Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-14splunkRyan Kovar
Using Splunk to Detect Sunburst Backdoor
SUNBURST
2020-12-14Palo Alto Networks Unit 42Unit42
PyMICROPSIA: New Information-Stealing Trojan from AridViper
2020-12-14IntezerTwitter (IntezerLabs)
Tweet on linux variant of Prometei botnet
Prometei
2020-12-14Olaf Hartong
FireEye Sunburst KQL Detections
SUNBURST
2020-12-14Twitter (@lordx64)Taha Karim
Tweet on a one liner to decrypt SUNBURST backdoor
SUNBURST
2020-12-14SophosRichard Harang
Sophos-ReversingLabs (SOREL) 20 Million sample malware dataset
2020-12-14Twitter (@ItsReallyNick)Nick Carr
Tweet on summarizing post-compromise actvity of UNC2452
SUNBURST
2020-12-14Cado SecurityChristopher Doman
Responding to Solarigate
SUNBURST
2020-12-14Twitter (@KimZetter)Kim Zetter
Tweet thread on microsoft report on Solarwind supply chain attack by UNC2452
SUNBURST
2020-12-13HITBSecConfJuan Andrés Guerrero-Saade
The Work of Cyber in the Age of Mechanical Reproduction
Hopscotch
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-13Github (fireeye)FireEye
SUNBURST Countermeasures
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-13Medium (Cryptax)Axelle Apvrille
Decrypting strings with a JEB script
2020-12-13SlideShare (ChiEnAshleyShen)Chi-en Shen, Steve Su
From ThreatHunting to Campaign Tracking
Xtreme RAT
2020-12-13CISACISA
Active Exploitation of SolarWinds Software
SUNBURST
2020-12-13FireEyeKevin Mandia
Global Intrusion Campaign Leverages Software Supply Chain Compromise
2020-12-13MicrosoftMicrosoft Security Intelligence
Trojan:MSIL/Solorigate.B!dha
SUNBURST
2020-12-13VX-Underground
Directory: /samples/Exotic/UNC2452/SolarWinds Breach/
SUNBURST
2020-12-13MicrosoftMicrosoft Security Response Center
Customer Guidance on Recent Nation-State Cyber Attacks
2020-12-13MicrosoftJohn Lambert
Important steps for customers to protect themselves from recent nation-state cyberattacks