Expert Insight On Latest Chinese Hackers Exploiting SolarWinds Bug

By   ISBuzz Team
Writer , Information Security Buzz | Feb 04, 2021 07:40 am PST

It was recently reported that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among organisations affected by the SolarWinds bug, fearing the date of government employees may have leaked. This exploitation is believed to be from Chinese group which is separate to the incident where United States balmed Russia for SolarWinds compromised

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Tim Erlin
Tim Erlin , VP of Product Management and Strategy
February 4, 2021 3:45 pm

<p><span lang=\"EN-US\">This attack seems to be an example of more traditional vulnerability exploitation. The attackers discovered a vulnerability in the software an organisation was running and exploited it. Their attack didn’t involve compromising the supply chain.</span></p> <p> </p> <p><span lang=\"EN-US\">While we’re all focused on the complexity of protecting against supply-chain attacks, it’s important to remember that there are still other software vulnerabilities out there that attackers might exploit. Unfortunately, we can’t shift our focus to the supply chain, we can only add it to the threat model as another avenue for attack to worry about.</span></p>

Last edited 3 years ago by Tim Erlin

Recent Posts

Would love your thoughts, please comment.x