Podcasts
Research Saturday
Ep 182
Research Saturday 5.8.21
Ep 182 | 5.8.21

SUPERNOVA activity and its possible connection to SPIRAL threat group.

Show Notes
Transcript

Guest Mike McLellan from Secureworks joins us to share his team's insights about SUPERNOVA and threat group attribution. Similarities between the SUPERNOVA activity and a previous compromise of the network suggest that SPIRAL was responsible for both intrusions and reveal information about the threat group.

In late 2020, Secureworks® Counter Threat Unit™ (CTU) researchers observed a threat actor exploiting an internet-facing SolarWinds server to deploy the SUPERNOVA web shell. Additional analysis revealed similarities to intrusion activity identified on the same network earlier in 2020, suggesting the two intrusions are linked. CTU™ researchers attribute the intrusions to the SPIRAL threat group. Characteristics of the activity suggest the group is based in China.

The research can be found here:

Research Saturday
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Saturdays
Creator: CyberWire, Inc.
Research Saturday
ADVERTISEMENT
ExtraHop
ExtraHop

ExtraHop provides cyber analytics for the hybrid enterprise. Using wire data and machine learning for real-time threat detection and investigation from Core to Cloud, ExtraHop delivers unprecedented visibility, definitive insights, and immediate answers so security teams can act with confidence. Learn more at ExtraHop.

Verizon
Verizon

Verizon, a leader in cybersecurity managed and professional services for nearly two decades, can help optimize defenses and achieve maximum return on security investments. From secure Cloud computing solutions to advanced detection and response capabilities, Verizon helps secure data, networks and infrastructure of many of the world’s best-known organizations. Learn more.