SolarWinds supply chain attack, in which hackers (believed to be working for Russia) have tampered with software updates released by the company. Known victims of the attack so far include the US treasury, the US NTIA and FireEye itself.
I am left wondering if the "highly-sophisticated, targeted and manual supply chain attack" against Solarwinds was against an OSS library they used or targeted directly at the source code by an insider. https://t.co/Rxc4HrVNcw
— Jerry Gamblin (@JGamblin) December 14, 2020
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.