<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=179060&amp;fmt=gif">

Minerva Labs Blog

News & Reports

Solarwinds Breach Related Events Prevented By Minerva

Injection Attacks Thwarted Since August; The Minerva Approach Proves Itself Once Again 

Minerva Labs conducted a thorough review of the cybersecurity threat exposed by SolarWinds breach. Our research reports a dramatic increase in the number of prevented events coming from the “SolarWinds.BusinessLayerHost.exe” process in the past few months.

 

Researchers suspect that this activity is related to the current event and advise other security vendors to monitor for such behavior. While security vendors published their mitigation recommendations in the past few days, Minerva reports that the company successfully prevented related attempts since August 2020.

Contact Us

Here’s an example of a prevented memory injection attack in Minerva’s interface:

 

Example #1:

Solarwinds Breach Related Events Example 1

Example #2:

Solarwinds Breach Related Events Example 2

 As detailed by FireEye’s report (which can be found here), the malicious backdoor refuses to work when certain blacklisted processes are present in the operating system, proving once again the effectiveness of the Minerva approach and the Hostile Environment Simulation module which is one of the main parts of Minerva’s pre-execution threat prevention platform. Thousands of such artifacts simulate the presence of security and forensics tools that creates an environment in which malware are refrain from executing.

 

Link to press release : link

Stay Informed

Sign up for the Minerva newsletter and stay on top of the latest cybersecurity news.

Topics

see all