Tagged: SUNBURST

IT threat evolution Q1 2021 0

IT threat evolution Q1 2021

Targeted attacks Putting the ‘A’ into APT In December, SolarWinds, a well-known IT managed services provider, fell victim to a sophisticated supply-chain attack. The company’s Orion IT, a solution for monitoring and managing customers’...

APT trends report Q1 2021 0

APT trends report Q1 2021

For four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide...

Twenty-three SUNBURST Targets Identified 0

Twenty-three SUNBURST Targets Identified

Researchers found that out of all the companies and organizations that installed a backdoored SolarWinds Orion update, the majority were never targeted by the threat actors using Sunburst. Click here for image source link...

Sunburst backdoor – code overlaps with Kazuar 0

Sunburst backdoor – code overlaps with Kazuar

Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their...

SUNBURST Additional Technical Details 0

SUNBURST Additional Technical Details

Right before achieving out to its C2 server, SUNBURST performs many checks to be certain no assessment tools are existing. It checks procedure names, file write timestamps, and Energetic Listing (Advert) domains just before...