Blog Spotlight

todayDecember 17, 2021

Cyber security + Software Supply Chain Cybersecurity Shawn McManus

Log4shell – the newest vulnerability

Introduction On Thursday, December 9th, the vulnerability CVE-2021-44228 known as “Log4shell” was made public, sending large companies such as Twitter, Amazon, Google, Cloudflare, and many others in a rush to patch it before any damage could be done. Not only are large companies affected, but many applications and servers utilizing [...]

Top Voted Blog Posts
Sorry, there is nothing for the moment.

Software Supply Chain Cybersecurity

5 Results / Page 1 of 1

Background

todayJuly 9, 2021

  • 1785
close

Cyber security + Software Supply Chain Cybersecurity Daniel West

Software Supply Chain Targeting – Who Will The APTs Target Next?

Introduction After I saw the buzz about Kaseya on July 2nd, I decided it was time to start writing a blog post about targeting the supply chain.  Software supply chain “attacks” aren’t new, however, they will become much more mainstream now that there has been extended media coverage of the SolarWinds incident. You may have noticed a similar ...

Cyber security + Software Supply Chain Cybersecurity Daniel West / June 17, 2021

UNC2465 Software supply chain attack

Quick intel drop. FireEye has reported that the DarkSide affiliate, UNC2465, has infiltrated the website of “CCTVSecurityPros” and injected into one of their software downloads. Below are the details. FireEye Article: https://www.fireeye.com/blog/threat-research/2021/06/darkside-affiliate-supply-chain-software-compromise.html Joe’s Sandbox Report: https://www.joesandbox.com/analysis/432180/0/html  Malware for those of you who want to perform your own analysis: https://github.com/obscuritylabs/UNC2465/tree/main/21JUN2021_supplychainattack

todayMay 7, 2021

  • 1408
close

Service Line + MDR + Software Supply Chain Cybersecurity + Cyber security Daniel West

Post SUNBURST MDR, Zero Trust, and Deconfliction within the Supply Chain – A Case Example of a Broken Process

On April 22, 2021, many SOC’s and MDR services were going about their normal day-to-day operations, when some of us across the community received an alert from our EDR platforms for some or all the following Dell binaries: Filename MD5 Hash SHA-1 Hash SHA-256 Hash VirusTotal Dsapi.exe  52fdd8a255fd3d57b8ba3bb238306a32  90f76ea1907192720ec6a85301b0656004de78e6  9ae19f49304fbd27cf07a76e861f3288165bc809de20e32dd8f2dddda59066af  ...