Cyber Security Company, Rapid7, Hit by Supply Chain Attack

摘要

Codecov, a San Francisco based company in the technology industry was recently made victim of a vast cyber security attack, likened to the SolarWinds attack, that has had a forceful and devastating effect, impacting users around the globe, including cyber security company Rapid7. The company Codecov is known for providing testing tools and code coverage, and reports that their Bash uploader script was manipulated, which effected their tools, including their CircleCi Orb, GitHub, and Codecov Bitrise. Which makes a supply chain attack of this size significant, not just to their business, but to the business of every company employing Codecov or associated technologies. The attackers responsible exploited Codecov software but used the organisation as a platform to compromise customer networks.