Watch Eric Chien, Technical Director of the Attack Investigations Team, provide insights into Sunburst and why supply chain attacks like this may become more common.
Eric Chien discusses how endpoint security must evolve to detect and prevent future advanced persistent threats like Sunburst.
Below is an example of an attack chain on one computer infected by attackers. While there may be some commonalities in post-compromise activity, each victim is likely to see different patterns in activity.
Initial analysis and overview of a supply chain attack that compromised the update mechanism for SolarWinds Orion software in order to deliver a backdoor Trojan known as Sunburst (Backdoor.Sunburst) ...Read Blog
In the first of a series of follow-up analysis on the SolarWinds attacks, we take a look at how the attackers disabled security software and avoided detectionRead Blog
Symantec Endpoint Security Complete addresses your blind spots.Learn More
In the second of a series of follow-up analysis on the SolarWinds attacks, we examine how the attackers made command and control communications particularly stealthy.Read Blog
Technical ArticleRead Full Article
Symantec uncovered an additional piece of malware used in the SolarWinds attacks which was used against a select number of victims that were of interest to the attackers.Read Blog