I read a lot of Threatpost and Cyberscoop but often the articles talk about what happens after a cybersecurity incident. I haven’t been able to find articles on how REvil compromised JBS for example. There are a lot of articles that say REvil compromised them… they encrypted some data and asked for some bitcoin, but it skips over the part that I’m most interested in.
Maybe that is information that they don’t want to disclose or isn’t known but it’s what I care the most about.
For example, I want to know how REvil compromised JBS. Anyone know? I also want to know more about how the Oldsmar Water Treatment attack used a waterhole. All I’ve read is “They used a watering hole with bad code in a word press website.” What does that even mean?
I hope there’s some podcast or something that I’m skipping over that goes really granularly into the details of how these things occur.