Microsoft cybersecurity experts published a long, detailed blog about the SolarWinds Compromise that contains new information that will help IT pros better understand how the attack played out.

The blog – an in-depth look at how attackers moved from the first back door and across customer networks – will be released as the tech community continues to grapple with the implications of the compromise, with cybersecurity teams on it around the clock have worked to uncover the damage.

Microsoft’s results continue to show just how sophisticated the attackers are.

The company published an earlier blog examining the malware that provided the backdoor to up to 18,000 SolarWinds customer networks and describing the practical techniques for attackers to use an attacker on compromised endpoints using a second tier payload – one of several custom Cobalt Strike loader – including the loader that cybersecurity company calls FireEye Teardrop and a variant named …

Source link

Leave a Reply