Security Advisory

Threat Actors Secretly Embedded a Malicious Code(Sunburst) in Update

Tech Hive Security Advisory Series Volume 1. Issue 1

Upon download, Sunburst communicated with the hackers' malicious server to aid the identification of the victims. After that, the hackers chose the victims of interest, some of which included, Microsoft, FireEye, Cisco, United States Department of Homeland Security, etc.

This led to the compromise of the victims' assets both on cloud and on premises while also enabling the hackers to spy on the organization and access data. One of the lasting effects of this is that many threat actors will duplicate this type of supply chain attack due to its success rate.