unlambda, 1 month ago

@jgoerzen It's amazing how extensive the Microsoft/SolarWinds/VMWare attack was (note that this was a multi-vendor supply chain attack): https://en.wikipedia.org/wiki/2020_United_States_federal_government_data_breach

Also, absolutely absurd that SolarWinds tried to blame this on things like an 'intern [...] using an insecure password ("solarwinds123") on their update server'; how was an intern ever allowed to do such a thing, an intern should be getting proper guidance and security review, not solely responsible for setting up an update server.