SUNBURST Backdoor – December 2020 December 18, 2020 On Tuesday December 8, 2020, FireEye reported unauthorized access to their Red Team tools because of a security vulnerability. At the same time, Carbon60 received various security alerts from external threat and intelligence sources about the breach and December 13, 2020, the disclosure of the SolarWinds supply chain vulnerability was disclosed. Carbon60 does not use FireEye services and does not use any of the affected products from SolarWinds. As part of our routine monitoring of emerging threats, Carbon60 will continue to monitor this situation and we are taking additional steps to detect any existence related to this vulnerability on Carbon60 managed and or controlled networks. More information available here: https://www.fireeye.com/blog/threat-research/2020/12/unauthorized-access-of-fireeye-red-team-tools.html https://www.solarwinds.com/securityadvisory https://isc.sans.edu/diary/SolarWinds+Breach+Used+to+Infiltrate+Customer+Networks+%28Solarigate%29/26884 https://cyber.dhs.gov/ed/21-01/
