01-14

SolarWinds Cyber (Attack Affects Developers and Contractors)

Retrieved 2021-01-13

Sunspot malware scoured servers for SolarWinds builds to trojanize them

Mimecast compromised by a threat actor | 2021-01-13 (Security Magazine)

Mimecast Says Attackers Stole Certificate, Targeted Customers' Email (Decipher)

Retrieved 2021-01-12

SolarWinds: What Hit Us Could Hit Others — Krebs on Security

The Hack Roundup: SolarWinds Shares Details on How Attackers Inserted Backdoor (Nextgov)

Email security firm Mimecast says hackers hijacked its products to spy on customers (Reuters)

SolarWinds Discloses Earlier Evidence of Hack (WSJ)

5 Things To Know About The Mimecast Hack And Stock Drop

Retrieved 2021-01-10

Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News (Latest Hacker News and IT Security News)

Retrieved 2021-01-09

SolarWinds Malware Arsenal Widens with Raindrop (tpost)

Retrieved 2021-01-08

The SolarWinds Hack

CEO Refutes Reports of Involvement in SolarWinds Campaign (Infosecurity Magazine)

Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek.Com)

Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments (CISA)

Retrieved 2021-01-07

Implications of Russian Hacking of SolarWinds

CISA: SolarWinds Hackers Got Into Networks by Guessing Passwords (Nextgov)

NSA Warns That Russian Hackers Are Targeting Virtual Workspaces (Nextgov)

CISA: Hackers access to federal networks without SolarWinds - (FCW)

An Update on SolarWinds (JetBrains Blog)

FireEye's Mandia: 'Severity (Zero Alert' Led to ...)

Retrieved 2021-01-06

Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (nyt)

FBI probe of major hack includes project-management software from JetBrains: sources (Reuters)

Statement on the story from The New York Times regarding JetBrains and SolarWinds (JetBrains Blog)

Department of Justice Statement on Solarwinds Update | OPA (DOJ)

Retrieved 2021-01-05

Latest on the SVR’s SolarWinds Hack (Schneier)

SolarWinds hack endangering cloud services’ API keys (DevOps Online)

Researchers say cloud deployments of SolarWinds Orion could put API keys at risk (IT World Canada)

Retrieved 2021-01-04

SolarWinds hack may have been a global attack (TechRadar)

Retrieved 2020-12-31

The Real Culprit Behind SolarWinds: Remote Code Execution

Microsoft Hacked in Russia-Linked SolarWinds Cyberattack (WSJ)

Retrieved 2020-12-29

SolarWinds Orion: Fixes Aim to Block Sunburst and Supernova

Golden SAML Revisited: The Solorigate Connection (secblvd)

Retrieved 2020-12-28

How hacked is hacked? Here’s a ‘hack scale’ to better understand the SolarWinds cyberattacks (GeekWire)

Retrieved 2020-12-26

A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware

VU#843464 (SolarWinds Orion API authentication bypass allows remote command execution)

SolarWinds releases updated advisory for new SUPERNOVA malware

Retrieved 2020-12-24

SolarWinds Hack Infected Critical Infrastructure

Suspected Russian hackers used Microsoft vendors to breach customers (Reuters)

Russians Are Believed to Have Used Microsoft Resellers in Cyberattacks (nyt)

Microsoft, FireEye confirm SolarWinds supply chain attack (ZDNet)

Hack of Federal Agencies Shows Cyber Dangers to Supply Chains (WSJ)

Emergency directive: Global governments issue alert after FireEye hack is linked to SolarWinds supply chain attack (The Daily Swig)

Retrieved 2020-12-23

Bloodhound walkthrough. A Tool for Many Tradecrafts (Pen Test Partners)

Massive data breach may have been discovered due to 'unforced error' by suspected Russian hackers (CNNPolitics)

List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors

Cloud infrastructure is not immune from the SolarWinds Orion breach (Ermetic)

Retrieved 2020-12-22

Infosec pros warned of second SolarWinds Orion vulnerability (IT World Canada News)

Retrieved 2020-12-21

CISA warns that SolarWinds software may not be only entry point in latest breaches - (GCN)

A second hacking group has targeted SolarWinds systems (ZDNet)

Trump's reluctance to name Russia in SolarWinds hack will hamper recovery (Axios)

Advisory for SolarWinds Orion Vulnerabilities (secblvd)

Microsoft: A 2nd Group May Have Also Breached SolarWinds

VMware Issues Updated Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)

Retrieved 2020-12-18

Hackers last year conducted a 'dry run' of SolarWinds breach

VMware Flaw Used To Hit Choice Targets In SolarWinds Hack: Report

VMware Flaw a Vector in SolarWinds Breach? — Krebs on Security

Erlang Authenticated Remote Code Execution :: malicious.link — welcome

Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)

NSA on Authentication Hacks (Related to SolarWinds Breach) (Schneier)

VMware Issues Statement on SolarWinds Supply Chain Compromise and CVE 2020 (4006)

Mitigating Cloud Supply-chain Risk: Office 365 and Azure Exploited in Massive U.S. Government Hack (CipherCloud)

Retrieved 2020-12-17

Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations (CISA)

The SolarWinds Orion SUNBURST supply-chain Attack (TRUESEC Blog)

CISA: SolarWinds Not the Only Initial Attack Vector ...

SolarWinds, GitHub Leaks and Securing the Software Supply Chain (secblvd)

Supply Chain Attack: CISA Warns of New Initial Attack Vectors Posing 'Grave Risk' (SecurityWeek.Com)

Feds: SolarWinds Attack ‘Poses a Grave Risk’ To Government, Business

Retrieved 2020-12-16

SolarWinds said no other products were compromised in recent hack (ZDNet)

New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor

Sunburst Trojan (What You Need to Know)

Federal Agencies, Think Tank Targeted in Russian Hacking Spree

SolarWinds Exposed GitHub Repository Publicly since 2018

Retrieved 2020-12-15

SolarWinds' Update Server Could Be Accessed in 2019 Using Password 'solarwinds123': Report

Giant U.S. Computer Security Breach Exploited Very Common Software (Scientific American)

Microsoft’s Role In SolarWinds Breach Comes Under Scrutiny

Lessons on Identity Security From Recent High (Profile Breaches)

CISA Warns Agencies of SolarWinds Orion Compromise via Emergency Directive (gcwire)

Hackers used SolarWinds' dominance against it in sprawling spy campaign (Reuters)

Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk

Suspected Russian Cyberattack Began With Ubiquitous Software Company (WSJ)

How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication (Schneier)

Retrieved 2020-12-14

SolarWinds Exposed FTP Credentials Publicly in a Github Repo

Catching Bloodhound Before it Bites (CrowdStrike)

The SolarWinds Breach: Why Your Work Computers Are Down Today (Lawfare)

Retrieved 2020-12-13

SolarWinds CyberAttack and FireEye Red Team Tools Coverage

U.S. Agencies Hacked in Foreign Cyber Espionage Campaign Linked to Russia (WSJ)

Retrieved 2020-12-08

red_team_tool_countermeasures/CVEs_red_team_tools.md at master · fireeye/red_team_tool_countermeasures (GitHub)

Retrieved 2020-12-07

Russian State (Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials)

US think tank breached three times in a row by SolarWinds hackers

Retrieved 2020-12-03

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address command injection vulnerability

Retrieved 2020-12-01

Agencies Need to Improve Implementation of Federal Approach to Securing Systems and Protecting against Intrusions

Retrieved 2019-03-20

I'm in your cloud, reading everyone's emails (hacking Azure AD via Active Directory)

Retrieved 2018-11-18

How to create a backdoor to Azure AD (part 1: Identity federation)