Lessons (and Defenses) Learned From the SolarWinds ‘Sunburst/Dark Halo’ Hack)

Posted on by Casey Priester

The widely reported December 2020 hack of the SolarWinds Orion network performance monitoring system employed a sophisticated series of takeover steps that included backdoors, expired domains, the use of Orion itself as a vector, compromised credentials, and malware implants, all to steal data and compromise systems. The attack, referred to as Sunburst, Sunburst Backdoor, and […]

How to Defend Against Lateral Movement in Windows With OSSEC

Posted on by Casey Priester

You may have started to see greater usage of the term “lateral movement” with regards to cyber attacks. Long a directional and network traffic term, lateral movement now commonly means unauthorized connection and sharing of files between two or more internal endpoints. While an initial breach usually comes from the outside, lateral movement occurs when […]

Posted in Uncategorized | Comments Off on How to Defend Against Lateral Movement in Windows With OSSEC