Cyber Security Threat Intelligence & Incident Response

SolarWinds Breach Related Events Prevented by Minerva Labs

Injection Attacks Thwarted Since August; The Minerva Approach Proves Itself Once Again

Minerva Labs, a leading provider of Pre-Execution Threat Prevention Platform, today announced that the company conducted a thorough review of the cybersecurity threat exposed by the SolarWinds breach. Minerva Labs reports a dramatic increase in the number of prevented events coming from the “SolarWinds.BusinessLayerHost.exe” process in the past few months.

Researchers suspect that this activity is related to the current event and advise other security vendors to monitor for such behavior. While security vendors published their mitigation recommendations in the past few days, Minerva reports that the company successfully prevented related attempts since August 2020.

As detailed by FireEye’s report (which can be found here), the malicious backdoor refuses to work when certain blacklisted processes are present in the operating system, proving once again the effectiveness of the Minerva approach and the Hostile Environment Simulation module which is one of the main parts of Minerva’s pre-execution threat prevention platform. Thousands of such artifacts simulate the presence of security and forensics tools that create an environment in which malware is refrained from executing.

Related posts

ExtraHop Benchmarking Cyber Risk & Readiness findings released

Business Wire

Living Security Partners with SpyCloud

PR Newswire

CISO Global named to 2023 Top 250 MSSP List

GlobeNewswire