Weekly: Sunburst, Sunspot, and more on SolarWinds!

Digital Shadows

ShadowTalk hosts Alec, Charles, Austin, and Ivan bring you the latest in threat intelligence. This week they cover:

  • Significant updates to the SolarWinds incident
  • Overlaps of the "Sunburst" backdoor and malware known to be used by the believed Russia-affiliated APT "Turla"
  • Possible SolarWinds scam - SolarLeaks claiming to sell data stolen in SolarWinds attacks
  • The newly identified Sunspot malware
  • Mimecast reporting of a compromised certificate possibly related to SolarWinds - the team dives deeper
  • DarkSide ransomware decryptor keys being released and how DarkSide responded 

Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-15-january

***Resources from this week’s podcast***

Sunburst: https://securelist.com/sunburst-backdoor-kazuar/99981/

SolarLeaks: https://www.bleepingcomputer.com/news/security/solarleaks-site-claims-to-sell-data-stolen-in-solarwinds-attacks/

SolarWinds updates: https://orangematter.solarwinds.com/2021/01/11/new-findings-from-our-investigation-of-sunburst/

https://www.cyberscoop.com/mimecast-email-breach-solarwinds-russia/?category_news=technology

Sunspot: https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/

Covid-19 threat landscape updates: https://www.digitalshadows.com/blog-and-research/targets-and-predictions-for-the-covid-19-threat-landscape/

Dark Web Marketplaces And Cybercriminal Forums: https://www.digitalshadows.com/blog-and-research/tracing-dark-web-marketplaces-and-cybercriminal-forums/ 

ShadowTalk Email: shadowtalk@digitalshadows.com

Previous Post
Weekly: CISA Security Advisory, IObit Attack, and more SolarWinds!
Weekly: CISA Security Advisory, IObit Attack, and more SolarWinds!

ShadowTalk hosts Stefano, Adam, Kim, and Dylan bring you the latest in threat intelligence.

Next Post
Weekly: SolarWinds Updates, TicketMaster Fraud, Apex Cyber Attack, and More!
Weekly: SolarWinds Updates, TicketMaster Fraud, Apex Cyber Attack, and More!

ShadowTalk hosts Stefano, Kim, Adam, and Dylan bring you the latest in threat intelligence.

×

Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!