Episode 535: Dan Lorenc on Supply Chain Attacks
Software Engineering Radio - the podcast for professional software developers
00:00
SolarWinds Compromide - An Attack Against Solar Winds
The SolarWinds organization, it's a company that they make a whole bunch of different pieces of software. An attacker got a footprint on the actual build server. This is one where it waited some kind of random number of days after installation to avoid any immediate detection. And then it would start sniffing, collecting data and then uploading it to some endpoints.
Transcript
Play full episode
