A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware

An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments.
According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that’s used to interface with all other Orion system monitoring and management products suffers from a security flaw
Source de l’article sur The Hacker News