Security News > 2020 > December > Supply Chain Attack: CISA Warns of New Initial Attack Vectors Posing 'Grave Risk'
The U.S. government on Thursday added a new wrinkle to the global emergency response to the SolarWinds software supply chain attack, warning there are "Additional initial access vectors" that have not yet been documented.
As the incident response and threat hunting world focuses on the SolarWinds Orion products as the initial entry point for the attacks, the Cybersecurity and Infrastructure Security Agency added a note to its advisory to warn of the new information.
"This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations," CISA noted.
The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged.
The victims of the supply chain attack include several U.S. government organizations and, according to FireEye, many organizations in the government, technology, consulting, extractive and telecom sectors in North America, Europe, the Middle East and Asia.
News URL
Related news
- Israel’s Pager Attacks and Supply Chain Vulnerabilities (source)
- Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)