US Cybersecurity and Infrastructure Security Agency (CISA) reveals the cyber criminals behind the SolarWinds hack used password spraying attacks and password guessing to breach targets in its recent hacking campaign and did not always rely on trojanized updates as the initial access vector.
CISA, in its initial advisory on the SolarWinds incident in December had said it was investigating cases where the threat actors breached targets that didn’t run the SolarWinds Orion software.
To Read More: CISA: SolarWinds hackers also used password guessing to breach targets
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates
