2021-01-21 23:09:14
Microsoft deep dive into stage two solarwinds malware
jumpinjelly789This threat campaign is one of the most astoundingly executed pieces I have seen and I have researched the last 16 years of major incidents...
Microsoft have really delved deep into this monstrosity.
The timing of the payload execution, the hash matching of the inherently ‘trusted’ DLL, the multi-pronged malware payloads. Those fuckers really wanted to make a mess with minimal footprint.
Exfiltration of data was so obfuscated that it took so long before anyone knew what happened.
If only the perpetrators in the nation-state groups responsible had chosen a different colour hat.
Forsaken-Joke-4908This is great write up. Microsoft takes a lot of shit for their business practices (maybe deservedly), but they really have a top-notch security team.
QuirkySpiceBushI fucking love these write ups.
I read the entire thing. I wish there was a grove chocked full of write ups of sophisticated attacks. Explaining all there is to explain. Ahhhh.
I’m always happy to know I have so much more to learn.
Vysokojakokurva_C137 @malwr
241 views20:09