RevaUlt, a company marketing itself on advanced endpoint protection and next-generation SOC capabilities, recently suffered a severe security breach. The attackers penetrated its internal environment, exploiting vulnerabilities in the architecture used for their supposed secure SOC platform.
The compromise was discovered after suspicious activity was detected both within the RevaUlt corporate network and among several client deployments, suggesting a supply chain dimension to the attack as well.
Attack mechanics
The attackers leveraged persistence techniques and privilege escalation to move laterally through RevaUlt’s infrastructure, ultimately acquiring administrative access to sensitive SOC data. The breach included the exfiltration of client logs, incident reports, and in some cases, authentication secrets used by RevaUlt for remote management of client environments.
Attackers used sophisticated anti-forensic
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: