Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-31MicrosoftMSRC Team
Microsoft Internal Solorigate Investigation Update
SUNBURST
2020-12-28MicrosoftMicrosoft 365 Defender Team
Using Microsoft 365 Defender to protect against Solorigate
SUNBURST TEARDROP
2020-12-26The Washington PostEllen Nakashima
Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk
2020-12-22MicrosoftAlex Weinert
Azure AD workbook to help you assess Solorigate risk
SUNBURST
2020-12-21MicrosoftMSRC Team
Solorigate Resource Center
SUNBURST TEARDROP
2020-12-21MicrosoftTom Burt
Cyber Mercenaries Don’t Deserve Immunity
2020-12-21US Court of Appeals for the Ninth CourtCisco, Github, Google, Internet Association, LinkedIn, Microsoft, VMWare, WhatsApp
Case: 20-16408: WhatsApp et al. vs NSO Group
2020-12-21MicrosoftDetection and Response Team (DART)
Advice for incident responders on recovery from systemic identity compromises
2020-12-21MicrosoftAlex Weinert
Understanding "Solorigate"'s Identity IOCs - for Identity Vendors and their customers.
SUNBURST
2020-12-18MicrosoftAlex Weinert
Protecting Microsoft 365 from on-premises attacks
2020-12-18MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-18ReutersJoseph Menn
Exclusive: Microsoft breached in suspected Russian hack using SolarWinds - sources
2020-12-17ZDNetCatalin Cimpanu
Microsoft confirms it was also breached in recent SolarWinds supply chain hack
2020-12-17MicrosoftBrad Smith
A moment of reckoning: the need for a strong and global cybersecurity response
SUNBURST
2020-12-16Bleeping ComputerLawrence Abrams
FireEye, Microsoft create kill switch for SolarWinds backdoor
SUNBURST
2020-12-16MicrosoftShain Wray
SolarWinds Post-Compromise Hunting with Azure Sentinel
SUNBURST
2020-12-14Twitter (@KimZetter)Kim Zetter
Tweet thread on microsoft report on Solarwind supply chain attack by UNC2452
SUNBURST
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-13MicrosoftMicrosoft Security Intelligence
Trojan:MSIL/Solorigate.B!dha
SUNBURST
2020-12-13MicrosoftMicrosoft Security Response Center
Customer Guidance on Recent Nation-State Cyber Attacks