Dark Web vendors shift to third parties, supply chains
Cyberattackers continue to attack a variety of technology supply chains — from open source software components to managed service providers — and increasingly, they are advertising their windfalls on Dark Web forums.
In March, for example, a threat actor posted details of an alleged compromise of Oracle Cloud to the BreachForums Dark Web site. The compromise — initially denied by Oracle — led to Oracle later notifying customers of a breach of two servers containing usernames and passwords. The hacker who originally posted information of the attack, “rose87169,” had published some information in the hope of attracting collaborators to decrypt some of the data.
The incident is one of three highlighted in a recent report published June 25 by security services firm Trustwave that shows the increased risks of cybercriminals targeting supply chains and sharing information on the Dark Web.
Read more at Dark Reading