Source |
Mandiant |
Identifiant |
8377335 |
Date de publication |
2023-07-24 07:00:00 (vue: 2023-09-01 14:42:09) |
Titre |
La Corée du Nord exploite le fournisseur SaaS dans une attaque de chaîne d'approvisionnement ciblée North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack |
Texte |
En juillet 2023, Mandiant Consulting a répondu à un compromis de la chaîne d'approvisionnement affectant une entité de solutions logicielles basée sur les États-Unis.Nous pensons que le compromis a finalement commencé à la suite d'une campagne sophistiquée de phishing de lance destinée à JumpCloud, un service de plate-forme d'annuaire zéro-frust utilisé pour la gestion de l'identité et de l'accès.JumpCloud a rapporté que cet accès non autorisé a eu un impact inférieur à moins de cinq clients et moins de 10 appareils./ span>
mandiant a attribué ces intrusions à
In July 2023, Mandiant Consulting responded to a supply chain compromise affecting a US-based software solutions entity. We believe the compromise ultimately began as a result of a sophisticated spear phishing campaign aimed at JumpCloud, a zero-trust directory platform service used for identity and access management. JumpCloud reported this unauthorized access impacted fewer than five customers and less than 10 devices.The details in this blog post are based on Mandiant\'s investigation into the attack against one of JumpCloud\'s impacted customers.
Mandiant attributed these intrusions to |
Envoyé |
Oui |
Condensat |
2023 access affecting against aimed are attack attributed based began believe blog campaign chain compromise consulting customers details devices directory entity fewer five identity impacted intrusions investigation july jumpcloud korea less leverages saas management mandiant north one phishing platform post provider in a reported responded result service software solutions sophisticated spear supply targeted supply than these trust ultimately unauthorized used zero |
Tags |
|
Stories |
|
Notes |
★★★
|
Move |
|