.png "back to home page")
"In an interesting turn of events, the investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product" Wow, keeps getting worse. See the "additional malware" section. https://t.co/ggm2wXUeIr
— Brent Ozar (@BrentO) December 19, 2020
SolarWinds supply chain hack twist:
— Ryan Naraine (@ryanaraine) December 20, 2020
1. New malware.
2. Unrelated to the known compromise.
3. Used by a different threat actor.
4. New malware is small persistence backdoor that allows remote code execution through SolarWinds web application serverhttps://t.co/kvcDFzxCaH
From Cisco, Intel and VMWare to the likes of Kent State University and California hospitals: @WSJ identified infected computers at two dozen organizations that installed the tainted SolarWinds software, showing the wide reach of the suspected Russian hack https://t.co/U3vCGm86ON
— Dustin Volz (@dnvolz) December 21, 2020
Do you want to read about the code part of the SolarWind security attack?
— Lucho Patiño (@LuisPatino92) December 20, 2020
This is the best post I found about the code that avoided being detected for months and reached some government systems in the USA.#100DaysOfCode https://t.co/Z5idwLEXph
Mostly for nerds (if you don't know what a DLL is don't bother reading): Fascinating Microsoft analysis of the SolarWinds hack. Surprise ending: MS found ANOTHER, unrelated hack that even affects the SW hack! (Appendix, "Additional malware discovered") https://t.co/G39obv0ai3
— Bill Harts (@AlgoTrdr) December 20, 2020
Fascinating technical detail on the compromised file that launched the massive SolarWinds hack. It was built from the ground up to evade detection, incl. by running checks to make sure it wasn't on a test machine: https://t.co/cLMnXcV2JV pic.twitter.com/OXLJCOAdkV
— Drew Harwell (@drewharwell) December 21, 2020
#SolarWinds Important Update:
— blackorbird (@blackorbird) December 20, 2020
1.About DNS requestshttps://t.co/gZ1n39HNMM
decode tool:https://t.co/oifhNeZWvw
2.Complete attack processhttps://t.co/NVZA3aIvyI https://t.co/vtEuPSF6iC pic.twitter.com/yp5DcAMLit
Missed this yesterday, but Microsoft said it discovered "an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor." https://t.co/oavqXZiYIk
— Eric Geller (@ericgeller) December 20, 2020
Fun!
Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack.
— Catalin Cimpanu (@campuscodi) December 21, 2020
Security researchers believe this malware is the result of a second hacking group targeting SolarWinds systemshttps://t.co/1OeIJtgKDo pic.twitter.com/6VBJqwFLmp
A second hacking group has targeted SolarWinds systems https://t.co/lcJiGQSX4j #CyberSec #cybernews pic.twitter.com/frPrtTe4CE
— Moix Security (@moixsec) December 21, 2020
A second hacking group has targeted SolarWinds systems https://t.co/xXQMyhQfL0 by @campuscodi
— ZDNet (@ZDNet) December 21, 2020
Trump's reluctance to name and shame Russia for the SolarWinds cyberattack will hamper companies and government agencies as they begin the long and daunting job of assessing and repairing the hack's damage. https://t.co/51nMo4V7oN
— Axios (@axios) December 21, 2020
"Experts say Russia's fingerprints are all over the attack, but the president's dissent will hobble any U.S. response — at least until Jan. 20." https://t.co/8R9lNnmvXl
— Progressive Push (@progressivepush) December 21, 2020
New SUPERNOVA backdoor found in SolarWinds cyberattack analysis https://t.co/I97cFJd9m6
— The Cyber Security Hub™ (@TheCyberSecHub) December 21, 2020
New SUPERNOVA backdoor found in SolarWinds cyberattack analysis #CyberAttack https://t.co/ffqWRMt1vI
— Bob Carver ✭ (@cybersecboardrm) December 21, 2020
A second hacking group has targeted SolarWinds systems#cybersecurity #riskmanagement #phishing #malware #Infosec #cyberthreats #ramsomware #hacking #dataprotection #privacy#dataleak #informationsecurity #cyberattacks #databreachhttps://t.co/tpgFIJgErY pic.twitter.com/ttYAv2lFB5
— Paula Piccard ?? ?? (@Paula_Piccard) December 21, 2020
A second hacking group has targeted #SolarWinds systems https://t.co/fSY386n9HK #SolarWindsHack #InfoSec #Security #CyberSecurity #DataBreach #DataProtection #CyberAttack #datatheft #Hacker #malware #Botnet #Ransomware #Spyware #Technews #RT
— Amitav Bhattacharjee (@bamitav) December 22, 2020
#wrf!! A second hacking group has targeted SolarWinds systems #CyberSecurity #osint #cyberthreats #hackers #darkweb #databreaches #cybercrime #CyberSec #dataprivacy #cyberintelligence #cyberattack #cybercriminals #databreach https://t.co/HLrmq6vA1f
— Jiniba (@JinibaBD) December 21, 2020
A second hacking group has targeted SolarWinds systems #Cybersecurity #infosec #security https://t.co/b59wHoUxYC
— Bob Carver ✭ (@cybersecboardrm) December 21, 2020
A second hacking group has targeted SolarWinds systems https://t.co/GsYzKLN6Tf pic.twitter.com/f1NLLJeOBC
— Charlie Osborne (@SecurityCharlie) December 21, 2020
A second unrelated #hacker group has been found targeting #SolarWinds systems. https://t.co/9FYiyA4563#security #cybersecurity #databreach
— SecurityMetrics (@SecurityMetrics) December 22, 2020
#Microsoft has discovered yet more #SolarWinds #malware https://t.co/b4EZFxkOG7 #TechJunkieNews #CyberSecurity pic.twitter.com/2lpTAY781Z
— Tech Junkie (@techjunkiejh) December 21, 2020
#Microsoft has discovered yet more #SolarWinds #malware https://t.co/YRMUI8bdOx by @TechRadar
— Peter J.M. Simons (@peterjmsimons) December 21, 2020
#Microsoft has discovered yet more SolarWinds malware https://t.co/JoH7TU22p6 #SolarWinds #Malware #Orion #CyberAttack #CyberThreat #Exploit #Hackers #CyberRisk #Security #CyberSecurity #CyberDefence #CyberAwareness
— GDPR123 (@GDPR123) December 21, 2020
President Trump's reluctance to name and shame Russia for the SolarWinds cyberattack will hamper companies and government agencies as they begin the long and daunting job of assessing and repairing the hack's damage.https://t.co/ioWoIeLcax
— Khashoggi’s Ghost (@UROCKlive1) December 22, 2020
Experts say Russia's fingerprints are all over the ongoing cyberattack, but Trump’s dissent will hobble any U.S. response — at least until Jan. 20. https://t.co/K4sd7Uybp5
— Mike Walker (@New_Narrative) December 21, 2020
New SUPERNOVA backdoor found in SolarWinds cyberattack analysis https://t.co/HeYB9q4T7m
— Nicolas Krassas (@Dinosn) December 21, 2020
Researchers have discovered a SUPERNOVA malware backdoor in SolarWinds - likely from another #hacker. This trojanized variant of a legitimate .NET library was found during #DFIR investigations. Read more: https://t.co/pLL3GBAprX #cybersecurity #CISO #Infosec #ITsecurity
— LMG Security (@LMGSecurity) December 21, 2020
New #SUPERNOVA #backdoor found in @SolarWinds #cyberattack analysis. The #malware is a #webshell planted in the code of the #Orion network and applications monitoring. @dynamicCISO #GirlsWhoCode #SolarWinds #SolarWindsOrion #SolarWindsHack https://t.co/38Xnu9PEaT
— rneelmani (@rneelmani) December 22, 2020
New SUPERNOVA backdoor found in SolarWinds cyberattack analysis#cybersecurity #riskmanagement #phishing #malware #Infosec#cyberthreats #ramsomware #hacking #dataprotection #privacy#dataleak #informationsecurity #cyberattacks #databreachhttps://t.co/BmNGKfGtNy pic.twitter.com/hvUWp3QWjo
— Paula Piccard ?? ?? (@Paula_Piccard) December 21, 2020