SUPERNOVA exploited an authentication bypass vulnerability in the SolarWinds Orion software and targeted SolarWinds customers directly
Before the ink was even dry on the SUNBURST headlines, another threat campaign (“SUPERNOVA”), run by a different threat actor, was discovered.
This paper addresses the SolarWinds authentication bypass vulnerability, how SUPERNOVA exploits that vulnerability, and one way organizations can protect themselves against attacks like SUPERNOVA.