31: Sunburst: Too Cozy To Bear
Unless you’ve been living under a rock for the past few days, you would have heard about Sunburst – a sprawling cyberattack allegedly masterminded by Russian nation-state hackers, UNC2452 (also known as Cozy Bear). Because we love talking about stuff like this, we couldn’t resist getting the crew together to go over the events of the past few days with a fine-tooth comb. There’ll be no cruising into Christmas for us!
From what SolarWinds is exactly all the way through to the impact of the attack, Chris, Kev and Paul take a proper look at Sunburst, SolarWinds, and what this means for 2021. And, because we’re a generous bunch and it is Christmas after all, we’ve created a series of labs dedicated to helping you understand and get hands-on with Sunburst – that you can access entirely for free. Check them out here.
***
Fireeye summary (including detections):
First reports of Solarwinds compromise:
https://www.theregister.com/2020/12/14/solarwinds_fireeye_cozybear_us_government/