You have4 free articles left this month.
Register for a free account to access unlimited free content.
You have 4 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

SolarWinds hackers leverage Pulse Secure VPN

The SolarWinds hackers allegedly leveraged the Pulse Secure VPN to access the company’s Orion server, a recent report suggests.

SolarWinds hackers leverage Pulse Secure VPN
expand image

The US Cybersecurity and Infrastructure Security Agency (CISA) released an analysis report this week, outlining that the SUPERNOVA malware was able to enter the SolarWinds Orion server via a Pulse Secure virtual private network (VPN).

In 2020, overseas hackers that are broadly thought to be Russian based, hacked into leading IT firm SolarWinds’ Orion server. SolarWinds services clients from across the Fortune 500 and US government. It is believed that the breach allowed the SUPERNOVA malware to infect SolarWinds’ client companies.

“[Advanced persistent threat] actors use SUPERNOVA to perform reconnaissance, conduct domain mapping, and steal sensitive information and credentials,” CISA reported this week.

“According to a SolarWinds advisory, SUPERNOVA is not embedded within the Orion platform as a supply chain attack; rather, an attacker places it directly on a system that hosts SolarWinds Orion, and it is designed to appear as part of the SolarWinds product.”

CISA described that the culprits entered onto the server via SolarWinds’ Pulse Secure VPN, and were able to log on appearing as employees.

“Note: these IP addresses belong to routers that are all similar models; based on this activity, CISA suspects that these routers were likely exploited by the threat actor,” CISA explained.

[Related: Op-Ed: Keep your application’s secrets protected]

Liam Garman

Liam Garman

Liam Garman is the managing editor of professional services, real estate and security at Momentum Media. He began his career as a speech writer at New South Wales Parliament before working for world leading campaigns and research agencies in Sydney and Auckland. Throughout his career, Liam has managed and executed international media campaigns spanning politics, business, industrial relations and infrastructure. He’s since shifted his attention to writing on politics and business, and holds a Bachelor of Commerce from the University of Sydney and a Masters from UNSW Canberra with a thesis on postmodernism and media ecology. 

You need to be a member to post comments. Become a member for free today!

Comments (0)

Cyber Daily Comments
Attach images by dragging & dropping or by selecting them.
The maximum file size for uploads is MB. Only files are allowed.
 
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
Posting as

    newsletter
    cyber daily subscribe
    Be the first to hear the latest developments in the cyber industry.