Modern attacks targeting supply chains, using zero-day exploits, and exploiting vulnerabilities in security appliances have been flooding newsrooms, boardrooms and threat reports in recent months. Some examples have been unique and interesting, including the 3CX software supply chain compromise linked to Trading Technologies software supply chain compromise, and the supply chain compromise of JumpCloud that was made possible by a sophisticated spear phishing campaign. Other examples have been slightly more traditional, such as exploitation of vulnerabilities in security appliances such as
Article Link: Revisiting Traditional Security Advice for Modern Threats | Mandiant