Weekly: SolarWinds Supply-Chain Attack Round-Up

ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelligence. This week they cover all things SolarWinds:- An overview of the campaign and event timelines- SolarWinds' SEC filing and its implications- Early indicators of compromise, including public FTP creds and an access listing- What we can expect from this attack as time goes onGet this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-18-december ***Resources from this week’s podcast***Microsoft: https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/SolarWinds:https://www.solarwinds.com/securityadvisoryFireEye: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.htmlDomainTools: https://www.domaintools.com/resources/blog/unraveling-network-infrastructure-linked-to-the-solarwinds-hack?utm_source=Social&utm_medium=twitter&utm_campaign=SUNBURST#FTP Creds (2019):https://savebreach.com/solarwinds-credentials-exposure-led-to-us-government-fireye-breach/ SEC Filinghttps://portal.pannus.uk/client/intelligence/incident/67083793 https://www.sec.gov/ix?doc=/Archives/edgar/data/1739942/000162828020017451/swi-20201214.htm Dark Halo: https://portal.pannus.uk/client/intelligence/incident/67128769https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/SolarWinds Blog: https://www.digitalshadows.com/blog-and-research/solarwinds-compromise-what-security-teams-need-to-know/