It is a while since I have written about the threat actors getting inside software repositories and infecting widely used software packages with malware. Subsequently these packages are then innocently used by web and software developers, infecting their work which is then passed onto the end client, potentially you. The …
Supply chain vulnerability
We have many clients who have their own software or have custom software on their website or web apps written for them by developers. These developers may or may not reuse code or modules written by third party developers and sourced through a software repository – such as GitHub or …
Two stories about GitHub
GitHub is a code development environment and code repository used around the world by many software developers and well known applications. Consequently it is also a prime target for threat actors who if they can get inside the development of packages can infect many unsuspecting users. The collaboration tool Slack …
A couple of stories about supply chain compromise
The first is that threat actors have compromised a media company and are using its infrastructure to distribute malware: Hundreds of U.S. news sites push malware in supply-chain attack (bleepingcomputer.com) The company has not yet been named but the attack has impacted to many hundreds of news sites. The second …
Continue reading “A couple of stories about supply chain compromise”
Log4shell – the vulnerability that is inside many software packages – just ask VMware – is here to stay
The SolarWinds attack, where the threat actors got inside SolarWinds’ systems and added their malicious code to a legitimate software update, so having SolarWinds distribute this malware to many of its high and low profile customers around the world, seems a long time ago now. But at least in this …