John Gamble, Author at Security Boulevard
Finding SUNBURST Backdoor with Zeek Logs & Corelight

Finding SUNBURST Backdoor with Zeek Logs & Corelight

John Gamble, Director of Product Marketing, Corelight FireEye’s threat research team has discovered a troubling new supply chain attack targeting SolarWind’s Orion IT monitoring and management platform. The attack trojanizes Orion software updates to deliver malware called SUNBURST, which opens a stealthy backdoor for command-and-control and other malicious activity that ... Read More
Meet the Corelight CTF tournament winners

Meet the Corelight CTF tournament winners

By John Gamble, Director of Product Marketing, Corelight This summer, Corelight hosted a virtual CTF tournament where hundreds of players raced to solve security challenges using Zeek data in Splunk and Elastic. After the preliminary rounds,  we invited the top performers back for a champions round and crowned the tournament ... Read More