The software system management company SolarWinds was one of the major targets of software supply chain attacks, which aim to exploit third-party vendors or suppliers at any stage of the development lifecycle. Notable recent examples of this type of cyber threat include breaches at Kaseya, Codecov, Okta, GitHub, FishPig, and Log4j. To protect against such attacks, organizations are advised to keep an updated inventory of software assets, secure their endpoints, implement solid code integrity policies, and prepare an incident response plan.
Cyber defenders need to remember their adversaries are human, says Trellix research head
Nation-state actors and cybercriminals are increasingly overlapping, but they are still human and prone to errors. This vulnerability can be exploited, highlighting the importance of
