Malpedia Library

Click here to download all references as Bib-File.•

2022-11-02 ⋅ Blackberry ⋅ Blackberry Research
RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom
ROMCOM RAT RomCom

2021-11-08 ⋅ nccgroup ⋅ Fox IT
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
TiltedTemple

2021-11-08 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access

2021-10-22 ⋅ Medium Jang ⋅ Jang
50 Shades of SolarWinds Orion Deserialization (Part 1: CVE-2021–35215)

2021-10-21 ⋅ CrowdStrike ⋅ Alex Clinton, Tasha Robinson
Stopping GRACEFUL SPIDER: Falcon Complete’s Fast Response to Recent SolarWinds Serv-U Exploit Campaign
Cobalt Strike FlawedGrace TinyMet

2021-09-29 ⋅ Kaspersky Labs ⋅ Ivan Kwiatkowski, Pierre Delcher
DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris

2021-09-02 ⋅ Microsoft ⋅ Microsoft Offensive Research & Security Engineering team
A deep-dive into the SolarWinds Serv-U SSH vulnerability (DEV-0322)

2021-09-02 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Autodesk reveals it was targeted by Russian SolarWinds hackers
SUNBURST

2021-07-30 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices

2021-07-13 ⋅ YouTube ( Matt Soseman) ⋅ Matt Soseman
Solarwinds and SUNBURST attacks compromised my lab!
Cobalt Strike Raindrop SUNBURST TEARDROP

2021-07-13 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit

2021-07-12 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
SolarWinds patches critical Serv-U vulnerability (CVE-2021-35211) exploited in the wild

2021-07-09 ⋅ Solarwind ⋅ Solarwind
Serv-U Remote Memory Escape Vulnerability CVE-2021-35211 (exploited in the wild)

2021-06-01 ⋅ SANS ⋅ Jake Williams, Kevin Haley
A Contrarian View on SolarWinds
Cobalt Strike Raindrop SUNBURST TEARDROP

2021-05-19 ⋅ The Record ⋅ Adam Janofsky
SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019

2021-05-14 ⋅ CISA ⋅ US-CERT
Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST

2021-05-08 ⋅ The Record ⋅ Catalin Cimpanu
SolarWinds says fewer than 100 customers were impacted by supply chain attack
SUNBURST

2021-05-07 ⋅ SolarWinds ⋅ Solarwind
An Investigative Update of the Cyberattack
SUNBURST

2021-04-22 ⋅ RiskIQ ⋅ RiskIQ
SolarWinds: Advancing the Story
SUNBURST

2021-04-16 ⋅ npr ⋅ Dina Temple-Raston
A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack