Supply chain attack SolarWinds - SolarWinds APT Targets Tech Resellers in Latest Supply-Chain CyberattacksOriginal article: https://threatpost.com/...rs-supply-chain-cybe...
Visit Our Website:- https://www.youtube.com/watch?v=RMq8BN_RBRc
The SolarWinds attackers – an advanced persistent threat (APT) known as Nobelium – have started a new wave of supply-chain intrusions, this time using the technology reseller/service provider community to attack their targets.
The activity has affected victims in North America and Europe thus far, researchers said, and the goal is espionage: Nobelium has been linked to the Russian government’s foreign intelligence service, known as SVR.
According to an analysis from Mandiant and Microsoft, Nobelium isn’t exploiting a vulnerability or, as was the case with SolarWinds, trojanizing legitimate code.
Instead, it’s infiltrating reseller networks using tried-and-true tactics like credential-stuffing and phishing, as well as API abuse and token theft, in order to gather legitimate account credentials and privileged access to reseller networks.