TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

SecurityWeek

Trellix Source Code Repository Breached

Eduard Kovacs · 1 day ago · Read original ↗

ATT&CK techniques detected

4 predictions
T1195.001Compromise Software Dependencies and Development Tools
99%
“trust in software development and security infrastructure, compromising ci / cd pipelines to distribute trojanized updates and malicious extensions, which enabled large - scale exfiltration of credentials and source code from affected enterprise environments. related : sap npm pa…”
T1195.001Compromise Software Dependencies and Development Tools
97%
“trellix source code repository breached cybersecurity company trellix says a part of its source code repository was recently breached, but shared little other information about the incident. trellix said it has been working with forensic experts to investigate the intrusion, and …”
T1195.002Compromise Software Supply Chain
55%
“trellix source code repository breached cybersecurity company trellix says a part of its source code repository was recently breached, but shared little other information about the incident. trellix said it has been working with forensic experts to investigate the intrusion, and …”
T1195Supply Chain Compromise
48%
“trellix source code repository breached cybersecurity company trellix says a part of its source code repository was recently breached, but shared little other information about the incident. trellix said it has been working with forensic experts to investigate the intrusion, and …”

Summary

The cybersecurity firm’s investigation has not found any impact on its source code release or distribution process. 

The post Trellix Source Code Repository Breached appeared first on SecurityWeek.