|
|
|
|
|
|
by wslh
921 days ago
|
|
|
There are at least three type of vulnerabilities here: 1/ Handling the custody of secrets by the company. The attackers first attacked and accessed a former Ledger employee with official Ledger account secrets. This is where secrets were mismanaged since the actual company secrets should never be in the hands of former employees. 2/ The attack could occur on an actual employee so they should employ ways to be protected against this kind of attack. 3/ The use of CDNs should have security measures in place. This is one of the most common attacks nowadays. |
|
|