Microsoft releases more details about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack. The U.S. government has formally tied the espionage campaign to a group likely of Russian origin. Microsoft recommends that organizations adopt a “zero trust mentality” to achieve least privileged access and minimize risks by enabling multi-factor authentication. The company said the attackers went out of their way to ensure that the initial backdoor (Sunburst aka Solorigate) and the post-compromise implants (Teardrop and Raindrop) are separated as much as possible.
Source: https://thehackernews.com/2021/01/heres-how-solarwinds-hackers-stayed.html