Skip to content

Commit

Permalink
Update 2021-09-29 SOLORIGATE
Browse files Browse the repository at this point in the history 
Added:
 - Microsoft: Breaking down NOBELIUM’s latest early-stage toolset
 - Microsoft: FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
 - Microsoft: mstic/Indicators/May21-NOBELIUM/
  • Loading branch information
@jipegit
jipegit committed Sep 29, 2021
1 parent 104bf5c commit 683d00a
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 0 deletions.
16 changes: 16 additions & 0 deletions SOLORIGATE_SUNBURST/SOLORIGATE_SUNBURST.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,10 @@

- https://www.trustedsec.com/blog/solarwinds-backdoor-sunburst-incident-response-playbook/

### Microsoft IOC

- https://github.com/microsoft/mstic/tree/master/Indicators/May21-NOBELIUM

## Security Advisory

### https://www.solarwinds.com/securityadvisory
Expand Down Expand Up @@ -389,3 +393,15 @@

### Goldfinger, Sibot

### EnvyScout, BoomBox, NativeZone

- Microsoft

- **https://www.microsoft.com/security/blog/2021/05/28/breaking-down-nobeliums-latest-early-stage-toolset/**

### FoggyWeb

- Microsoft

- https://www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/

Binary file modified SOLORIGATE_SUNBURST/SOLORIGATE_SUNBURST.mindnode
View file
Binary file not shown.
8 changes: 8 additions & 0 deletions SOLORIGATE_SUNBURST/SOLORIGATE_SUNBURST.opml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,8 @@
</outline>
<outline text="Generic Playbook"><outline text="https://www.trustedsec.com/blog/solarwinds-backdoor-sunburst-incident-response-playbook/"></outline>
</outline>
<outline text="Microsoft IOC"><outline text="https://github.com/microsoft/mstic/tree/master/Indicators/May21-NOBELIUM"></outline>
</outline>
</outline>
<outline text="Security Advisory"><outline text="https://www.solarwinds.com/securityadvisory"></outline>
<outline text="https://us-cert.cisa.gov/ncas/alerts/aa21-008a"></outline>
Expand Down Expand Up @@ -197,6 +199,12 @@
</outline>
</outline>
<outline text="Goldfinger, Sibot"></outline>
<outline text="EnvyScout, BoomBox, NativeZone"><outline text="Microsoft"><outline text="https://www.microsoft.com/security/blog/2021/05/28/breaking-down-nobeliums-latest-early-stage-toolset/"></outline>
</outline>
</outline>
<outline text="FoggyWeb"><outline text="Microsoft"><outline text="https://www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/"></outline>
</outline>
</outline>
</outline>
</outline>
</body>
Expand Down
Binary file modified SOLORIGATE_SUNBURST/SOLORIGATE_SUNBURST.pdf
View file
Binary file not shown.
Binary file modified SOLORIGATE_SUNBURST/SOLORIGATE_SUNBURST.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit 683d00a

Please sign in to comment.