Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-02BlackberryBlackberry Research
RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom
ROMCOM RAT RomCom
2021-11-08nccgroupFox IT
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
TiltedTemple
2021-11-08NCC GroupRIFT: Research and Intelligence Fusion Team
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
2021-10-22Medium JangJang
50 Shades of SolarWinds Orion Deserialization (Part 1: CVE-2021–35215)
2021-10-21CrowdStrikeAlex Clinton, Tasha Robinson
Stopping GRACEFUL SPIDER: Falcon Complete’s Fast Response to Recent SolarWinds Serv-U Exploit Campaign
Cobalt Strike FlawedGrace TinyMet
2021-10-21CrowdStrikeAlex Clinton, Tasha Robinson
Stopping GRACEFUL SPIDER: Falcon Complete’s Fast Response to Recent SolarWinds Serv-U Exploit Campaign
Cobalt Strike FlawedGrace TinyMet
2021-09-29Kaspersky LabsIvan Kwiatkowski, Pierre Delcher
DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris
2021-09-29Kaspersky LabsIvan Kwiatkowski, Pierre Delcher
DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris
2021-09-02MicrosoftMicrosoft Offensive Research & Security Engineering team
A deep-dive into the SolarWinds Serv-U SSH vulnerability (DEV-0322)
2021-09-02Bleeping ComputerSergiu Gatlan
Autodesk reveals it was targeted by Russian SolarWinds hackers
SUNBURST
2021-07-30Bleeping ComputerSergiu Gatlan
DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices
2021-07-13YouTube ( Matt Soseman)Matt Soseman
Solarwinds and SUNBURST attacks compromised my lab!
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-07-13MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit
2021-07-12Bleeping ComputerSergiu Gatlan
SolarWinds patches critical Serv-U vulnerability (CVE-2021-35211) exploited in the wild
2021-07-09SolarwindSolarwind
Serv-U Remote Memory Escape Vulnerability CVE-2021-35211 (exploited in the wild)
2021-06-01SANSJake Williams, Kevin Haley
A Contrarian View on SolarWinds
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-06-01SANSJake Williams, Kevin Haley
A Contrarian View on SolarWinds
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-05-19The RecordAdam Janofsky
SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019
2021-05-14CISAUS-CERT
Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-05-08The RecordCatalin Cimpanu
SolarWinds says fewer than 100 customers were impacted by supply chain attack
SUNBURST