Weekly: SolarWinds Supply-Chain Attack Round-Up

Digital Shadows

ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover all things SolarWinds:

  • An overview of the campaign and event timelines
  • SolarWinds' SEC filing and its implications
  • Early indicators of compromise, including public FTP creds and an access listing
  • What we can expect from this attack as time goes on

Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-18-december

***Resources from this week’s podcast***

Microsoft: https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/

SolarWinds: https://www.solarwinds.com/securityadvisory

FireEye: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

DomainTools: https://www.domaintools.com/resources/blog/unraveling-network-infrastructure-linked-to-the-solarwinds-hack?utm_source=Social&utm_medium=twitter&utm_campaign=SUNBURST#

FTP Creds (2019): https://savebreach.com/solarwinds-credentials-exposure-led-to-us-government-fireye-breach/

SEC Filing: https://portal.pannus.uk/client/intelligence/incident/67083793 https://www.sec.gov/ix?doc=/Archives/edgar/data/1739942/000162828020017451/swi-20201214.htm

Dark Halo: https://portal.pannus.uk/client/intelligence/incident/67128769 https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/

SolarWinds Blog: https://www.digitalshadows.com/blog-and-research/solarwinds-compromise-what-security-teams-need-to-know/

Previous Post
Weekly: SolarWinds Updates, TicketMaster Fraud, Apex Cyber Attack, and More!
Weekly: SolarWinds Updates, TicketMaster Fraud, Apex Cyber Attack, and More!

ShadowTalk hosts Stefano, Kim, Adam, and Dylan bring you the latest in threat intelligence.

Next Post
Weekly: FireEye Breach, Phishing for the Covid-19 Vaccine, and More!
Weekly: FireEye Breach, Phishing for the Covid-19 Vaccine, and More!

ShadowTalk hosts Stefano, Kim, and Adam bring you the latest in threat intelligence.

×

Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!