2021-02-01
Threat Actors Behind SolarWinds Used Multiple Attack Vectors
The acting director of the US Cybersecurity and Infrastructure Security Agency (CISA) says that “significant numbers of both the private-sector and government victims linked to this campaign had no direct connection to SolarWinds.” The threat actors multiple attack vectors. (Please note that the WSJ story is behind a paywall.)
Read more in
Security Week: CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds
SC Magazine: Does SolarWinds change the rules in offensive cyber? Experts say no, but offer alternatives
SC Magazine: As SolarWinds spooks tech firms into rechecking code, some won’t like what they find
WSJ: Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say (paywall)
Ars Technica: 30% of “SolarWinds hack” victims didn’t actually use SolarWinds