CISA (The Cybersecurity and Infrastructure Security Agency) issued another Pulse Secure alert today regarding SUPERNOVA, an advanced persistent threat (APT) actor’s long-term compromise of an entity’s enterprise network. The threat actor connected to the entity’s network via a Pulse Secure virtual private network (VPN) appliance, moved laterally to its SolarWinds Orion server, installed malware referred to by security researchers as SUPERNOVA (a .NET webshell), and collected credentials.
CISA Identifies SUPERNOVA Malware During Incident Response – Experts Insight
Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics