Software Productivity Tools Hijacked to Deliver Infostealers

July 4, 2024 at 09:10AM Conceptworld Corporation, an India-based software company, was found to be distributing information-stealing malware with its software products. Researchers from Rapid7 discovered that the installation packages of their tools, Notezilla, RecentX, and Copywhiz, had been Trojanized. Despite replacing the malicious installers, users were unknowingly exposed to the dllFake malware, capable of … Read more

New Attack Technique ‘Sleepy Pickle’ Targets Machine Learning Models

June 13, 2024 at 10:25AM The discovery of a new attack method called Sleepy Pickle poses a significant security risk to machine learning (ML) models. The attack targets ML models by corrupting the Pickle format, allowing for the insertion of payloads to modify model behavior and output. It is recommended to load models from trusted … Read more

Suspected supply chain attack backdoors courtroom recording software

May 24, 2024 at 04:31PM Researchers at security firm Rapid7 discovered a backdoor in Justice AV Solutions (JAVS) audio-visual software used in over 10,000 courtrooms. The backdoor, suspected to be part of a supply chain attack, enabled attackers full system access. Rapid7 urges affected users to reinstall, reset credentials, and upgrade to a secure version … Read more

R Programming Bug Exposes Orgs to Vast Supply Chain Risk

April 29, 2024 at 05:15PM A high-severity vulnerability (CVE-2024-27322) in R programming language’s deserialization process poses a threat to organizations using the language. Attackers could execute arbitrary code through specially crafted RDS files or packages, affecting sectors such as finance, healthcare, and AI. The issue has been addressed in R version 4.4.0, but organizations are … Read more

Attacker Social-Engineered Backdoor Code Into XZ Utils

April 24, 2024 at 05:27PM Attacks like those experienced by SolarWinds and CodeCov show that adversaries can employ social engineering to execute supply chain attacks, as demonstrated by the backdoor introduction in the XZ Utils open source utility. This incident, along with warnings from the Open Source Security Foundation, highlights the need for vigilance in … Read more

What can be done to protect open source devs from next xz backdoor drama?

April 6, 2024 at 12:18PM A recently discovered sophisticated backdoor in the xz software library raised concerns about the security of open-source code. The backdoor could allow remote control over infected systems, highlighting the risks of widely used code. Experts debate whether large corporations should contribute to securing such code. Join the Kettle series for … Read more

Malicious xz backdoor reveals fragility of open source

April 1, 2024 at 05:20PM A backdoor was discovered in the open-source compression library xz, posing a significant security threat. Luckily caught in time, the incident has raised concerns about future safeguards. The complex and stealthy attack on the software has sparked speculation about the motives and sophistication of the perpetrator. The hunt for the … Read more

AnyDesk Hacked: Revokes Passwords, Certificates in Response

February 5, 2024 at 06:06PM AnyDesk Software, the German developer of remote access software, experienced a security breach. The company initiated a security audit after detecting suspicious activity and found that their production systems were compromised. AnyDesk has taken measures to secure its systems and has engaged CrowdStrike for investigation. Cybersecurity firm Resecurity reported the … Read more

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

January 22, 2024 at 12:06PM New software supply chain attack method MavenGate targets public and popular libraries used in Java and Android apps. Vulnerabilities allow hijacking of artifacts and injecting malicious code. Oversecured sent reports to tech companies. Attack involves domain name purchases and exploiting abandoned libraries. Sonatype claims automation prevents attacks, but recommends end … Read more

Maine govt notifies 1.3 million people of MOVEit data breach

November 10, 2023 at 11:24AM The State of Maine suffered a breach after threat actors exploited a vulnerability in the MOVEit file transfer tool. Approximately 1.3 million individuals’ personal information was accessed, including names, Social Security numbers, birth dates, driver’s licenses, and health insurance details. Maine’s Department of Health and Human Services and Department of Education were … Read more