Wednesday, October 27, 2021

DarkHalo after SolarWinds: the Tomiris connection

Background

In December 2020, news of the SolarWinds incident took the world by storm. While supply-chain attacks were already a documented attack vector leveraged by a number of APT actors, this specific campaign stood out due to the extreme carefulness of the attackers and the high-profile nature of their victims. It is believed that when FireEye discovered the first traces of the campaign, the threat actor (DarkHalo aka Nobelium) had already been working on it for over a year. Evidence gather…

Read More

Latest news
Related news