Software Vendor Who Hid 'Supply Chain' Breach Outed

tsu doh nimh writes: Researchers at RSA released a startling report last week that detailed a so-called "supply chain" malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation's largest companies. This intrusion would probably not be that notable if the software vendor didn't have a long list of Fortune 500 customers, and if the attackers hadn't also compromised the company's update servers -- essentially guaranteeing that customers who downloaded the software prior to the breach were infected as well. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure as a page inside of its site -- not linking to it anywhere. Brian Krebs went and dug it up. Spoiler: the product/vendor in question is EVlog by Altair Technologies Ltd.

Brian Krebs is awesome, I'm a big fan.

He's part simple-terms reporter for laypeople, part techie, part detective, part regular guy on the internet. Cheers to Brian for another successful dig!

I'm really glad he didn't just fold up and go away after the DDOS campaign against him.