December 15, 2020

The Role of Admin Credentials in the SolarWinds Attack

I wanted to share my thoughts on the SolarWinds attack that has been used to target government agencies as well as other private/public companies. FireEye has an excellent write-up ( Highly Evasive Attacker Leverages SolarWinds Supply Chain to CompromiseMultiple Global Victims With SUNBURST Backdoor ) and I encourage everyone to read it to familiarize yourself with the exploit and attack paths. […]