As supply chain attacks continue to dominate headlines, software development teams are beginning to realize that package management can’t be taken lightly — the threats hidden under the hood are real. In this installment of The Source, we want to talk about the practices and tools that developers need to adopt in order to protect against supply chain attacks.
President Biden’s cybersecurity executive order from last month should cause little surprise for anyone following news headlines over the past year. The order is the U.S. Federal Government’s important response to a long list of incidents, starting with the SolarWinds attack and ending with a recent ransomware attack against Colonial Pipeline —- the largest known attack against a US energy firm.
The Splunk Threat Research team recently developed a new analytic story to help security operations center (SOC) analysts detect adversaries executing password spraying attacks against Active Directory environments. In this blog, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PurpleSharp, collect and analyze the Windows event logs, and highlight a few detections from the May 2021 releases.
Since many brick-and-mortar stores closed during the Covid-19 pandemic, online shopping has grown massively through 2020 and into 2021. Fraudsters have seized this opportunity to strike, with data breaches in 2020 exposing over 155.8 million records, which could be used fraudulently, in the US alone. Carding is one of the most common and costly types of online fraud.
It has been reported that the hack that took down the largest fuel pipeline in the United States and led to fuel shortages across the whole of the East Coast was the result of a single compromised password that was leaked on the Dark Web through a data breach. On April 29th 2021, hackers gained access to the network of Colonial Pipeline Co. via a Virtual Private Network (VPN) connection that allowed the hacker remote access to the corporate network.
Industries of all kinds make use of supply chain management software to automate their business processes. A supply-chain attack is an incident in which one or more people with malicious intent insert themselves into the flow of production, distribution, and/or system management. Supply Chain Attacks usually target manufacturers that create software or services for other companies who use those products while serving their end customers.
A cyberattack is expected to occur every 11 seconds in 2021 — nearly double the frequency just a year earlier. These incidents often involve breaches of sensitive proprietary information and cost the organizations involved millions of dollars. Despite all the resources being devoted to improving cybersecurity, new threats continue to arise faster than defense capabilities.