Click here to download all references as Bib-File.
2021-02-25 ⋅ Microsoft ⋅ CodeQL queries to hunt for Solorigate activity SUNBURST |
2021-02-25 ⋅ Microsoft ⋅ Microsoft open sources CodeQL queries used to hunt for Solorigate activity SUNBURST |
2021-02-18 ⋅ Microsoft ⋅ Microsoft Internal Solorigate Investigation – Final Update |
2021-02-12 ⋅ InfoSec Handlers Diary Blog ⋅ AgentTesla Dropped Through Automatic Click in Microsoft Help File Agent Tesla |
2021-02-11 ⋅ Microsoft ⋅ Web shell attacks continue to rise |
2021-02-09 ⋅ Medium (@alex.birsan) ⋅ Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies |
2021-02-09 ⋅ Microsoft ⋅ Windows Win32k Elevation of Privilege Vulnerability CVE-2021-1732 (exploited ITW) |
2021-02-09 ⋅ Microsoft ⋅ 3 Ways to Mitigate Risk When Using Private Package Feeds |
2021-02-09 ⋅ Microsoft ⋅ Multiple Security Updates Affecting TCP/IP: CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086 |
2021-02-05 ⋅ Bleeping Computer ⋅ Microsoft warns of increasing OAuth Office 365 phishing attacks |
2021-02-02 ⋅ Click All the Things! Blog ⋅ XLSB: Analyzing a Microsoft Excel Binary Spreadsheet |
2021-02-01 ⋅ Microsoft ⋅ What tracking an attacker email infrastructure tells us about persistent cybercriminal operations Dridex Emotet Makop Ransomware SmokeLoader TrickBot |
2021-01-28 ⋅ Microsoft ⋅ ZINC attacks against security researchers ComeBacker Klackring |
2021-01-21 ⋅ Medium CSIS Techblog ⋅ Silencing Microsoft Defender for Endpoint using firewall rules |
2021-01-20 ⋅ Microsoft ⋅ Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop Cobalt Strike SUNBURST TEARDROP |
2021-01-19 ⋅ Malwarebytes ⋅ Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments |
2021-01-19 ⋅ FireEye ⋅ Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 |
2021-01-19 ⋅ Mandiant ⋅ Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER) |
2021-01-14 ⋅ Microsoft ⋅ Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender SUNBURST |
2021-01-08 ⋅ US-CERT ⋅ Alert (AA21-008A): Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments SUNBURST SUPERNOVA |