New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity's network and SolarWinds systems.

Continue ReadingNew Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

Continue ReadingCHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

SolarWinds releases updated advisory on SUPERNOVA malware (updated with CVE-2020-10148)

SolarWinds has released an updated security advisory on SUPERNOVA malware, a separate threat vector from the previously reported supply chain cyberattack that was based on SUNBURST backdoor malware. The update now includes new information on 0-day CVE-2020-10148 and PoC demo.

Continue ReadingSolarWinds releases updated advisory on SUPERNOVA malware (updated with CVE-2020-10148)