Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’
The Microsoft Threat Intelligence Center (MSTIC) has uncovered a “sophisticated email-based attack” operated by NOBELIUM, as part of a wide-scale malicious email campaign.
Sunburst
DHS issues new emergency guidance on SolarWinds Orion Code compromise
The Department of Homeland Security (DHS) has issued new emergency guidance on the SolarWinds Orion Code compromise and supply chain vulnerability.
SolarWinds releases updated advisory on SUPERNOVA malware (updated with CVE-2020-10148)
SolarWinds has released an updated security advisory on SUPERNOVA malware, a separate threat vector from the previously reported supply chain cyberattack that was based on SUNBURST backdoor malware. The update now includes new information on 0-day CVE-2020-10148 and PoC demo.
Cybersecurity experts reveal growing list of SolarWinds 2nd stage attack victims
Cybersecurity experts have revealed a growing list of SolarWinds 2nd stage attack victims based on malware analysis.
CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)
The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a ‘grave risk’ to critical infrastructure, government and private sector organizations.
Global active exploits against SolarWinds via Sunburst backdoor
Cybersecurity experts are warning of major global active exploits against SolarWinds Orion Platform software versions via a Sunburst backdoor and supply chain attack.