Threat Post

Second SolarWinds Attack Group Breaks into USDA Payroll — Report

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. There had been hints that a second group of malicious actors may have exploited a SolarWinds bug to ...
ZDNet

Third malware strain discovered in SolarWinds supply chain attack

Cyber-security firm CrowdStrike, one of the companies directly involved in investigating the SolarWinds supply chain attack, said today it identified a third malware strain directly involved in the ...
ZDNet

CISA updates SolarWinds guidance, tells US govt agencies to update right away

The US Cybersecurity and Infrastructure Security Agency has updated its official guidance for dealing with the fallout from the SolarWinds supply chain attack. In an update posted late last night, ...
ProPublica

The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

ProPublica is a nonprofit newsroom that investigates abuses of power. Sign up to receive our biggest stories as soon as they’re published. As America struggles to assess the damage from the ...
Computer Weekly

SolarWinds patches two critical CVEs in Orion platform

Users of SolarWinds’ Orion networking platform – the service at the centre of the high-profile Solorigate/Sunburst attack – are once again being advised to patch their systems urgently following the ...