It is a while since I have written about the threat actors getting inside software repositories and infecting widely used software packages with malware. Subsequently these packages are then innocently used by web and software developers, infecting their work which is then passed onto the end client, potentially you. The …
Supply chain vulnerability
We have many clients who have their own software or have custom software on their website or web apps written for them by developers. These developers may or may not reuse code or modules written by third party developers and sourced through a software repository – such as GitHub or …
Two stories about GitHub
GitHub is a code development environment and code repository used around the world by many software developers and well known applications. Consequently it is also a prime target for threat actors who if they can get inside the development of packages can infect many unsuspecting users. The collaboration tool Slack …
A couple of stories about supply chain compromise
The first is that threat actors have compromised a media company and are using its infrastructure to distribute malware: Hundreds of U.S. news sites push malware in supply-chain attack (bleepingcomputer.com) The company has not yet been named but the attack has impacted to many hundreds of news sites. The second …
Continue reading “A couple of stories about supply chain compromise”
Log4shell – the vulnerability that is inside many software packages – just ask VMware – is here to stay
The SolarWinds attack, where the threat actors got inside SolarWinds’ systems and added their malicious code to a legitimate software update, so having SolarWinds distribute this malware to many of its high and low profile customers around the world, seems a long time ago now. But at least in this …
This time there is more of a security issue with iOS rather than Android
Usually when I am discussing smartphone app security, Apple iOS has an advantage over Android apps, because of it’s curated App store that stops (most) of the security issues from getting through to the end user’s devices. Now researchers have discovered Amazon Web Service credentials hard coded, by careless developers …
Continue reading “This time there is more of a security issue with iOS rather than Android”
Software repositories are a target for threat actors
If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …
Continue reading “Software repositories are a target for threat actors”