The SolarWinds Hack Was More Humiliating for the Government Than We Thought

The attackers were deep inside Treasury Department email systems doing whatever they wanted.
ZDNet

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

On Monday, Secureworks' counter threat unit (CTU) said that during late 2020, a compromised Internet-facing SolarWinds server was used as a springboard to deploy Supernova, a .NET web shell. Similar ...
ZDNet

SolarWinds: The more we learn, the worse it looks

Russia, we now know, used SolarWinds' hacked program to infiltrate at least 18,000 government and private networks. The data within these networks, user IDs, passwords, financial records, source code, ...
Dark Reading

What We Know (and Don't Know) So Far About the 'Supernova' SolarWinds Attack

It's mostly been overshadowed by the massive and brazen supply chain breach of the SolarWinds Orion software-build process — the lesser-known Supernova cyberattack also remains a bit of a mystery.
CRN

Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds

Hackers entered the unidentified victim’s network through a Pulse Secure VPN appliance, moved laterally to the victim’s SolarWinds Orion sever, installed Supernova malware, and stole credentials, ...