July 4, 2024 at 09:10AM Conceptworld Corporation, an India-based software company, was found to be distributing information-stealing malware with its software products. Researchers from Rapid7 discovered that the installation packages of their tools, Notezilla, RecentX, and Copywhiz, had been Trojanized. Despite replacing the malicious installers, users were unknowingly exposed to the dllFake malware, capable of … Read more
June 13, 2024 at 10:25AM The discovery of a new attack method called Sleepy Pickle poses a significant security risk to machine learning (ML) models. The attack targets ML models by corrupting the Pickle format, allowing for the insertion of payloads to modify model behavior and output. It is recommended to load models from trusted … Read more
May 24, 2024 at 04:31PM Researchers at security firm Rapid7 discovered a backdoor in Justice AV Solutions (JAVS) audio-visual software used in over 10,000 courtrooms. The backdoor, suspected to be part of a supply chain attack, enabled attackers full system access. Rapid7 urges affected users to reinstall, reset credentials, and upgrade to a secure version … Read more
April 29, 2024 at 05:15PM A high-severity vulnerability (CVE-2024-27322) in R programming language’s deserialization process poses a threat to organizations using the language. Attackers could execute arbitrary code through specially crafted RDS files or packages, affecting sectors such as finance, healthcare, and AI. The issue has been addressed in R version 4.4.0, but organizations are … Read more
April 24, 2024 at 05:27PM Attacks like those experienced by SolarWinds and CodeCov show that adversaries can employ social engineering to execute supply chain attacks, as demonstrated by the backdoor introduction in the XZ Utils open source utility. This incident, along with warnings from the Open Source Security Foundation, highlights the need for vigilance in … Read more
April 6, 2024 at 12:18PM A recently discovered sophisticated backdoor in the xz software library raised concerns about the security of open-source code. The backdoor could allow remote control over infected systems, highlighting the risks of widely used code. Experts debate whether large corporations should contribute to securing such code. Join the Kettle series for … Read more
April 1, 2024 at 05:20PM A backdoor was discovered in the open-source compression library xz, posing a significant security threat. Luckily caught in time, the incident has raised concerns about future safeguards. The complex and stealthy attack on the software has sparked speculation about the motives and sophistication of the perpetrator. The hunt for the … Read more
February 5, 2024 at 06:06PM AnyDesk Software, the German developer of remote access software, experienced a security breach. The company initiated a security audit after detecting suspicious activity and found that their production systems were compromised. AnyDesk has taken measures to secure its systems and has engaged CrowdStrike for investigation. Cybersecurity firm Resecurity reported the … Read more
January 22, 2024 at 12:06PM New software supply chain attack method MavenGate targets public and popular libraries used in Java and Android apps. Vulnerabilities allow hijacking of artifacts and injecting malicious code. Oversecured sent reports to tech companies. Attack involves domain name purchases and exploiting abandoned libraries. Sonatype claims automation prevents attacks, but recommends end … Read more
November 10, 2023 at 11:24AM The State of Maine suffered a breach after threat actors exploited a vulnerability in the MOVEit file transfer tool. Approximately 1.3 million individuals’ personal information was accessed, including names, Social Security numbers, birth dates, driver’s licenses, and health insurance details. Maine’s Department of Health and Human Services and Department of Education were … Read more