FYSA
CISA has released Malware Analysis Report MAR-10319053-1.v1 – SUPERNOVA
(TLP:WHITE), available on the CISA/US-CERT website at the following URL:
https://us-cert.cisa.gov/ncas/analysis-reports/ar21-027a. A copy of the STIX ;
file (IOCs) is available at this URL:
https://us-cert.cisa.gov/sites/default/files/publications/MAR-10319053-1.v1.WHITE_stix.xml.
MAR-10319053-1.v1 provides analysis of several malicious artifacts affecting
SolarWinds. SUPERNOVA is not embedded within the Orion platform; a threat actor
places the malware on a system hosting SolarWinds Orion.
CISA has also published CISA Ransomware Awareness Campaign Fact Sheet
(TLP:WHITE) to the following URL:
https://www.cisa.gov/publication/ransomware-awareness-campaign-fact-sheet. A ;
copy is attached for your reference.
Theresa A. Masse
Cyber Security Advisor, Region X (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671 Email:
theresa.masse@xxxxxxxxxxxx<mailto:theresa.masse@xxxxxxxxxxxx>
[cid:image002.png@01D6F499.8582E510]
Attachment:
CISA_Ransomware Awareness Campaign_fact sheet_TLPWHITE.pdf
Description: CISA_Ransomware Awareness Campaign_fact sheet_TLPWHITE.pdf