Powered by MOMENTUM MEDIA
Powered by MOMENTUM MEDIA

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

SolarWinds hackers leverage Pulse Secure VPN

The SolarWinds hackers allegedly leveraged the Pulse Secure VPN to access the company’s Orion server, a recent report suggests.

The SolarWinds hackers allegedly leveraged the Pulse Secure VPN to access the company’s Orion server, a recent report suggests.

The US Cybersecurity and Infrastructure Security Agency (CISA) released an analysis report this week, outlining that the SUPERNOVA malware was able to enter the SolarWinds Orion server via a Pulse Secure virtual private network (VPN).

Advertisement
Advertisement

In 2020, overseas hackers that are broadly thought to be Russian based, hacked into leading IT firm SolarWinds’ Orion server. SolarWinds services clients from across the Fortune 500 and US government. It is believed that the breach allowed the SUPERNOVA malware to infect SolarWinds’ client companies.

“[Advanced persistent threat] actors use SUPERNOVA to perform reconnaissance, conduct domain mapping, and steal sensitive information and credentials,” CISA reported this week.

“According to a SolarWinds advisory, SUPERNOVA is not embedded within the Orion platform as a supply chain attack; rather, an attacker places it directly on a system that hosts SolarWinds Orion, and it is designed to appear as part of the SolarWinds product.”

CISA described that the culprits entered onto the server via SolarWinds’ Pulse Secure VPN, and were able to log on appearing as employees.

“Note: these IP addresses belong to routers that are all similar models; based on this activity, CISA suspects that these routers were likely exploited by the threat actor,” CISA explained.

[Related: Op-Ed: Keep your application’s secrets protected]

SolarWinds hackers leverage Pulse Secure VPN
cyber-hack.jpg
lawyersweekly logo

more from cyber security connect

May 10 2021
Microsoft, Darktrace join forces to reinforce cyber defences
Software giant Microsoft has partnered with autonomous cyber security and AI firm Darktrace, in a bi...
May 6 2021
Op-Ed: Taking an identity-centric approach to IT security
The traditional approach to IT security used by many organisations can be likened to building a cast...
Glen Maloney
May 6 2021
Op-Ed: The future of supply chain cyber attacks and how to be prepared
The high-profile SolarWinds SUNBURST cyber attack that affected organisations across the globe has s...
FROM THE WEB
Recommended by Spike Native Network