Security pros say targeting source code will continue because it lets attackers identify new bugs and inject their own malware into the software supply chain.
Intrusions by TA4903, which have ramped up since the second half of last year, involved the delivery of malicious PDF document attachments spoofing government entities.
Organizations have been subjected to attacks by initial access broker TA577, also known as Hive0118, aimed at exfiltrating Windows NT LAN Manager authentication data.
Cybersecurity experts have lauded the National Institute of Standards and Technology's newly released Cybersecurity Framework 2.0 for expanded coverage and additional resources.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.