Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → sophos-cybersecurity → solarwinds-threathunt

sophos-cybersecurity / solarwinds-threathunt

Licence: GPL-3.0 license

Threathunt details for the Solarwinds compromise

Threathunt for the Solarwinds Compromise

IOCs

Published coallated IOCs for this attack

CSV of Published IOCs - https://github.com/sophos-cybersecurity/solarwinds-threathunt/blob/master/iocs.csv

RAW IOCs - https://raw.githubusercontent.com/sophos-cybersecurity/solarwinds-threathunt/master/iocs.csv

Sophos Central Live Discover

Queries for Sophos Live Discover

Check if a server has Solarwinds and is vulnerable - https://github.com/sophos-cybersecurity/solarwinds-threathunt/blob/master/find-solarwinds.sql
Check for the specific IOCs listed by Fireeye - https://github.com/sophos-cybersecurity/solarwinds-threathunt/blob/master/ioc-hunt.md

Splunk Searches

Useful Splunk searches for threathunting - https://github.com/sophos-cybersecurity/solarwinds-threathunt/blob/master/splunk-searches.md

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 31

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗