AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Cisa solarwinds4/1/2024 ![]() ![]() ![]() "CISA incident response investigations have identified that initial access in some cases was obtained by password guessing, password spraying, and inappropriately secured administrative credentials accessible via external remote access services ," the agency said on Wednesday. While no details were provided at the time, in an update to its original advisory posted this week, CISA said it finally confirmed that the SolarWinds hackers also relied on password guessing and password spraying as initial access vectors. The new developments come as CISA said last month in its initial advisory on the SolarWinds incident that it was investigating cases where the SolarWinds hackers breached targets that didn't run the SolarWinds Orion software. The US Cybersecurity and Infrastructure Security Agency (CISA) said today that the threat actor behind the SolarWinds hack also used password guessing and password spraying attacks to breach targets as part of its recent hacking campaign and didn't always rely on trojanized updates as its initial access vector.
0 Comments
Read More
Leave a Reply. |