Lucene search
K

11 matches found

Microsoft Secure
Microsoft Secure
added 2021/09/27 7:0 p.m.49 views

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...

8.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/09/27 7:0 p.m.39 views

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...

8.1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/05/28 1:13 p.m.46 views

Nobelium Phishing Campaign Poses as USAID

The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities. Microsoft Threat Intelligence Center MSTIC...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/03/30 4:54 p.m.46 views

SolarWinds Attackers Accessed DHS Emails, Report

The SolarWinds cyberattackers compromised the head of the Department of Homeland Security DHS under former president Trump and other top-ranking members of the department’s cybersecurity staff, according to a report. In the campaign, adversaries were able to use SolarWinds’ Orion network manageme...

0.1AI score
Exploits0References21
The Hacker News
The Hacker News
added 2021/03/01 9:19 a.m.6 views

SolarWinds Blames Intern for 'solarwinds123' Password Lapse

As cybersecurity researchers continue to piece together the sprawling SolarWinds supply chain attack, top executives of the Texas-based software services firm blamed an intern for a critical password lapse that went unnoticed for several years. The said password "solarwinds123" was originally...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/12 5:29 a.m.6 views

Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor

As the investigation into the SolarWinds supply-chain attack continues, cybersecurity researchers have disclosed a third malware strain that was deployed into the build environment to inject the backdoor into the company's Orion network monitoring platform. Called "Sunspot," the malignant tool ad...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/11 1:22 p.m.7 views

Researchers Find Links Between Sunburst and Russian Kazuar Malware

Cybersecurity researchers, for the first time, may have found a potential connection between the backdoor used in the SolarWinds hack to a previously known malware strain. In new research published by Kaspersky researchers today, the cybersecurity firm said it discovered several features that...

5.9AI score
Exploits0
Securelist
Securelist
added 2020/12/23 11:30 a.m.286 views

How we protect our users against the Sunburst backdoor

What happened SolarWinds, a well-known IT managed services provider, has recently become a victim of a cyberattack. Their product Orion Platform, a solution for monitoring and managing their customers IT infrastructure, was compromised by threat actors. This resulted in the deployment of a custom...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/22 9:14 a.m.46 views

A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says

As the probe into the SolarWinds supply chain attack continues, new digital forensic evidence has brought to light that a separate threat actor may have been abusing the IT infrastructure provider's Orion software to drop a similar persistent backdoor on target systems. "The investigation of the...

8AI score
Exploits0
Trellix
Trellix
added 2020/12/17 12:0 a.m.10 views

Additional Analysis into the SUNBURST Backdoor | McAfee Blogs

ARCHIVED STORY Additional Analysis into the SUNBURST Backdoor Christiaan Beek · DEC 17, 2020 Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the broader campaign has resulted in detection against specific IoC...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2020/12/15 12:0 a.m.1 views

Sunburst Backdoor Suspicious Traffic

Sunburst Backdoor Trojan is a malicious application that allows remote attackers to gain access to an affected system...

5.8AI score
Exploits0
Rows per page
Query Builder