Orion Archives - Securezoo

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

Cybersecurity Attacks, Malware, Network Security, Vulnerabilities & Exploits / By Frank Crast / April 26, 2021 / APT, CISA, CVE-2020-10148, malware, Orion, SolarWinds, Supernova

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity’s network and SolarWinds systems.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

Cybersecurity Attacks, Security Monitoring, System Hardening, Third-Party Security / By Frank Crast / March 19, 2021 / Azure, CHIRP, IOC, M365, Microsoft 365, NSA, Orion, SolarWinds, Supply Chain

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

Global active exploits against SolarWinds via Sunburst backdoor

Cybersecurity Attacks, Data Breach, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / December 14, 2020 / backdoor, malware, Orion, SolarWinds, Sunburst, UNC2452

Cybersecurity experts are warning of major global active exploits against SolarWinds Orion Platform software versions via a Sunburst backdoor and supply chain attack.