SolarWinds

Nobelium targets CSPs, MSPs and IT organizations to launch broader attacks

Microsoft has released a new report on Nobelium that has been targeting cloud service providers (CSPs), managed service providers (MSPs) and other IT organizations in order to launch broader attacks against customers they serve.

Nobelium targets CSPs, MSPs and IT organizations to launch broader attacks Read More »

Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’

The Microsoft Threat Intelligence Center (MSTIC) has uncovered a “sophisticated email-based attack” operated by NOBELIUM, as part of a wide-scale malicious email campaign.

Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’ Read More »

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity’s network and SolarWinds systems.

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure Read More »

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks Read More »

Microsoft open sources CodeQL queries to scan for Solarwinds-like Solorigate activity

Microsoft has open sourced CodeQL queries used to scan for Solorigate malware activity that matches the SolarWinds supply-chain attack.

Microsoft open sources CodeQL queries to scan for Solarwinds-like Solorigate activity Read More »

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers Read More »

DHS issues new emergency guidance on SolarWinds Orion Code compromise

The Department of Homeland Security (DHS) has issued new emergency guidance on the SolarWinds Orion Code compromise and supply chain vulnerability.

DHS issues new emergency guidance on SolarWinds Orion Code compromise Read More »

SolarWinds releases updated advisory on SUPERNOVA malware (updated with CVE-2020-10148)

SolarWinds has released an updated security advisory on SUPERNOVA malware, a separate threat vector from the previously reported supply chain cyberattack that was based on SUNBURST backdoor malware. The update now includes new information on 0-day CVE-2020-10148 and PoC demo.

SolarWinds releases updated advisory on SUPERNOVA malware (updated with CVE-2020-10148) Read More »