The National Security Agency has issued new, non-public guidance to defense agencies and contractors in the wake of the ongoing SolarWinds supply chain cyberattack, while the Pentagon is reviewing whether the compromise affected its networks. Updates to SolarWinds Orion products released between March and June "are currently being exploited by malicious actors," the Cybersecurity and Infrastructure Security Agency said in a rare emergency directive released Monday. "This tactic permits an attacker to gain access to network traffic management systems.” The...
