A new analysis of the SolarWinds breach suggests that the attacker infrastructure behind the campaign is far larger than first believed.
The catastrophic SolarWinds security incident involved the compromise of the vendor’s network and later the deployment of malicious SolarWinds Orion updates to clients that contained a backdoor called Sunburst.
Sunspot, designed to monitor the SolarWinds build server for Orion assembly, was also found in January by CrowdStrike and is thought to be one of the preliminary tools used to pull off the attack.
Read more…
Source: ZDNet