The extent and impact of the SolarWinds hack became even more apparent – and terrifying – over the holiday break.
On New Year’s Eve, SolarWinds confirmed that it has identified malware that exploited the flaws introduced to Orion products.
We already knew about “SUNBURST”, the attack that poisoned Orion.
SolarWinds’ pre-party post revealed that “SUPERNOVA” is “malware that is separately placed on a server that requires unauthorized access to a customer’s network and is designed to appear to be part of a SolarWinds product.”
“The SUPERNOVA malware consisted of two components,” says SolarWinds’ advisory. “The first was a malicious, unsigned webshell .dll 'app_web_logoimagehandler.ashx.b6031896.dll' specifically written to be used on the SolarWinds Orion Platform. The second is the utilization of a ..
Support the originator by clicking the read the rest link below.
