Threats from the Wild - Episode 1: Detecting Future Variants of Sunburst


The SolarWinds/SUPERNOVA attack targeted the National Financial Center (NFC), an agency inside the U.S. Department of Agriculture that reportedly handles payroll for several government organizations, including the State Department, FBI, Treasury Department, and the DHS.

Today, we continue to see new variants of this attack used to evade publicly available detection techniques.

In this session, Oleg Kolesnikov will discuss the attack vectors and highlight techniques and recommendations to protect against the future variants of the attack, including:

– A demonstration of the original SUPERNOVA implant in action.

– A modified variant of the SUPERNOVA implant that can evade some of the public detection approaches.

– What the SolarWinds/SUPERNOVA attack might look like in your logs.

– How to increase the chances of detecting this and future variants of the attacks in your environment.

Threat Actors are Exploiting the Recent CrowdStrike Outage in an Effort to...
The Ghost in the Machine: Tracking Stealthy Fileless Malware in the Windows...
5 Cyber Threats Facing the Financial Service Sector in 2024
Analysis of PHANTOM#SPIKE: Attackers Leveraging CHM Files to Run Custom...