Threat Bulletin #100

This week we report on the SolarWinds attackers reportedly gaining some level of initial access via password spraying, similarities discovered between the malware used in SolarWinds attack and a Russian backdoor from 2017 and leak sites claiming to sell data obtained from recent SolarWinds compromise. Also the release of Microsoft tool updates to help detect process tampering type attacks and a Windows defender vulnerability being actively used in the wild patched.