By Michael Hawkins, Posted in Security
The SolarWinds hack provides an interesting insight into how the supply chain can be used as part of a multi-pronged attack. The ingenuity of the bad actors was on full display as they successfully infiltrated, compromised, and manipulated the SolarWinds software update service. With that manipulation in place, the bad actors had the perfect attack vector for bypassing traditional security controls. Inbound firewall rules provided no protection, since the SolarWinds servers reached outward to reach the upda... read more.