Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-22RiskIQRiskIQ
@online{riskiq:20210422:solarwinds:83581ea, author = {RiskIQ}, title = {{SolarWinds: Advancing the Story}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/9a515637}, language = {English}, urldate = {2021-04-28} } SolarWinds: Advancing the Story
SUNBURST
2021-04-16nprDina Temple-Raston
@online{templeraston:20210416:worst:4086d6c, author = {Dina Temple-Raston}, title = {{A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack}}, date = {2021-04-16}, organization = {npr}, url = {https://www.npr.org/2021/04/16/985439655/a-worst-nightmare-cyberattack-the-untold-story-of-the-solarwinds-hack}, language = {English}, urldate = {2021-04-19} } A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack
2021-04-15Government of CanadaGovernment of Canada
@online{canada:20210415:statement:2e6f28b, author = {Government of Canada}, title = {{Statement on SolarWinds Cyber Compromise}}, date = {2021-04-15}, organization = {Government of Canada}, url = {https://www.canada.ca/en/global-affairs/news/2021/04/statement-on-solarwinds-cyber-compromise.html}, language = {English}, urldate = {2021-04-16} } Statement on SolarWinds Cyber Compromise
2021-04-15GOV.UKForeign Commonwealth & Development Office
@online{office:20210415:russia:c3c6e21, author = {Foreign Commonwealth & Development Office}, title = {{Russia: UK exposes Russian involvement in SolarWinds cyber compromise}}, date = {2021-04-15}, organization = {GOV.UK}, url = {https://www.gov.uk/government/news/russia-uk-exposes-russian-involvement-in-solarwinds-cyber-compromise}, language = {English}, urldate = {2021-04-16} } Russia: UK exposes Russian involvement in SolarWinds cyber compromise
2021-04-15European CouncilCouncil of the European Union
@online{union:20210415:declaration:f535296, author = {Council of the European Union}, title = {{Declaration by the High Representative on behalf of the European Union expressing solidarity with the United States on the impact of the SolarWinds cyber operation}}, date = {2021-04-15}, organization = {European Council}, url = {https://www.consilium.europa.eu/en/press/press-releases/2021/04/15/declaration-by-the-high-representative-on-behalf-of-the-european-union-expressing-solidarity-with-the-united-states-on-the-impact-of-the-solarwinds-cyber-operation}, language = {English}, urldate = {2021-04-16} } Declaration by the High Representative on behalf of the European Union expressing solidarity with the United States on the impact of the SolarWinds cyber operation
SUNBURST
2021-03-29Associated PressAlan Suderman
@online{suderman:20210329:ap:a4795b8, author = {Alan Suderman}, title = {{AP sources: SolarWinds hack got emails of top DHS officials}}, date = {2021-03-29}, organization = {Associated Press}, url = {https://apnews.com/article/solarwinds-hack-email-top-dhs-officials-8bcd4a4eb3be1f8f98244766bae70395}, language = {English}, urldate = {2021-03-31} } AP sources: SolarWinds hack got emails of top DHS officials
2021-03-24ProofpointItir Clarke, Assaf Friedman
@online{clarke:20210324:oauth:5092c3f, author = {Itir Clarke and Assaf Friedman}, title = {{OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications}}, date = {2021-03-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/cloud-security/oauth-abuse-think-solarwindssolorigate-campaign-focus-cloud-applications}, language = {English}, urldate = {2021-03-25} } OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications
2021-03-17CISAUS-CERT
@techreport{uscert:20210317:solarwinds:3d7860a, author = {US-CERT}, title = {{SolarWinds and Active Directory/M365 Compromise: Detecting Advanced Persistent Threat Activity from Known Tactics, Techniques, and Procedures}}, date = {2021-03-17}, institution = {CISA}, url = {https://us-cert.cisa.gov/sites/default/files/publications/SolarWinds_and_AD-M365_Compromise-Detecting_APT_Activity_from_Known_TTPs.pdf}, language = {English}, urldate = {2021-03-19} } SolarWinds and Active Directory/M365 Compromise: Detecting Advanced Persistent Threat Activity from Known Tactics, Techniques, and Procedures
SUNBURST
2021-03-10US-CERTCISA
@online{cisa:20210310:remediating:23bf74d, author = {CISA}, title = {{Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise}}, date = {2021-03-10}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/remediating-apt-compromised-networks}, language = {English}, urldate = {2021-03-12} } Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-08Youtube (SANS Digital Forensics and Incident Response)Katie Nickels, Adam Pennington, Jen Burns
@online{nickels:20210308:star:083eb29, author = {Katie Nickels and Adam Pennington and Jen Burns}, title = {{STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R)}}, date = {2021-03-08}, organization = {Youtube (SANS Digital Forensics and Incident Response)}, url = {https://www.youtube.com/watch?v=LA-XE5Jy2kU}, language = {English}, urldate = {2021-03-11} } STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R)
Cobalt Strike SUNBURST TEARDROP
2021-02-26YouTube (Oversight Committee)Oversight Committee
@online{committee:20210226:weathering:6dfb09f, author = {Oversight Committee}, title = {{Weathering the Storm: The Role of Private Tech in the SolarWinds Breach and Ongoing Campaign}}, date = {2021-02-26}, organization = {YouTube (Oversight Committee)}, url = {https://www.youtube.com/watch?v=dV2QTLSecpc}, language = {English}, urldate = {2021-03-25} } Weathering the Storm: The Role of Private Tech in the SolarWinds Breach and Ongoing Campaign
SUNBURST
2021-02-24Bleeping ComputerSergiu Gatlan
@online{gatlan:20210224:nasa:646b084, author = {Sergiu Gatlan}, title = {{NASA and the FAA were also breached by the SolarWinds hackers}}, date = {2021-02-24}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/nasa-and-the-faa-were-also-breached-by-the-solarwinds-hackers/}, language = {English}, urldate = {2021-02-25} } NASA and the FAA were also breached by the SolarWinds hackers
SUNBURST
2021-02-17YouTube (The White House)Anne Neuberger
@online{neuberger:20210217:update:f24ad1e, author = {Anne Neuberger}, title = {{Update on Investigaton on Solarwinds supply chain attack from the Deputy National Security Advisor}}, date = {2021-02-17}, organization = {YouTube (The White House)}, url = {https://youtu.be/Ta_vatZ24Cs?t=59}, language = {English}, urldate = {2021-02-18} } Update on Investigaton on Solarwinds supply chain attack from the Deputy National Security Advisor
SUNBURST
2021-02-17NetresecErik Hjelmvik
@online{hjelmvik:20210217:targeting:6deceed, author = {Erik Hjelmvik}, title = {{Targeting Process for the SolarWinds Backdoor}}, date = {2021-02-17}, organization = {Netresec}, url = {https://netresec.com/?b=212a6ad}, language = {English}, urldate = {2021-02-18} } Targeting Process for the SolarWinds Backdoor
SUNBURST
2021-02-17apirroAriel Levy
@online{levy:20210217:detect:e5bdc1b, author = {Ariel Levy}, title = {{Detect and prevent the SolarWinds build-time code injection attack}}, date = {2021-02-17}, organization = {apirro}, url = {https://blog.apiiro.com/detect-and-prevent-the-solarwinds-build-time-code-injection-attack}, language = {English}, urldate = {2021-02-20} } Detect and prevent the SolarWinds build-time code injection attack
SUNBURST
2021-02-03TrustwaveTrustwave SpiderLabs
@techreport{spiderlabs:20210203:new:08a89eb, author = {Trustwave SpiderLabs}, title = {{New Vulnerabilities Discovered in SolarWinds Products by Trustwave SpiderLabs}}, date = {2021-02-03}, institution = {Trustwave}, url = {https://trustwave.azureedge.net/media/17653/solarwinds-vuln-fact-sheet-_final-222021.pdf}, language = {English}, urldate = {2021-02-04} } New Vulnerabilities Discovered in SolarWinds Products by Trustwave SpiderLabs
2021-02-03Sophos Managed Threat Response (MTR)Greg Iddon
@online{iddon:20210203:mtr:8eb9950, author = {Greg Iddon}, title = {{MTR casebook: Uncovering a backdoor implant in a SolarWinds Orion server}}, date = {2021-02-03}, organization = {Sophos Managed Threat Response (MTR)}, url = {https://news.sophos.com/en-us/2021/02/03/mtr-casebook-uncovering-a-backdoor-implant-in-a-solarwinds-orion-server/}, language = {English}, urldate = {2021-02-04} } MTR casebook: Uncovering a backdoor implant in a SolarWinds Orion server
RagnarLocker
2021-02-03SolarWindsSudhakar Ramakrishna
@online{ramakrishna:20210203:findings:7b36d12, author = {Sudhakar Ramakrishna}, title = {{Findings From Our Ongoing Investigations}}, date = {2021-02-03}, organization = {SolarWinds}, url = {https://orangematter.solarwinds.com/2021/02/03/findings-from-our-ongoing-investigations/}, language = {English}, urldate = {2021-02-09} } Findings From Our Ongoing Investigations
2021-02-02ReutersChristopher Bing, Jack Stubbs, Raphael Satter, Joseph Menn
@online{bing:20210202:exclusive:426eec4, author = {Christopher Bing and Jack Stubbs and Raphael Satter and Joseph Menn}, title = {{Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency - sources}}, date = {2021-02-02}, organization = {Reuters}, url = {https://www.reuters.com/article/us-cyber-solarwinds-china/exclusive-suspected-chinese-hackers-used-solarwinds-bug-to-spy-on-u-s-payroll-agency-sources-idUSKBN2A22K8}, language = {English}, urldate = {2021-02-04} } Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency - sources
2021-02-02The Wall Street JournalRobert McMillan
@online{mcmillan:20210202:hackers:57bcb4b, author = {Robert McMillan}, title = {{Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says}}, date = {2021-02-02}, organization = {The Wall Street Journal}, url = {https://www.wsj.com/articles/hackers-lurked-in-solarwinds-email-system-for-at-least-9-months-ceo-says-11612317963?mod=e2tw}, language = {English}, urldate = {2021-02-04} } Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says