Software Supply-Chain Attack Hits Vietnam Government Certification Authority

Cybersecurity researchers today disclosed a new supply-chain attack targeting the Vietnam Government Certification Authority (VGCA) that compromised the agency's digital signature toolkit to install a backdoor on victim systems. Uncovered by Slovak internet security company ESET early this month, the "SignSight" attack involved modifying software installers hosted on the CA's website ("ca.gov.vn
https://thehackernews.com/2020/12/software-supply-chain-attack-hits.html?utm_source=dlvr.it&utm_medium=blogger