RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment
The Last Watchdog
MAY 11, 2021
I had assumed that they either stole or spoofed a SolarWinds digital certificate, which they then used to authenticate the tainted update. However, one possible scenario is that they obtained a targeted employee’s login credentials and then used that employee’s account to pivot to and take control of the build system, Pericin says.
Let's personalize your content