ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover all things SolarWinds:
- An overview of the campaign and event timelines
- SolarWinds' SEC filing and its implications
- Early indicators of compromise, including public FTP creds and an access listing
- What we can expect from this attack as time goes on
Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-18-december
***Resources from this week’s podcast***
Microsoft: https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/
SolarWinds: https://www.solarwinds.com/securityadvisory
FTP Creds (2019): https://savebreach.com/solarwinds-credentials-exposure-led-to-us-government-fireye-breach/
SEC Filing: https://portal.pannus.uk/client/intelligence/incident/67083793 https://www.sec.gov/ix?doc=/Archives/edgar/data/1739942/000162828020017451/swi-20201214.htm
Dark Halo: https://portal.pannus.uk/client/intelligence/incident/67128769 https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/
SolarWinds Blog: https://www.digitalshadows.com/blog-and-research/solarwinds-compromise-what-security-teams-need-to-know/