Third-party incursions are yet another reminder of how fast and widely supply-chain assaults may spread, as seen most recently at Twilio and Mailchimp.
All of these cases have one thing in common – they were service supply chain assaults, which are intrusions in which the attackers used access granted to third-party services as a backdoor into the target companies’ critical core systems.
Hackers pay attention and return for more when an attack on one institution opens the door for prospective strikes on many more. Attacks involving phishing and social engineering are frequently used to acquire unauthorized access.
This amplification effect has led to an increase in attacks by third-party vendors. Hackers now have a way to reach more targets more reliably and successfully due to the level of access or data that is potentially exposed throughout the supply chain.
Companies are rapidly incorporating third-party apps into the fabric of their enterprise IT as digitalization and the rise in cloud-based, remote, or hybrid work progress to boost productivity and streamline business procedures. These linked apps increase productivity across the board, which is why they have gained so much attention recently.
Twilio suffered a phishing assault that affe
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: