CISA Incident Response to SUPERNOVA Malware

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

America's Cyber Defense Agency

CISA has released AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response to provide analysis of a compromise in an organization’s enterprise network by an advance persistent threat actor. This report provides tactics, techniques, and procedures CISA observed during the incident response engagement.

CISA encourages organizations to review AR21-112A for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Incident Response to SUPERNOVA Malware

Please share your thoughts

Cisco Releases Security Advisories for Cisco Integrated Management Controller

CISA Releases Three Industrial Control Systems Advisories

Oracle Releases Critical Patch Update Advisory for April 2024

CISA and Partners Release Advisory on Akira Ransomware

CISA Incident Response to SUPERNOVA Malware

Please share your thoughts

Related Advisories

Cisco Releases Security Advisories for Cisco Integrated Management Controller

CISA Releases Three Industrial Control Systems Advisories

Oracle Releases Critical Patch Update Advisory for April 2024

CISA and Partners Release Advisory on Akira Ransomware