May 16, 2024 at 03:47PM Microsoft has noted increased cyber and influence activities from China and North Korea. Chinese actors are targeting specific regions and using AI to create divisive content. North Korean threat actors focus on cryptocurrency theft and software supply chain attacks to fund their weapons program. Security teams should be vigilant and … Read more
March 7, 2024 at 11:39AM Security researchers have observed increasing exploit attempts using the latest vulnerabilities in JetBrains’ TeamCity, leading to ransomware deployment. Telemetry indicates active attacks using modified Jasmin ransomware. The uncoordinated disclosure of vulnerabilities between JetBrains and Rapid7 has caused a stir in the cybersecurity community, highlighting contrasting policies regarding vulnerability disclosure. Users … Read more
November 23, 2023 at 08:44AM The UK and South Korea’s national cybersecurity organizations have issued a joint advisory warning about an increase in the volume and sophistication of North Korean software supply chain attacks. The advisory highlights the use of zero-day and N-day vulnerabilities and multiple exploits to achieve North Korea’s priorities, which include generating … Read more
November 7, 2023 at 05:16PM Myrror Security, a company specializing in application security for organizations using open-source packages, has received $6 million in seed funding from Blumberg Capital and Entrée Capital. The funds will be used to expand product capabilities and distribution channels. Myrror Security aims to address the increasing rate of software supply chain … Read more
October 18, 2023 at 06:34PM Microsoft reports that the North Korean hacking groups Lazarus and Andariel are exploiting a vulnerability in TeamCity servers, CVE-2023-42793, to deploy backdoor malware. These attacks are likely aimed at conducting software supply chain attacks. Once the server is breached, the hackers use different attack chains to gain persistence on the … Read more