CISA: SolarWinds hackers also used password guessing to breach targets
CISA said that the threat actor behind the SolarWinds hack also used password guessing and password spraying attacks to breach targets as part of its recent hacking campaign and didn’t always rely on trojanized updates as its initial access vector.