Microsoft Releases New Info on SolarWinds Attack Chain
Threat actors went to elaborate lengths to maintain operational security around second-stage payload activation, company says.
Exploring the depths of cybercrime and espionage
Deep Dark Depths
Exploring the depths of cybercrime and espionage
VLC Media Player 3.0.12 fixes multiple remote code execution flaws
VideoLan released VLC Media Player 3.0.12 for Windows, Mac, and Linux last week with numerous improvements, features, and security fixes.
Hacker leaks full database of 77 million Nitro PDF user records
A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free. […]
Microsoft Defender to enable full auto-remediation by default
Microsoft will enable fully automated threat remediation by default for Microsoft Defender for Endpoint customers who have opted into public previews starting next month, on February 16, 2021.
China’s APT Groups May Be Looking to Cash In
Two campaigns have resulted in encrypted drives and ransom notes, suggesting that some China-linked nation-state advanced persistent threat groups have added financial gain as a […]
SUPERNOVA
The SUPERNOVA webshell is an anonymous code C# webshell written in .NET C# that is specifically written for usage on SolarWinds Orion servers. It is […]
Sunburst (Backdoor)
Sunburst is a SolarWinds digitally-signed component of the Orion software framework that contains a backdoor that communicates via HTTP to third party servers. Sunburst has been […]