By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced many such responses over the last year (see ... Read more »
SolarWinds
Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example
Ben Reardon - Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the ... Read more »
Finding SUNBURST backdoor with Zeek logs & Corelight
John Gamble, Director of Product Marketing, Corelight ------------------------------------------- UPDATE 12-16-20: Corelight Resources WEBCAST RECORDING - Finding SolarWinds backdoors with Zeek, Suricata & Corelight - watch hereWEBCAST ... Read more »