North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack

In July 2023, Mandiant Consulting responded to a supply chain compromise affecting a US-based software solutions entity. Mandiant researchers believe the compromise ultimately began as a result of a sophisticated spear phishing campaign aimed at JumpCloud, a zero-trust directory platform service used for identity and access management.

JumpCloud reported this unauthorized access impacted fewer than five customers and less than 10 devices.The details in this blog post are based on Mandiant’s investigation into the attack against one of JumpCloud’s impacted customers.

Read more…
Source: Mandiant