Episode 31: Sunburst: Too Cozy To Bear

Written by
Immersive Labs
Published on
December 18, 2020

Unless you’ve been living under a rock for the past few days, you would have heard about Sunburst – a sprawling cyberattack allegedly masterminded by Russian nation-state hackers, UNC2452 (also known as Cozy Bear). Because we love talking about stuff like this, we couldn’t resist getting the crew together to go over the events of the past few days with a fine-tooth comb. There’ll be no cruising into Christmas for us! 

From what SolarWinds is exactly all the way through to the impact of the attack, Chris, Kev and Paul take a proper look at Sunburst, SolarWinds, and what this means for 2021. And, because we’re a generous bunch and it is Christmas after all, we’ve created a series of labs dedicated to helping you understand and get hands-on with Sunburst – that you can access entirely for free. Check them out here.

***

Fireeye summary (including detections): 
https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

First reports of Solarwinds compromise: 
https://www.theregister.com/2020/12/14/solarwinds_fireeye_cozybear_us_government/

About Cyber Humanity

The podcast taking cybersecurity personally

There's a lot of cool techy stuff going down in cybersecurity, and we love it. But you can't deny that a lot the time we humans get forgotten. Our podcast takes a not-so-serious look at issues in security from a human point of view. Covering social engineering to hacker motivations and everything in between, we chat through security stories and themes and what they mean to us: the oft-neglected humans behind the screen. Apart from Kev, Kev is a cyborg.

These weekly podcasts come in two main flavors. We’re either ranting about themes close to the heart of us security types, or we’re discussing threats and vulnerabilities that have hit headlines – or slipped under the radar – in recent weeks.

Join Chris Pace (tech advocate and keeper of the coloring pencils), Kev Breen (pro blue teamer, also known as 'Mr Nothing to CVE here...'), Max Vetter (former dark web detective and pretty cool guy), and Paul Bentham (ex-gov. type and Immersive Labs product guru) as they wend their way through the murky world of Cyber Humanity.

Share this post