Common Information
| Type | Value |
|---|---|
| Value |
Supply Chain Compromise - T1195 |
| Category | Attack-Pattern |
| Type | Mitre-Enterprise-Attack-Attack-Pattern |
| Misp Type | Cluster |
| Description | Supply chain compromise is the manipulation of products or product delivery mechanisms prior to receipt by a final consumer for the purpose of data or system compromise. Supply chain compromise can take place at any stage of the supply chain including: * Manipulation of development tools * Manipulation of a development environment * Manipulation of source code repositories (public or private) * Manipulation of software update/distribution mechanisms * Compromised/infected system images (multiple cases of removable media infected at the factory) * Replacement of legitimate software with modified versions * Sales of modified/counterfeit products to legitimate distributors * Shipment interdiction While supply chain compromise can impact any component of hardware or software, attackers looking to gain execution have often focused on malicious additions to legitimate software in software distribution or update channels. (Citation: Avast CCleaner3 2018) (Citation: Microsoft Dofoil 2018) (Citation: Command Five SK 2011) Targeting may be specific to a desired victim set (Citation: Symantec Elderwood Sept 2012) or malicious software may be distributed to a broad set of consumers but only move on to additional tactics on specific victims. (Citation: Avast CCleaner3 2018) (Citation: Command Five SK 2011) Detection: Use verification of distributed binaries through hash checking or other integrity checking mechanisms. Scan downloads for malicious signatures and attempt to test software and updates prior to deployment while taking note of potential suspicious activity. Perform physical inspection of hardware to look for potential tampering. Platforms: Linux, Windows, macOS Data Sources: Web proxy, File monitoring |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-07 | 9 | Category | ||
| Details | Website | 2024-11-06 | 0 | Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-11-05 | 0 | Food and Ag-ISAC publishes cyber threat report, broadens scope beyond ransomware | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-01 | 3 | Lateral Movement in Recent Cybersecurity Breaches | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-31 | 3 | Lateral Movement in Recent Cybersecurity Breaches | ||
| Details | Website | 2024-10-31 | 9 | Satori Threat Intelligence Alert: Phish ’n’ Ships Fakes Online Shops to Steal Money and Credit Card Information | ||
| Details | Website | 2024-10-31 | 0 | LottieFiles hit in npm supply chain attack targeting users' crypto | ||
| Details | Website | 2024-10-31 | 1 | LottieFiles hacked in supply chain attack to steal users’ crypto | ||
| Details | Website | 2024-10-30 | 0 | 5 Reasons Why Risk-Based Vulnerability Management Matters in OT | Dragos | ||
| Details | Website | 2024-10-25 | 0 | Cybersecurity Threats in 2024: What Every Business Should Watch For | ||
| Details | Website | 2024-10-21 | 6 | Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain | ||
| Details | Website | 2024-10-21 | 6 | Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain - RedPacket Security | ||
| Details | Website | 2024-10-21 | 6 | Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-21 | 0 | Seven Cybersecurity Tips to Protect Your Retail Business This Holiday Season | Imperva | ||
| Details | Website | 2024-10-21 | 18 | The Silent Game: Sophisticated Threat Actors Targeting Gambling Industry | ||
| Details | Website | 2024-10-17 | 0 | The Shifting Landscape of OT Incident Response | Dragos | ||
| Details | Website | 2024-10-15 | 3 | Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems - CyberSRC | ||
| Details | Website | 2024-10-11 | 1 | Biggest Manufacturing Industry Attacks 2024 - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2024-10-11 | 1 | Biggest Manufacturing Industry Attacks 2024 | ||
| Details | Website | 2024-10-10 | 27 | Russian SVR Exploiting Unpatched Vulnerabilities in Global Cyber Campaign | ||
| Details | Website | 2024-10-09 | 6 | malware Investigation: A Cross-Platform Approach | ||
| Details | Website | 2024-10-01 | 11 | VirusTotal 101: A Beginner’s Guide to File Analysis and Threat Detection | ||
| Details | Website | 2024-09-24 | 3 | SaaS Data Breaches on the Rise | ||
| Details | Website | 2024-09-23 | 0 | Supply Chain Attacks, Cybersecurity Threats, and Legal Battles Highlight Growing Global Security… | ||
| Details | Website | 2024-09-23 | 0 | North Korean Hackers Poison Python Packages: A New Threat for Software Developers |