Sunburst: connecting the dots in the DNS requests

Title: Sunburst: connecting the dots in the DNS requests

Published:  Fri, 18 Dec 2020 13:00:20 +0000

Description: We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

Read full article on SECURELIST.COM