A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the app’s legitimate installer the unsuspecting carrier of a malicious payload. The attack seemed like just another example of how cybercriminals can sneak in malware using everyday normal processes.
The plot twist: The app vendor’s systems were unaffected. The compromise was traceable instead to a second software vendor that hosted additional packages used by the app during installation. This turned out to be an interesting and unique case of an attack involving “the supply chain of the supply chain”.
Read the full blog post here: Attack inception: Compromised supply chain within a supply chain poses new risks
Updated Jul 31, 2018
Version 2.0Lior Ben Porat
Microsoft
Joined July 30, 2018
Microsoft Defender for Endpoint Blog
Microsoft Defender for Endpoint disrupts ransomware with industry-leading endpoint security, providing comprehensive protection across all platforms and devices.
When evaluating various solutions, your peers value hearing from people like you who’ve used the product. Review Defender for Endpoint by filling out a Gartner Peer Insights survey and receive a $25 USD gift card (for customers only). Here are the Privacy/Guideline links: Microsoft Privacy Statement, Gartner’s Community Guidelines & Gartner Peer Insights Review Guide.