Lucene search
K

8 matches found

Securelist
Securelist
‱added 2021/09/29 2:45 p.m.‱20 views

DarkHalo after SolarWinds: the Tomiris connection

Background In December 2020, news of the SolarWinds incident took the world by storm. While supply-chain attacks were already a documented attack vector leveraged by a number of APT actors, this specific campaign stood out due to the extreme carefulness of the attackers and the high-profile natur...

7AI score
Exploits0
ThreatPost
ThreatPost
‱added 2021/09/29 2:45 p.m.‱27 views

‘Tomiris’ Backdoor Linked to SolarWinds Malware

Researchers have discovered a campaign delivering a previously unknown backdoor they’re calling Tomiris. Analysis of the new malware suggests that we may not have heard the last from the Nobelium advanced persistent threat APT behind the sprawling SolarWinds supply-chain attacks of 2020. Namely,...

6.8AI score
Exploits0References18
ThreatPost
ThreatPost
‱added 2021/04/13 8:24 p.m.‱42 views

COVID-Related Threats, PowerShell Attacks Lead Malware Surge

Surging numbers of COVID-themed attacks, PowerShell trojans, along with the SolarWinds compromise and the continued spread of Sunburst malware were major contributors to a massive spike in the number of observed attacks in the wild during the last half of 2020, which McAfee’s said averaged 588...

0.9AI score
Exploits0References15
The Hacker News
The Hacker News
‱added 2021/04/13 11:1 a.m.‱238 views

Detecting the "Next" SolarWinds-Style Cyber Attack

The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade internal systems long enough to gain access to the source code of the victim. Because of the far-reaching SolarWinds deployments, t...

0.1AI score
Exploits0
ThreatPost
ThreatPost
‱added 2021/01/06 3:5 p.m.‱30 views

Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack

The U.S. government has identified Russia as the “likely” culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which the feds characterized as ongoing. In ...

7.3AI score
Exploits0References20
Carbon Black Blog
Carbon Black Blog
‱added 2020/12/21 12:44 p.m.‱34 views

TAU Threat Analysis: Insights on the SolarWinds Breach

In light of the SolarWinds breach, we want to help our customers who may have questions as well as the larger security community. The VMware Carbon Black Threat Analysis Unit TAU has been steadfastly monitoring the evolving situation as we learn more about the supply chain compromise. We caught u...

0.3AI score
Exploits0
ThreatPost
ThreatPost
‱added 2020/12/18 7:1 p.m.‱126 views

Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims

More information has come to light about the Sunburst backdoor that could help defenders get a better handle on the scope of the sprawling SolarWinds espionage attack. The campaign is known to have affected six federal departments, Microsoft, FireEye and dozens of others so far. Sunburst, a.k.a...

7.3AI score
Exploits0References15
Trellix
Trellix
‱added 2020/12/17 12:0 a.m.‱9 views

Additional Analysis into the SUNBURST Backdoor | McAfee Blogs

ARCHIVED STORY Additional Analysis into the SUNBURST Backdoor Christiaan Beek · DEC 17, 2020 Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the broader campaign has resulted in detection against specific IoC...

Exploits0
Rows per page
Query Builder