Saudi IT providers hit by supply chain attacks

Researchers at cybersecurity company Symantec have uncovered a new threat group dubbed 'Tortoiseshell' that is attacking IT providers. The research has identified 11 targets, most of them in Saudi Arabia. In two cases hundreds of hosts were infected, probably because the attackers were hunting for machines that were of particular interest. The authors of the report note, "This is an unusually large number of computers to be compromised in a targeted attack. It is possible that the attackers were forced to infect many machines before finding those that were of most interest to them." The group uses both custom and… [Continue Reading]