SUNBURST SolarWinds BackDoor : Crime Scene Forensics Part 2 (continued)

From securityboulevard.com

f you’ve arrived to this post, I’d suggest reading the prior post to gain context.

As details are still emerging, let’s speculatively examine the attacker’s post entry-point activity and reconnaissance insideSolarWind’s software supply chain.

Tomislav Peričin, founder of ReversingLabs conducted a deep forensics investigation thats well worth reading.

Read more…