CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits
Health IT Security
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released a report on the relatively new malware variant known as SUPERNOVA, which ties the threat to both vulnerable Pulse Secure Virtual Private Networks (VPNs) and SolarWinds Orion platform.
CISA first disclosed fresh insights on SUPERNOVA in January. At the time, data showed threat actors were targeting vulnerable SolarWinds Orion tech to install the malware separately onto servers that require unauthorized access to the network.
The malware was not part of the trojanized software update behind the massive supply chain attacks. Rather, the hackers continued to exploit entities that failed to mitigate the initial vulnerabilities, leveraging SOLARWINDS to appear as part of legitimate SolarWinds tech.
As the previous alert explained...