Solarwinds, a provider of IT management software was recently breached by malware known as SUPERNOVA. In response to the attack, Solarwinds released an update to their Orion Platform.
Earlier this December, an announcement outlining the cyberattack on Solarwinds was released to the public. The cyberattack took the form of SUNBURST, a backdoor malware hidden inside the Solarwinds automatic update features. Acting quickly, Solarwinds dealt with the SUNBURST attack but further analysis by Palo Alto and Microsoft found another malicious program, SUPERNOVA, among the files as well.
Partners only received a full analysis SUPERNOVA on the 24th, as detailed in their security advisory. It explains,
The same day, Solarwinds updated their software with multiple patches to both protect from SUNBURST and SUPERNOVA, their most recent update being released on the 27th. Solarwinds encourages customers to update/upgrade their software and if unable to do so, Solarwinds provided a script that can be quickly installed to safeguard against further SUNBURST and SUPERNOVA attacks.
Solarwinds outlines their report on the issue with,
Read the Solarwinds response here.