SolarWinds

The SolarWinds cyberattack, attributed to Russian Foreign Intelligence Service (SVR) APT group, represents one of the most significant and sophisticated cybersecurity breaches. This campaign exploited the SolarWinds Orion software, through which the attackers inserted malicious code into the software's updates sent to thousands of customers. The breach enabled extensive surveillance and data exfiltration capabilities, impacting numerous high-profile organizations globally, including US government agencies and major corporations. The attackers gained access to sensitive information, including national security data, intellectual property, and enterprise secrets. The severity of the attack lies in its scope, the level of access obtained, and the duration of unnoticed activities, highlighting critical vulnerabilities in the supply chain security and the challenges in defending against state-sponsored cyber operations.

Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-110a

"id": "sol708050624",
"linkid": "solarwinds",
"type": "Vulnerability",
"date": "04/2022",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"