Following the disclosure of the SolarWinds supply-chain compromise in December 2020, details continue to emerge about the scale of the attack. Four cyber-security companies have recently been added to the count of affected organizations: Palo Alto Networks, Qualys, Fidelis, and Mimecast. The ongoing investigation suggests that the scale and ramifications of the SolarWinds attack are still yet to be determined. The allegedly Russia-linked attackers will almost certainly continue to use access provided by the trojanized SolarWinds Orion Platform software to conduct more attacks. As with many supply-chain compromises, this incident seems to have overwhelmingly targeted technology providers.
Digital Shadows
Threat Intelligence and Digital Risk Protection Resources
