Thursday, December 24, 2020

SolarWinds collection of articles

Found site/blog by CIEX, Inc.

Updates 2020-12-23

These are listed by date of discovery--some are several days older
  1. SunBurst_DGA_Decode/decode.py at main · RedDrip7/SunBurst_DGA_Decode (GitHub)
  2. Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims (tpost)
  3. CISA Warns Agencies of SolarWinds Orion Compromise via Emergency Directive (gcwire)
  4. 'Very, very large' telecom organization and Fortune 500 company breached in SolarWinds hack (scmedia)
  5. NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources > National Security Agency Central Security Service > Article View 
  6. SolarWinds CyberAttack and FireEye Red Team Tools Coverage 
  7. SolarWinds breach raises stakes for NDAA Trump still threatens to veto (fednews)
  8. Erlang Authenticated Remote Code Execution :: malicious.link — welcome 
  9. SolarFlare Release: Password Dumper for SolarWinds Orion (secblvd)
  10. SolarWinds, GitHub Leaks and Securing the Software Supply Chain (secblvd)
  11. It's A Twister! Will SolarWinds Blow Cybersecurity Governance Reform Into The Boardroom? 
  12. All SentinelOne Customers Protected from SolarWinds SUNBURST Attack (bizwire)
  13. "Strategic Silence" and State (Sponsored Hacking: The US Gov't and SolarWinds)
  14. Little (known SolarWinds gets scrutiny over hack, stock sales)
  15. Top Democrat: 'Critical' that Pompeo brief senators on SolarWinds hack at State Dept. (hill)
  16. FireEye, Crowdstrike enjoy record days as SolarWinds hack leads to soaring security stocks (MarketWatch)
  17. DOE Update on Cyber Incident Related to Solar Winds Compromise (DOE)
  18. Florida Investigating Server Hacking Through SolarWinds Software 
  19. DOD has a leg up in mitigating potential SolarWinds breach, former officials say (FedScoop)
  20. Expert warned 'solarwinds123' password could expose firm: Report (BI)
  21. SolarWinds hack shows we need a 'whole of society' national cyber strategy (hill)
  22. Senators Ask IRS Whether Taxpayer Data Hit in SolarWinds Hack (Bloomberg)
  23. SolarWinds Breach: An RSAC Interview with Dmitri Alperovitch About Who, How and Why (RSA)
  24. FireEye, SolarWinds Breaches: Implications and Protections (eSecurityPlanet)
  25. SolarWinds Scandal Calls Attention to Supply Chain Security 
  26. SolarWinds Should Have Been More 'Vigilant': Palo Alto Networks CEO 
  27. DATA443 RELEASES STATEMENT ON FIREEYE AND SOLARWINDS HACK AND BREACH OTC Markets:ATDS 
  28. Was my workplace hit by SolarWinds hack? FAQ answers. (trib)
  29. The SolarWinds hack, and the danger of arrogance (scmedia)
  30. Qualys Researchers Identify 7+ Million Vulnerabilities Associated with SolarWinds/FireEye Breach by Analyzing Anonymized Vulnerabilities across Worldwide Customer Base (secblvd)
  31. SolarWinds Hack Blamed on Russia: What We Do and Don't Know (Bloomberg)
  32. Continue Clean (up of Compromised SolarWinds Software)
  33. Datto Offers All MSPs Free Scanner To Find Signs Of FireEye, SolarWinds Hack 
  34. The Solarwinds breach — What do CIOs need to do now? 
  35. CISA warns that SolarWinds software may not be only entry point in latest breaches - (GCN)
  36. SolarWinds Hack Throws Wrench In Private Equity's Most Profitable Market 
  37. More Hacking Attacks Found, Officials Warn of Risk to U.S. Government (nyt)
  38. CYBER CONFLICT DATASET 
  39. The Strategic Implications of SolarWinds (Lawfare)
  40. Orion Platform - Scalable IT Monitoring (SolarWinds)
  41. SolarWinds MSP To Revoke Digital Certificates For Tools, Issue New Ones As Breach Fallout Continues 
  42. The SolarWinds Compromise and the Strategic Challenge of the Information and Communications Technology Supply Chain (Council on Foreign Relations)
  43. SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security (secblvd)
  44. DOE confirms its systems were compromised by SolarWinds hack (Utility Dive)
  45. Q:CYBER spots lateral movement as used in the SolarWinds (Sunburst) calamity | State (insidenova.com)
  46. Experts say SolarWinds hack could impact Kern County businesses 
  47. Joe Biden Blames Russia For Huge SolarWinds Hack (HuffPost)
  48. Hack Suggests New Scope, Sophistication for Cyberattacks (WSJ)
  49. SolarWinds Hack Victims: From Tech Companies to a Hospital and University (WSJ)
  50. Alex Stamos on Twitter: "There is a long history of "trickle down" effects in cyber, where a technique honed by a major player becomes commonplace. China's 2000s APTs -> Iran/DPRK/teenagers in the 2010s. Stuxnet ->smart ransomware. If supply (chain a)
  51. Alex Stamos on Twitter: "@VickerySec So far, all of the activity that has been publicly discussed has fallen into the boundaries of what the US does regularly and what we explicitly excluded from the Obama (Xi deal. If we are going to set new red lines, th)
  52. Statement by President-elect Joe Biden on Cybersecurity (President-Elect Joe Biden)
  53. Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) (CISA)
  54. SolarWinds hack continues to spread: What you need to know (CNET)

Updates regarding SolarWinds 2020-12-22 

  1. SolarWinds Adviser Warned of Lax Security Years Before Hack(Bloomberg) From the article "Thornton-Trump said that in his experience SolarWinds didn't put enough investment into building a cybersecurity culture within the company."
  2. SolarWinds Achieves SOC 2 Type II Certification (orangematter 2019-06-12 
  3. Understanding "Solorigate"'s Identity IOCs - for Identity Vendors and their customers. (ms)
  4. SolarWinds Hack Victims: From Tech Companies to a Hospital and University (wsj)
  5. SUPERNOVA: A Novel .NET Webshell (paloalto)
  6. Microsoft identifies second hacking group affecting SolarWinds software (cyberscoop)
  7. Microsoft president calls SolarWinds hack an "act of recklessness" (arstechnica) 
  8. Russian hackers hit US government using widespread supply chain attack (arstechnica from 2020-12-14 
  9. Hackers last year conducted a 'dry run' of SolarWinds breach (yahoo)
  10. Treasury Department's Senior Leaders Were Targeted by Hacking
  11. Cyber- Photokeratitis - Some Thoughts On The Events Associated with UNC2452 (prevallion)

New articles recently discovered, updates 2020-12-21

  1. Billions spent on U.S. Defenses Failed to Detect Hack (nyt) 
  2. Richard Blumenthal: Classified briefing ... left me deeply alarmed 
  3. Second Hacking team targeting SolarWinds (reuters)
  4. FireEye CEO says hack "totally unique" (cbs video) 
  5. DebUNCing Attribution: tracking threat actors
  6. Chris Krebs says officials still tracking scope (msn) 
  7. Biden team and lawmakers raise alarms (wapo video)
  8. Giant U.S. Computer Security Breach Exploited Common Software (Scientific American) 
  9. How U.S. agencies' trust in untested software opened the door to hackers (politico) 
  10. A "do not infect" list from the hack. 
  11. MS Analyzes the DLL, finds second malware (MS) [somehow this failed to get into yesterday's list] 
  12. SolarWinds/SunBurst hash exclusions (googledoc) 
  13. Does SolarWInds change the rules (scmagazine)
  14. SolarWinds Hack is Historic Mess (wired)
  15. Continue Clean-Up of Compromised SolarWinds Software (tripwire) 
  16. MS Says 40 customers hit by ongoing hack (npr) 
  17. A hack Foretold (slate)

    An appropriate comment by Kate Moussouris, founder of @LutaSecurity: "So many illusions of control in these articles written about #SolarWinds No regulation is going to stop this from happening. No new requirements for certifications & attestations of security will make us less vulnerable. Knowing the ingredients in software won't fix it either"

Articles regarding SolarWinds, updated 2020-12-19

  1. A moment of reckoning: the need for a strong and global cybersecurity response (Brad Smith, MS) 
  2. FireEye Threat Research 
  3. Hacker group behind Treasure and Commerce breaches
  4. Hackers spied on US treasure emails
  5. Hackers have a clever way to bypass multi-factor auth
  6. Dark Halo Leverages SolarWinds Compromise to Breach
  7. ~18,000 organizations downloaded backdoor
  8. Sunburst countermeasures
  9.  Active Exploitation of SolarWinds Software | CISA
  10. Exposed FTP Credentails in GithubPage
    11. Hackers turned SolarWinds' dominance against it
  11. SolarWinds Update Server could be accessed in 2019 with simple password
    12. How hackers outed their massive cyberattack
  12. Disruptive cyber crisis engulfs multiple agencies
  13. SolarWinds 8-K filing
  14. Malicious domain in SolarWinds Hack turned into kill switch (Krebs)
  15. Some Customers And another version of the list
  16. SolarWinds hack could affect 18,000 customers (Krebs)
  17. ReDrip7/Sunburst decode
  18. Hackers behind Sunburst put lost of effort into avoiding detection (from twitter) And Threadreader unroll
  19. Sunburst: Next level of stealth (Reversing Labs)
  20. SolarWinds stock drops 22%; And significant stock sales before hack was announced (The Register) 
  21. SolarWinds Investors sold millions of Shares (exbulletin)
  22. Why the Sunburst attack is so serious (BBC) 
  23. SolarWinds Breach Used to Infiltrate Customer Networks (Infosec Handlers Diary 
  24. Hacking spree apparenlty reached into Microsoft (Reuters) 
  25. I Was the Homeland Security Adviser to Trump. We're Being Hacked. - The New York Times 
  26. Orion IT Management Platform Security Advisory (ServerCentral) 
  27. CISA Issues Emergency Directive regarding Orion The directive
  28. Hackers broke into Federal Agencies, officials suspect (nyt) 
  29. More hacking attacks found (nyt) 
  30. CISA: APT Compromise of Agencies, Infrastructure, Private sector 
  31. Investigators find evidence of new tactics (wapo) 
  32. Steps to take to protect from recent cyberattacks (MS) 
  33. Customer Guidance (MS Security Response Center) 
  34. Nuclear Weapons Agency hacked 
  35. SolarWInds not the only Initial Attack Vector
  36. MS Says that no customer data compromised with MS hack 
  37. MS identifies organizations targeted in attack 
  38. Hackers have been inside Austin city network for months 
  39. VMware Flaw a Vector in SolarWinds Breach? 
  40. The SolarWinds Orion SUNBURST supply-chain Attack (Truesec) 
  41. SolarWinds hackers broke into U.S. cable firm and Arizona county, web records show (reuters)
  42. Hacks Suggest New Scope, Sophistication for Cyberattacks 
  43. SolarWinds Security Advisory
  44. SolarWinds FAQ regarding the Security Advisory
on

3 comments:

  1. sweepingJanuary 21, 2022 at 3:49 PM

    I generally check this kind of article and I found your article which is related to my interest.TSCM Security Services Genuinely it is good and instructive information. Thankful to you for sharing an article like this.

    ReplyDelete
  2. Alia parkerFebruary 13, 2022 at 7:12 AM

    Phenomenal information, You are giving significant information. It is truly useful and authentic data for ourselves and everybody to build information. Keep sharing your information. Much thanks to you. Peruse more information about apices accreditation. home security lexington ky

    ReplyDelete
  3. volkanJuly 7, 2023 at 12:01 AM

    adana
    adıyaman
    afyon
    ağrı
    aksaray
    S2X1S

    ReplyDelete

Subscribe to: Post Comments (Atom)