Common Information
| Type | Value |
|---|---|
| Value |
UNC2452 |
| Category | |
| Type | Mandiant Uncategorized Groups |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2021-02-24 | 1 | NASA and the FAA were also breached by the SolarWinds hackers | ||
| Details | 2021-02-10 | 8 | Q42020 Malware Trends: Year Punctuated by Ransomware and Data Breaches Concludes With Sophisticated SolarWinds Attack | |||
| Details | 2021-02-03 | 232 | RESEARCH REPORT | |||
| Details | Website | 2021-01-29 | 14 | Cloudy with a Chance of Persistent Email Access | Aon | ||
| Details | Website | 2021-01-19 | 2 | Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 | Blog | Mandiant | ||
| Details | Website | 2021-01-11 | 18 | Sunburst backdoor – code overlaps with Kazuar | ||
| Details | 2021-01-07 | 66 | SolarWinds Attribution: Are We Getting Ahead of Ourselves? | |||
| Details | 2020-12-30 | 73 | SolarWinds Attribution: Are We Getting Ahead of Ourselves? | |||
| Details | Website | 2020-12-29 | 8 | Golden SAML Revisited: The Solorigate Connection | ||
| Details | Website | 2020-12-27 | 3 | A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware | ||
| Details | Website | 2020-12-24 | 40 | SUNBURST Additional Technical Details | Mandiant | ||
| Details | Website | 2020-12-22 | 1 | SolarWinds hackers breached US Treasury officials’ email accounts | ||
| Details | Website | 2020-12-21 | 28 | How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise | McAfee Blog | ||
| Details | Website | 2020-12-21 | 2 | GitHub - mandiant/sunburst_countermeasures | ||
| Details | Website | 2020-12-18 | 1 | Tracking Sunburst-Related Activity with ThreatConnect Dashboards | ||
| Details | Website | 2020-12-18 | 55 | Continuous Eruption: Further Analysis of the SolarWinds Supply Chain Incident - DomainTools | Start Here. Know Now. | ||
| Details | Website | 2020-12-17 | 6 | DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors | Mandiant | ||
| Details | Website | 2020-12-16 | 43 | UNC2452 Threat Actor Group Threat Intel Advisory | Threat Intelligence | CloudSEK | ||
| Details | Website | 2020-12-14 | 16 | SolarWinds Orion and UNC2452 - Summary and Recommendations - TrustedSec | ||
| Details | Website | 2020-12-13 | 49 | SolarWinds Supply Chain Attack Uses SUNBURST Backdoor | ||
| Details | Website | 2017-07-01 | 2 | Connect the Dots on State-Sponsored Cyber Incidents - APT 28 | ||
| Details | Website | — | 1 | New Malware Set Identified Used by the SolarWinds Attackers - IBM X-Force Collection |