Explores strategies for securing supply chains against cyberattacks, including vendor vetting, integrity verification, and monitoring practices. Covers real-world breaches and lessons learned to help organizations protect interconnected systems from compromise.
posts
The Breach That Didn't Start With You In early 2024, a massive data breach at Change Healthcare — a subsidiary of UnitedHealth Group — disrupted the entire U.S. healthcare payment system for weeks. The root cause? A threat actor exploited compromised credentials on a remote access portal that lacked
The Breach That Didn't Start With You In 2023, the MOVEit Transfer vulnerability gave threat actors a master key to thousands of organizations — not through their own systems, but through a single third-party file transfer tool. Over 2,600 organizations and 77 million individuals were impacted, according to
A Trusted Software Update Became the Biggest Backdoor in History In December 2020, FireEye disclosed that threat actors had compromised SolarWinds Orion — a network monitoring platform used by 33,000 organizations, including multiple U.S. federal agencies. The attackers embedded malicious code into a routine software update. Every organization that
The Breach That Didn't Start With You In February 2024, Change Healthcare — a subsidiary of UnitedHealth Group — suffered a ransomware attack that disrupted healthcare payment processing across the entire United States for weeks. The threat actor didn't breach UnitedHealth directly. They compromised a vendor system that
In March 2023, the Cybersecurity and Infrastructure Security Agency (CISA) issued emergency directives related to the 3CX supply chain compromise — a desktop phone app used by over 600,000 organizations globally. Threat actors had trojanized the software update itself, meaning every company that trusted the vendor's legitimate update
The Breach That Didn't Start With You In January 2023, Mailchimp disclosed its second breach in under a year — this time through a social engineering attack on an employee. But the real damage radiated outward. Every company using Mailchimp as a vendor suddenly had a problem they didn&
When Trusted Tools Become Trojan Horses In April 2021, security researchers at Kaspersky documented a campaign where threat actors took software that had been removed legitimate from vendor websites — discontinued, deprecated, or pulled due to vulnerabilities — and repackaged it with embedded malware. The attackers then hosted these poisoned versions on
In 2023, a single compromised file transfer tool — MOVEit — cascaded into breaches affecting over 2,600 organizations and roughly 90 million individuals. The threat actor, the Cl0p ransomware group, didn't need to hack each victim directly. They exploited one vendor, and the dominoes fell. That's third
The Breach That Didn't Start With You In 2023, the MOVEit Transfer vulnerability didn't just hit Progress Software. It cascaded through thousands of organizations — government agencies, banks, healthcare systems — because those organizations trusted a single vendor's file transfer tool. Over 2,600 organizations and
In December 2020, security firm FireEye disclosed that threat actors had compromised SolarWinds' Orion software platform — and with it, roughly 18,000 organizations that installed a poisoned update. Government agencies, Fortune 500 companies, and critical infrastructure operators all got hit through a single trusted vendor. That's the
