Supernova malware actors masqueraded as remote workers to access breached network
Members of an advanced persistent threat (APT) group, masquerading as teleworking employees with legitimate credentials, accessed a US organization’s network and planted a backdoor called Supernova on its SolarWinds Orion server for conducting reconnaissance, domain mapping, and data theft. The attackers had access to the network for nearly one year, from March 2020 to February […]