SolarWinds: What Hit Us Could Hit Others

Krebs on Security 2021-01-12

Summary:

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company's software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company's software development pipeline could be repurposed against many other major software providers.

Link:

https://krebsonsecurity.com/2021/01/solarwinds-what-hit-us-could-hit-others/

From feeds:

Intel Hub ยป T04 Krebs on Security

Tags:

breach

Authors:

BrianKrebs

Date tagged:

01/12/2021, 19:06

Date published:

01/12/2021, 15:50