{"id":11616,"date":"2024-06-22T01:19:15","date_gmt":"2024-06-22T01:19:15","guid":{"rendered":"https:\/\/sekuritasit.com\/?p=11616"},"modified":"2024-06-22T01:19:15","modified_gmt":"2024-06-22T01:19:15","slug":"cprime-supply-chain-attack","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/","title":{"rendered":"CPrime Supply Chain Attack"},"content":{"rendered":"<p>What is the attack?FortiGuard Labs&#8217; Recon team is aware of communications on a cybercrime forum known as &#8216;BreachForums&#8217; with a Threat Actor (TA) known by the alias &#8216;IntelBroker.&#8217; This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the sensitive information by breaching a single, unnamed company that provides services to over 400 organizations, primarily in the US. The TA disclosed a list of over 400 organizations compromised. Based on this information and active exploitations, the FortiRecon team has ascertained that several of the compromised organizations are customers\/clients of MSP Cprime&#8217;s services and suspect an attack through their infrastructure to be the source of the attack.What is the recommended Mitigation?At this point, it is unclear what the attack vector into the MSP network was, or how onward access was gained into the victim organization network however; there have been mentions of access being gained to Github, Jira, and Confluence instances. At this point, Fortinet recommends increased vigilance to identify any unusual network or server activity. Fortinet customers could use FortiRecon\u2019s Digital Risk Protection (DRP) service to help counter attacks at the reconnaissance phase and significantly reduce the risk, time, and cost of later-stage threat mitigation. https:\/\/www.fortinet.com\/products\/fortirecon What FortiGuard Coverage is available?FortiGuard Labs&#8217; research team is currently investigating and monitoring this situation closely and will provide more information as it becomes available. FortiGuard Incident Response team can be engaged to help with any suspected compromise.<a href=\"https:\/\/fortiguard.fortinet.com\/threat-signal-report\/5476\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>What is the attack?FortiGuard Labs&#8217; Recon team is aware of communications on a cybercrime forum known as &#8216;BreachForums&#8217; with a Threat Actor (TA) known by the alias &#8216;IntelBroker.&#8217; This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-11616","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"What is the attack?FortiGuard Labs&#039; Recon team is aware of communications on a cybercrime forum known as &#039;BreachForums&#039; with a Threat Actor (TA) known by the alias &#039;IntelBroker.&#039; This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"CPrime Supply Chain Attack \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"What is the attack?FortiGuard Labs&#039; Recon team is aware of communications on a cybercrime forum known as &#039;BreachForums&#039; with a Threat Actor (TA) known by the alias &#039;IntelBroker.&#039; This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2024-06-22T01:19:15+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-06-22T01:19:15+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"CPrime Supply Chain Attack \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"What is the attack?FortiGuard Labs&#039; Recon team is aware of communications on a cybercrime forum known as &#039;BreachForums&#039; with a Threat Actor (TA) known by the alias &#039;IntelBroker.&#039; This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#blogposting\",\"name\":\"CPrime Supply Chain Attack \\u203a Sekuritas IT\",\"headline\":\"CPrime Supply Chain Attack\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"datePublished\":\"2024-06-22T01:19:15+00:00\",\"dateModified\":\"2024-06-22T01:19:15+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#listItem\",\"name\":\"CPrime Supply Chain Attack\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#listItem\",\"position\":3,\"name\":\"CPrime Supply Chain Attack\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/\",\"name\":\"CPrime Supply Chain Attack \\u203a Sekuritas IT\",\"description\":\"What is the attack?FortiGuard Labs' Recon team is aware of communications on a cybercrime forum known as 'BreachForums' with a Threat Actor (TA) known by the alias 'IntelBroker.' This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/06\\\/22\\\/cprime-supply-chain-attack\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"datePublished\":\"2024-06-22T01:19:15+00:00\",\"dateModified\":\"2024-06-22T01:19:15+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"CPrime Supply Chain Attack \u203a Sekuritas IT","description":"What is the attack?FortiGuard Labs' Recon team is aware of communications on a cybercrime forum known as 'BreachForums' with a Threat Actor (TA) known by the alias 'IntelBroker.' This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#blogposting","name":"CPrime Supply Chain Attack \u203a Sekuritas IT","headline":"CPrime Supply Chain Attack","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"datePublished":"2024-06-22T01:19:15+00:00","dateModified":"2024-06-22T01:19:15+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#listItem","name":"CPrime Supply Chain Attack"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#listItem","position":3,"name":"CPrime Supply Chain Attack","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/","name":"CPrime Supply Chain Attack \u203a Sekuritas IT","description":"What is the attack?FortiGuard Labs' Recon team is aware of communications on a cybercrime forum known as 'BreachForums' with a Threat Actor (TA) known by the alias 'IntelBroker.' This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"datePublished":"2024-06-22T01:19:15+00:00","dateModified":"2024-06-22T01:19:15+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"CPrime Supply Chain Attack \u203a Sekuritas IT","og:description":"What is the attack?FortiGuard Labs' Recon team is aware of communications on a cybercrime forum known as 'BreachForums' with a Threat Actor (TA) known by the alias 'IntelBroker.' This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the","og:url":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/","article:published_time":"2024-06-22T01:19:15+00:00","article:modified_time":"2024-06-22T01:19:15+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"CPrime Supply Chain Attack \u203a Sekuritas IT","twitter:description":"What is the attack?FortiGuard Labs' Recon team is aware of communications on a cybercrime forum known as 'BreachForums' with a Threat Actor (TA) known by the alias 'IntelBroker.' This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the"},"aioseo_meta_data":{"post_id":"11616","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2024-06-22 01:48:57","updated":"2025-10-15 10:04:09","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tCPrime Supply Chain Attack\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"CPrime Supply Chain Attack","link":"https:\/\/sekuritasit.com\/index.php\/2024\/06\/22\/cprime-supply-chain-attack\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/11616","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=11616"}],"version-history":[{"count":1,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/11616\/revisions"}],"predecessor-version":[{"id":11618,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/11616\/revisions\/11618"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=11616"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=11616"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=11616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}