Sunburst Archives - ThreatsHub Cybersecurity News

Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop

January 20, 2021 TH Author Cybersecurity, Microsoft security intelligence, Raindrop, Solorigate, Sunburst, TEARDROP

One missing link in the complex Solorigate attack chain is the handover from the Solorigate DLL backdoor to the Cobalt Strike loader. How exactly does the jump from the Solorigate backdoor (SUNBURST) to the Cobalt Strike loader (TEARDROP, Raindrop, and others) happen? What code gets triggered, and what indicators should defenders look for?
The post Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

January 14, 2021 TH Author Azure Defender, Cybersecurity, Microsoft 365 Defender, Microsoft security intelligence, sec admins, Solorigate, Sunburst

This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that harden enterprise environments against Solorigate’s attack patterns.
The post Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender appeared first on Microsoft Security. READ MORE HERE…