The Microsoft Threat Intelligence Center (MSTIC) has uncovered a "sophisticated email-based attack" operated by NOBELIUM, as part of a wide-scale malicious email campaign.
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity's network and SolarWinds systems.
The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.
Microsoft has open sourced CodeQL queries used to scan for Solorigate malware activity that matches the SolarWinds supply-chain attack.
Microsoft and FireEye have revealed new details on the infamous SolarWinds cyberattack used to spread a virus to 18,000 government and corporate computer networks.
The Cybersecurity and Infrastructure Security Agency (CISA) has released new malware analysis on Supernova that affects unpatched SolarWinds Orion software.
Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.
The Department of Homeland Security (DHS) has issued new emergency guidance on the SolarWinds Orion Code compromise and supply chain vulnerability.
SolarWinds has released an updated security advisory on SUPERNOVA malware, a separate threat vector from the previously reported supply chain cyberattack that was based on SUNBURST backdoor malware. The update now includes new information on 0-day CVE-2020-10148 and PoC demo.
Cybersecurity experts have revealed a growing list of SolarWinds 2nd stage attack victims based on malware analysis.