Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2021/09/30 7:40 a.m.36 views

New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack

Cybersecurity researchers on Wednesday disclosed a previously undocumented backdoor likely designed and developed by the Nobelium advanced persistent threat APT behind last year's SolarWinds supply chain attack, joining the threat actor's ever-expanding arsenal of hacking tools...

7.7AI score
Exploits0
Securelist
Securelist
added 2021/09/29 2:45 p.m.20 views

DarkHalo after SolarWinds: the Tomiris connection

Background In December 2020, news of the SolarWinds incident took the world by storm. While supply-chain attacks were already a documented attack vector leveraged by a number of APT actors, this specific campaign stood out due to the extreme carefulness of the attackers and the high-profile natur...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/29 2:45 p.m.27 views

‘Tomiris’ Backdoor Linked to SolarWinds Malware

Researchers have discovered a campaign delivering a previously unknown backdoor they’re calling Tomiris. Analysis of the new malware suggests that we may not have heard the last from the Nobelium advanced persistent threat APT behind the sprawling SolarWinds supply-chain attacks of 2020. Namely,...

6.8AI score
Exploits0References18
CISA
CISA
added 2021/04/15 12:0 a.m.39 views

CISA and CNMF Analysis of SolarWinds-related Malware

CISA and the Department of Defense DoD Cyber National Mission Force CNMF have analyzed additional SolarWinds-related malware variants—referred to as SUNSHUTTLE and SOLARFLARE. One of the analyzed files was identified as a China Chopper webshell server-side component that was observed on a network...

6.8AI score
Exploits0References5
The Hacker News
The Hacker News
added 2021/03/05 9:20 a.m.61 views

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a "sophisticated second-stage backdoor," as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat...

0.3AI score
Exploits0
FireEye
FireEye
added 2021/03/04 12:0 a.m.128 views

New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452

Executive Summary In August 2020, a U.S.-based entity uploaded a new backdoor that we have named SUNSHUTTLE to a public malware repository. SUNSHUTTLE is a second-stage backdoor written in GoLang that features some detection evasion capabilities. Mandiant observed SUNSHUTTLE at a victim compromis...

1AI score
Exploits0References2
Rows per page
Query Builder