ZDNet

SolarWinds security fiasco may have started with simple password blunders

You can't make this stuff up. A Goldin Solutions representative, a crisis-response PR firm, now claims, however, that SolarWinds has "determined that the credentials ...
Threat Post

Second SolarWinds Attack Group Breaks into USDA Payroll — Report

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. There had been hints that a second group of malicious actors may have exploited a SolarWinds bug to ...
TechRadar

Another top VPN is reportedly being used to spread SolarWinds hack

Threat actors used the Pulse Secure VPN appliance to install the Supernova webshell in a victim’s SolarWinds Orion server, and collect user credentials without permission, a new warning has said.
Threat Post

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor

Microsoft is warning that the Nobelium APT is compromising single-sign-on servers to install a post-exploitation backdoor that steals data and maintains network persistence. The threat actors behind ...