Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-29Ivan Kwiatkowski, Pierre Delcher
@online{kwiatkowski:20210929:darkhalo:d81f7d2, author = {Ivan Kwiatkowski and Pierre Delcher}, title = {{DarkHalo after SolarWinds: the Tomiris connection}}, date = {2021-09-29}, url = {https://securelist.com/darkhalo-after-solarwinds-the-tomiris-connection/104311/}, language = {English}, urldate = {2021-10-01} } DarkHalo after SolarWinds: the Tomiris connection
tomiris
2021-09-02MicrosoftMicrosoft Offensive Research & Security Engineering team
@online{team:20210902:deepdive:fe91071, author = {Microsoft Offensive Research & Security Engineering team}, title = {{A deep-dive into the SolarWinds Serv-U SSH vulnerability (DEV-0322)}}, date = {2021-09-02}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/09/02/a-deep-dive-into-the-solarwinds-serv-u-ssh-vulnerability/}, language = {English}, urldate = {2021-09-06} } A deep-dive into the SolarWinds Serv-U SSH vulnerability (DEV-0322)
2021-09-02Bleeping ComputerSergiu Gatlan
@online{gatlan:20210902:autodesk:a947f3f, author = {Sergiu Gatlan}, title = {{Autodesk reveals it was targeted by Russian SolarWinds hackers}}, date = {2021-09-02}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/autodesk-reveals-it-was-targeted-by-russian-solarwinds-hackers/}, language = {English}, urldate = {2021-09-06} } Autodesk reveals it was targeted by Russian SolarWinds hackers
SUNBURST
2021-07-30Bleeping ComputerSergiu Gatlan
@online{gatlan:20210730:doj:27f36c0, author = {Sergiu Gatlan}, title = {{DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices}}, date = {2021-07-30}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/doj-solarwinds-hackers-breached-emails-from-27-us-attorneys-offices/}, language = {English}, urldate = {2021-08-02} } DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices
2021-07-13YouTube ( Matt Soseman)Matt Soseman
@online{soseman:20210713:solarwinds:cb7df1d, author = {Matt Soseman}, title = {{Solarwinds and SUNBURST attacks compromised my lab!}}, date = {2021-07-13}, organization = {YouTube ( Matt Soseman)}, url = {https://www.youtube.com/watch?v=GfbxHy6xnbA}, language = {English}, urldate = {2021-07-21} } Solarwinds and SUNBURST attacks compromised my lab!
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-07-13MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
@online{mstic:20210713:microsoft:5394367, author = {Microsoft Threat Intelligence Center (MSTIC)}, title = {{Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit}}, date = {2021-07-13}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit/}, language = {English}, urldate = {2021-07-20} } Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit
2021-07-12Bleeping ComputerSergiu Gatlan
@online{gatlan:20210712:solarwinds:5f00d9a, author = {Sergiu Gatlan}, title = {{SolarWinds patches critical Serv-U vulnerability (CVE-2021-35211) exploited in the wild}}, date = {2021-07-12}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/solarwinds-patches-critical-serv-u-vulnerability-exploited-in-the-wild/}, language = {English}, urldate = {2021-07-20} } SolarWinds patches critical Serv-U vulnerability (CVE-2021-35211) exploited in the wild
2021-07-09SolarwindSolarwind
@online{solarwind:20210709:servu:53e30f0, author = {Solarwind}, title = {{Serv-U Remote Memory Escape Vulnerability CVE-2021-35211 (exploited in the wild)}}, date = {2021-07-09}, organization = {Solarwind}, url = {https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211}, language = {English}, urldate = {2021-07-20} } Serv-U Remote Memory Escape Vulnerability CVE-2021-35211 (exploited in the wild)
2021-06-01SANSKevin Haley, Jake Williams
@online{haley:20210601:contrarian:6aff18c, author = {Kevin Haley and Jake Williams}, title = {{A Contrarian View on SolarWinds}}, date = {2021-06-01}, organization = {SANS}, url = {https://www.sans.org/webcasts/contrarian-view-solarwinds-119515}, language = {English}, urldate = {2021-06-21} } A Contrarian View on SolarWinds
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-05-19The RecordAdam Janofsky
@online{janofsky:20210519:solarwinds:5c31adf, author = {Adam Janofsky}, title = {{SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019}}, date = {2021-05-19}, organization = {The Record}, url = {https://therecord.media/solarwinds-ceo-apologizes-for-blaming-an-intern-says-attack-may-have-started-in-january-2019/}, language = {English}, urldate = {2021-05-26} } SolarWinds CEO apologizes for blaming an intern, says attack may have started in January 2019
2021-05-14CISAUS-CERT
@online{uscert:20210514:analysis:f0b767a, author = {US-CERT}, title = {{Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise}}, date = {2021-05-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-134a}, language = {English}, urldate = {2021-07-19} } Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-05-08The RecordCatalin Cimpanu
@online{cimpanu:20210508:solarwinds:501c002, author = {Catalin Cimpanu}, title = {{SolarWinds says fewer than 100 customers were impacted by supply chain attack}}, date = {2021-05-08}, organization = {The Record}, url = {https://therecord.media/solarwinds-says-fewer-than-100-customers-were-impacted-by-supply-chain-attack}, language = {English}, urldate = {2021-05-11} } SolarWinds says fewer than 100 customers were impacted by supply chain attack
SUNBURST
2021-05-07SolarWindsSolarwind
@online{solarwind:20210507:investigative:54c699d, author = {Solarwind}, title = {{An Investigative Update of the Cyberattack}}, date = {2021-05-07}, organization = {SolarWinds}, url = {https://www.sec.gov/ix?doc=/Archives/edgar/data/1739942/000173994221000076/swi-20210507.htm}, language = {English}, urldate = {2021-05-11} } An Investigative Update of the Cyberattack
SUNBURST
2021-04-22RiskIQRiskIQ
@online{riskiq:20210422:solarwinds:83581ea, author = {RiskIQ}, title = {{SolarWinds: Advancing the Story}}, date = {2021-04-22}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/9a515637}, language = {English}, urldate = {2021-04-28} } SolarWinds: Advancing the Story
SUNBURST
2021-04-16nprDina Temple-Raston
@online{templeraston:20210416:worst:4086d6c, author = {Dina Temple-Raston}, title = {{A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack}}, date = {2021-04-16}, organization = {npr}, url = {https://www.npr.org/2021/04/16/985439655/a-worst-nightmare-cyberattack-the-untold-story-of-the-solarwinds-hack}, language = {English}, urldate = {2021-04-19} } A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack
2021-04-15Government of CanadaGovernment of Canada
@online{canada:20210415:statement:2e6f28b, author = {Government of Canada}, title = {{Statement on SolarWinds Cyber Compromise}}, date = {2021-04-15}, organization = {Government of Canada}, url = {https://www.canada.ca/en/global-affairs/news/2021/04/statement-on-solarwinds-cyber-compromise.html}, language = {English}, urldate = {2021-04-16} } Statement on SolarWinds Cyber Compromise
2021-04-15GOV.UKForeign Commonwealth & Development Office
@online{office:20210415:russia:c3c6e21, author = {Foreign Commonwealth & Development Office}, title = {{Russia: UK exposes Russian involvement in SolarWinds cyber compromise}}, date = {2021-04-15}, organization = {GOV.UK}, url = {https://www.gov.uk/government/news/russia-uk-exposes-russian-involvement-in-solarwinds-cyber-compromise}, language = {English}, urldate = {2021-04-16} } Russia: UK exposes Russian involvement in SolarWinds cyber compromise
2021-04-15European CouncilCouncil of the European Union
@online{union:20210415:declaration:f535296, author = {Council of the European Union}, title = {{Declaration by the High Representative on behalf of the European Union expressing solidarity with the United States on the impact of the SolarWinds cyber operation}}, date = {2021-04-15}, organization = {European Council}, url = {https://www.consilium.europa.eu/en/press/press-releases/2021/04/15/declaration-by-the-high-representative-on-behalf-of-the-european-union-expressing-solidarity-with-the-united-states-on-the-impact-of-the-solarwinds-cyber-operation}, language = {English}, urldate = {2021-04-16} } Declaration by the High Representative on behalf of the European Union expressing solidarity with the United States on the impact of the SolarWinds cyber operation
SUNBURST
2021-03-29Associated PressAlan Suderman
@online{suderman:20210329:ap:a4795b8, author = {Alan Suderman}, title = {{AP sources: SolarWinds hack got emails of top DHS officials}}, date = {2021-03-29}, organization = {Associated Press}, url = {https://apnews.com/article/solarwinds-hack-email-top-dhs-officials-8bcd4a4eb3be1f8f98244766bae70395}, language = {English}, urldate = {2021-03-31} } AP sources: SolarWinds hack got emails of top DHS officials
2021-03-24ProofpointItir Clarke, Assaf Friedman
@online{clarke:20210324:oauth:5092c3f, author = {Itir Clarke and Assaf Friedman}, title = {{OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications}}, date = {2021-03-24}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/cloud-security/oauth-abuse-think-solarwindssolorigate-campaign-focus-cloud-applications}, language = {English}, urldate = {2021-03-25} } OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications