Free Auditing Tool Helps Detect SolarWinds Hackers' Malware
Healthcare Info Security
Security firm FireEye has released a free auditing and remediation tool on GitHub that it says can help organizations determine if the hacking group that targeted SolarWinds used similar techniques within their network to gain access to Microsoft Office 365 accounts.
On Tuesday, FireEye also issued a report that examines some of the techniques and tactics used by the hacking group, which the security firm calls UNC2452.
Also this week, researchers at Symantec reported they uncovered a fourth malware variant, called "Raindrop," used during the SolarWinds attack. The other malware variants were Teardrop, Sunspot and Sunburst (see: 'Raindrop' Is Latest Malware Tied to SolarWinds Hack).
FireEye and SolarWinds