https://blog.it-learn.io/tags/apt/Recent content in Apt on it-learn.io | IT, Networking & Cybersecurity BlogHugoen-usSun, 12 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-12-watering-hole-attack-they-compromised-the-site-you-trust/Sun, 12 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-12-watering-hole-attack-they-compromised-the-site-you-trust/<p>In February 2017, a bank&rsquo;s security team was reviewing the JavaScript source code of the Polish Financial Supervision Authority (KNF) website — a regulatory portal they were required to visit regularly. They found something unexpected: an obfuscated JavaScript snippet that fingerprinted visitors and selectively redirected specific targets to an exploit kit landing page. The KNF site had been compromised. The attackers had turned the regulator&rsquo;s own website into a trap for the banks it supervised.</p>https://blog.it-learn.io/posts/2026-04-08-supply-chain-attack-solarwinds-explained/Wed, 08 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-08-supply-chain-attack-solarwinds-explained/<p>The SolarWinds attack did not begin with a phishing email or a misconfigured firewall. It began inside a build server — the trusted forge where software is assembled, signed, and shipped. By the time 18,000 organizations downloaded the trojaned Orion update in the spring of 2020, the attackers had already achieved something far more dangerous than a network intrusion: they had weaponized trust itself.</p> <p>This post dissects the technical mechanics of the SUNBURST backdoor, the Orion build pipeline compromise, DGA-based command and control, and the detection and defense strategies that can limit your exposure to this class of attack.</p>