31 December 2020

You Thought the SolarWinds Hack Was Bad

2020 isn't over yet. That hack is worse than you think. New SUPERNOVA backdoor found in SolarWinds cyberattack analysis

While analyzing artifacts from the SolarWinds Orion supply-chain attack, security researchers discovered another backdoor that is likely from a second threat actor.

Named SUPERNOVA, the malware is a webshell planted in the code of the Orion network and applications monitoring platform and enabled adversaries to run arbitrary code on machines running the trojanized version of the software.

If you are interested in the technical details of a hack, you can click thru. From a technical persepctive, it is a thing of beauty. But from a real life perspective, it is just awful.

You can find more details at Unit 42.

As far as who has fallen victim to the SUPERNOVA hack... (Courtesy of Security Now Show Notes.)

The biggest names on this list include the likes of Cisco, SAP, Intel, Cox Communications, Deloitte, Nvidia, Fujitsu, Belkin, Amerisafe, Lukoil, Rakuten, Check Point, Optimizely, Digital Reach, Digital Sense and probably MediaTek.

You can find Security Now video at this link.

No comments:

Post a Comment

Be Nice. Arguments are welcome. Personal Attacks will be deleted