supply-chain Archives

Lessons Learned from Supply Chain Hardening Project

International supply chain hardening projects can be an immense undertaking for an organisation. Through experience, observation and participation, there are key factors for success as well as the need for flexibility and appropriate resourcing for the exercise. Cyjax has recently published a white paper detailing an example of an international supply chain hardening project which …

Lessons Learned from Supply Chain Hardening Project Read More »

SolarWinds Saga – Where Do We Stand?

Blog / By William Thomas

The investigation into the SolarWinds supply-chain attack continues apace. In this follow-up to our previous blog published in the immediate aftermath of the attack (see here), we cover some of the major discoveries concerning what is quickly becoming one of the costliest cyberattacks in history, both monetarily and in terms of intelligence lost. The current …

SolarWinds Saga – Where Do We Stand? Read More »

SolarWinds Supply Chain Attack: Summary and Analysis

Blog / By William Thomas

One of the biggest network management systems (NMS) in the USA, SolarWinds, announced on 14 December that it was breached in a ‘highly sophisticated’ supply chain attack. SolarWinds’ Orion platform, used to monitor network devices and critical servers, had its update server compromised to push Trojanised DLL files dubbed SUNBURST or Solorigate. These malicious DLLs …

SolarWinds Supply Chain Attack: Summary and Analysis Read More »

Cyjax’s Top 10 of 2020

Blog / By William Thomas

2020 has seen a wide range of attacks and the evolution of the threat landscape. Ransomware attacks have dominated the headlines, alongside state-sponsored APT groups targeting the global COVID-19 response effort. New threat actors have emerged, and well-established groups have persisted undeterred, using upgraded tactics, techniques, and procedures (TTPs). #1 Global malicious email campaigns Throughout …

Cyjax’s Top 10 of 2020 Read More »