SolarWinds: Between The Clouds

SolarWinds: Between The Clouds

Take a deep dive into the Orion platform's access permissions and how an attacker can leverage these permissions to their advantage. The post SolarWinds: Between The Clouds appeared first on Radware Blog ...
Hackers Didn’t Only Use SolarWinds to Break In, Says CISA

Hackers Didn’t Only Use SolarWinds to Break In, Says CISA

It wasn’t just the SolarWinds supply-chain hack. There were other ways that the “Russian” hackers broke into countless government agencies and private organizations ...
Security Boulevard
Were you targeted by SUNBURST? Image credit: NASA

Robust Indicators of Compromise for SUNBURST

There has been a great deal of confusion regarding what network based Indicators of Compromise (IOC) SolarWinds Orion customers can use to self assess whether or not they have been targeted after ...
Sunburst Malware Scanner Image

SUNBURST – Where We Are Now – 2021

Many of us spent the holidays hunting for Solarwinds backdoors. So where are we now? What did we learn? Whats left to be done? SUNBURST in 2021. The post SUNBURST – Where ...
Sunburst stages 1 to 3 (passive, associated and active)

Finding Targeted SUNBURST Victims with pDNS

Our SunburstDomainDecoder tool can now be used to identify SUNBURST victims that have been explicitly targeted by the attackers. The only input needed is passive DNS (pDNS) data for avsvmcloud.com subdomains. Companies ...

Solar Winds Blow Hard

Unbelievable! But true. The enormous hack, purportedly by Russia (per Secretary of State Mike Pompeo and others), of major U.S. government agencies and the U.S.’s biggest corporations—apparently some 18,000 organizations according to ...

Cyber Security Roundup for January 2021

A suspected nation-state sophisticated cyber-attack of SolarWinds which led to the distribution of a tainted version the SolarWinds Orion network monitoring tool, compromising their customers, dominated the cyber headlines in mid-December 2020.  ...
SUNBURST Security Applications Chart

Extracting Security Products from SUNBURST DNS Beacons

The latest version of our SunburstDomainDecoder (v1.7) can be used to reveal which endpoint protection applications that are installed on trojanized SolarWinds Orion deployments. The security application info is extracted from DNS ...
SolarWinds

Best of 2020: The SolarWinds Supply Chain Hack: What You Need to Know

As we close out 2020, we at Security Boulevard wanted to highlight the five most popular articles of the year. Following is the first in our series of the Best of 2020 ...
Security Boulevard
Cyber Strategy

Does the U.S. Need a National Cyber Strategy?

As high-profile hacks mount, should the government be involved in creating and enforcing a national cyber strategy? The number of identified companies and government entities that were among the 17,000+ compromised in ...
Security Boulevard