VERT Alert: SolarWinds Supply Chain Attack

Vulnerability Description

The United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software [1]. The attacks have been ongoing since at least March 2020 and CISA has warned that many high-value targets within government, critical infrastructure, and the private sector have been compromised. Private security firm FireEye has also disclosed that the attackers were able to steal their private collection of hacking tools and techniques used for security audits [2].

Exposure and Impact

Successful compromise through the SolarWinds Orion backdoor could lead to complete compromise of a…


Source link

About coldfusion

Check Also

Department of Energy To Revisit Cold Fusion – Space Daily

Department of Energy To Revisit Cold Fusion – Space Daily

[unable to retrieve full-text content]Department of Energy To Revisit Cold Fusion  Space Daily Source link

Leave a Reply

Your email address will not be published. Required fields are marked *