SolarWinds Supply Chain Attack Uses SUNBURST Backdoor
https://www.mandiant.com/resources/blog/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor
Executive SummarySummarySunburst BackdoorWorldwide Victims Across Multiple VerticalsPost Compromise Activity and Detection OpportunitiesIn-Depth Malware AnalysisUnique CapabilitiesDelivery and InstallationDGA and BlocklistsNetwork Command and Control We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452.FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST.The attacker’s post compromise activity leverages multiple techniques to evade detection an… We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452.FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST.The attacker’s post compromise activity leverages multiple techniques to evade detection and obscure their activity, but these efforts also offer some opportunities for detection.The campaign is widespread, affecting public and private organizations around the world.See moreNew content will be added above the current area of focus upon selectionSee more on mandiant.comPublished: Jun 11, 2021 We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452. FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST. The attacker’s post compromise activity leverages multiple techniques to evade detection an… We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452. FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST. The attacker’s post compromise activity leverages multiple techniques to evade detection and obscure their activity, but these efforts also offer some opportunities for detection. The campaign is widespread, affecting public and private organizations around the world. Published: Jun 11, 2021
We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452.
FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST.
The attacker’s post compromise activity leverages multiple techniques to evade detection an…
The attacker’s post compromise activity leverages multiple techniques to evade detection and obscure their activity, but these efforts also offer some opportunities for detection.
The campaign is widespread, affecting public and private organizations around the world.
Published: Jun 11, 2021
DA: 45 PA: 46 MOZ Rank: 65