urlscan.io logo urlscan.io
SecurityTrails logo

fortressinfosec.com Open in urlscan Pro
54.82.6.133  Public Scan

Back to summary
Submitted URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVscd42gL9pgW2mq7FG8Txy6PVrHz2f4C7R6qN5QLhTp3lScmV1-WJV7CgzHSW6vkckF5FWdPPW4...
Effective URL: https://fortressinfosec.com/whitepapers/white-paper-patch-poisoning/?utm_medium=email&_hsmi=196208358&_hsenc=p2ANqtz-9BoBYDa...
Submission: On December 16 via api from IE — Scanned from DE

Form analysis 0 forms found in the DOM

Text Content

THREAT ALERT: CVE-2021-44228 is a critical vulnerability resulting in Remote
Code Execution (RCE). 

Read Fortress's response to the recent Log4j exploit.
 * Company
   Back AboutLeadershipContact
 * Careers

 * Sectors
   Back
   Sectors
   
   Fortress operates in critical sectors where threats to the connected asset
   ecosystem are the most critical.
   
   By Industry
   
   
   
   Energy
   
   Fortress helps protect critical infrastructure for North American power
   companies
   
   Government Solutions
   
   Securing the supply chain is essential to our national security
   
   Manufacturing/OEM
   
   The digital transformation and a large supply chain brings increased risk
   
   Oil & Gas
   
   Fortress' solutions help protect the complex ecosystem from catastrophic
   risks
   
   Healthcare
   
   Advances in healthcare are coming at lightning speed, and so are the risks
   
   
 * Solutions
   Back
   Solutions
   
   Browse this section to learn about all the ways in which we can work with you
   to bolster your critical infrastructure cybersecurity
   
   Portfolio of Solutions
   
   
   
   Fortress Platform
   
   Fortress Platform integrates with leading security platforms and procurement
   systems to provide industry-leading third-party risk management and asset
   risk management services.
   
   Asset to Vendor Network
   
   Join our sharing model to receive instant industry information and the latest
   in emerging requirements
   
   File Integrity Assurance
   
   Learn more about our proprietary software that provides supply chain
   integrity and identifies threats in application patches and updates
   
   Supply Chain Risk Management
   
   Our Supply Chain Risk Management services prevent security breaches and
   ensure regulatory compliance through end-to-end assessment services and
   continuous monitoring.
   
   Asset Vulnerability Management
   
   Our asset vulnerability management services begin with visibility and end
   with security – leaving you confident in the integrity of the technology that
   accesses your operations.
   
   
 * News & Events
   Back NewsEvents
 * Resources
   Back PodcastsArticles & Press ReleasesWhite Papers & ReportsBlog
 * Contact

WHITE PAPER


PATCH POISONING- SOFTWARE SUPPLY CHAIN ATTACK DETECTION AND PREVENTION


View Paper

ABSTRACT

As the prevalence of software supply chain attacks has escalated, recently
highlighted by the SolarWinds Orion and Kaseya attacks, fears of future
incidents have gripped the industry. The purpose of this paper is to examine a
larger sample of software supply chain attacks, in an attempt to gauge how they
occur and can be detected using technical measures. 

In order to focus on the larger issue of technical deterrence, and to avoid
disagreements on which threat actors are responsible, this paper is not focused
on the topic of attribution. The techniques used to defend against these attacks
are irrelevant to their source, beyond the use of geo-IP based active blocking,
like that commonly employed by commercial firewalls and similar protection
methods. Attribution is a valuable data point for defenders but is beyond the
scope of this analysis. Furthermore, the behavior of the malware once it
exploits the target is largely unimportant to this analysis, as the goal is to
review likely indicators prior to installation into victim environments.

 

INTRODUCTION

A patch poisoning attack is a type of supply chain attack compromising a
software product by introducing malicious code into a patch for that product.
Many organizations are vulnerable to this type of attack as most software used
today is complex, including third-party software components that may be largely
unknown to the software publisher. All software, including third-party software,
requires frequent communication with the software supplier to provide updates
and fix known vulnerabilities. This method of attack exploits the inherent trust
between software suppliers and any consumers of that software, including
end-users, internal development, and other software vendors. 



189 S. Orange Ave, Ste 1950, Orlando, FL 32801

(407) 573-6800

sales@fortressinfosec.com



© 2021, Fortress Information Security. All rights reserved.

Privacy Policy

This website uses cookies to improve your experience. By clicking "Accept", you
agree to this as outlined in our Privacy Policy. To change your preferences, or
opt out, please update your browser's cookie preferences.
Accept