SUNBURST Mapping Malicious Activity Using Farsight Historical Passive DNS A Post-Attack Analysis of the Scale and Scope of the SUNBURST Compromise Copyright © 2021 Farsight Security, Inc. CASE STUDYIntroduction By studying the investigation into the SUNBURST attack, this case study demonstrates how cyber analysts can easily and quickly examine and visualize the scale of a malware attack— whether during or after the incident—using Farsight DNSDB passive DNS data and Maltego. It also takes a close look at the attack pattern of SUNBURST and provides insights into the malware’s behavior. About the SolarWinds SUNBURST Supply Chain Compromise In December 2020, cyber threat analysis company FireEye discovered a global supply chain attack trojanizing SolarWinds Orion business software up

Join for free to read