Solarigate
Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example
Ben Reardon – Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software ...
Finding SUNBURST Backdoor with Zeek Logs & Corelight
John Gamble, Director of Product Marketing, Corelight FireEye’s threat research team has discovered a troubling new supply chain attack targeting SolarWind’s Orion IT monitoring and management platform. The attack trojanizes Orion software ...
