A newly launched SolarLeaks website claims to be selling data from companies known to have been breached in the recent supply chain attack. The site’s legitimacy has not been confirmed. The following data has been offered for sale on this site:
- Microsoft source code and repositories. Microsoft has confirmed that their source code was accessed.
- Cisco’s internal bug tracker and source code for multiple products. Cisco has stated that they have no evidence of intellectual property theft.
- FireEye Red Team tools
- SolarWinds source code and a customer portal dump
For more information on this SolarLeaks website, please visit, BleepingComputer, SolarLeaks site claims to sell data stolen in SolarWinds attacks.
Additionally, Solarwinds Issued New Findings From Our Investigation of Sunburst (the implanted malware backdoor has been dubbed “Sunburst”).
- Discusses the pinpointing of the malicious code source
- Provides an attack timeline overview
Last, but not least, Crowdstrike offers a detailed technical analysis of the malware that was deployed in the SolarWinds Orion build environment.
Related Posts:
- FireEye Red Team Tools Hacked (12/09/20)
- VMWare Vulnerabilities Are Being Actively Exploited (12/15/20)
- SolarWinds Software is Being Actively Exploited (12/15/20)
- Update: Solarwinds Exploit (12/16/20)
- CISA Reports APT Compromise of Government Agencies, Critical Infrastructure & Privaate Sector Organizations (12/18/20)
- NSA Issues Advisory on Detecting Abuse in Authentication Mechanisms (12/21/20)
- Update: SolarWinds & More (12/23/20)
- CISA Alert on Detecting Post Compromise Activity in Microsoft Cloud Environments (01/08/21)