SolarWind’s Data Breach – Update
Some of the information stolen from the various companies after the hack into Solarwinds is now up for sale.
What’s on the shelf:
- Microsoft Information (Partial Source Code) for $ 600k
- Cisco Information (source code for some products) for $ 500k
- SolarWinds information (source code of the entire product) for $ 200k.
- FireEye Information (Red Team Assault Tool) for $ 50k.
Oh, and there is a sale … a package of all the above information for a million dollars.
WIIFM (What’s in it for me)
Beware: the next wave of ransomware and malware will not be recognized by antivirus which means that if you install it, the hackers will have 6 to 9 months of data
WSID2P (What should I do to protect)
Be aware. They are coming for you, and they’ll use any trick in the book for it.
Get informed and Start to protect your company now.
( Source: http://solarleaks.net/)
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
🔗 Free Supply Chain Risk Checkers You’ll Actually Use 🔗
Supply chain attacks are skyrocketing – and a single weak link can cost millions. The good news? There are free tools CISOs can use immediately to monitor suppliers, dependencies, and third-party risks.
Here are the top free supply chain risk checkers:
1️⃣ RiskRecon Free Tier – Evaluate vendor security posture and get actionable insights.
🔗 https://www.riskrecon.com/
2️⃣ OWASP Dependency-Check – Scans project dependencies for known vulnerabilities.
🔗 https://owasp.org/www-project-dependency-check/
3️⃣ Sonatype OSS Index – Identifies vulnerable open-source components in your software supply chain.
🔗 https://ossindex.sonatype.org/
4️⃣ CISA Supplier Risk Resources – Free guidance and tools for assessing critical suppliers.
🔗 https://www.cisa.gov/supply-chain
5️⃣ Snyk Free Tier – Detects vulnerabilities in open-source dependencies and container images.
🔗 https://snyk.io/
6️⃣ WhiteSource Bolt (Free) – Integrated vulnerability scanner for DevOps pipelines.
🔗 https://www.whitesourcesoftware.com/free-developer-tools/
7️⃣ CycloneDX Tools – Open-source Software Bill of Materials (SBOM) generation for tracking components.
🔗 https://cyclonedx.org/tools/
⚡ Takeaway: These tools help CISOs spot weaknesses, prioritize vendor mitigation, and reduce supply chain exposure – without waiting for expensive enterprise solutions.
At AUMINT.io, we simulate social engineering attacks targeting suppliers and employees to uncover hidden supply chain risks that purely technical tools miss.
🔗 Want to see your organization’s hidden weak links? Book a free demo
#SupplyChainSecurity #CISO #CyberSecurity #ThirdPartyRisk #AUMINT