On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US Cyber Command head confirms direct actions against ransomware gangs
December 8, 2021
General Paul M. Nakasone, head of US Cyber Command confirmed during a recent national security event that his agency has begun taking direct action against international ransomware gangs as part of a larger effort to curtail attacks on American companies and infrastructure. The General explained that his agency is working hand-in-hand with the NSA, FBI, and ...
- Inside the criminal groups using disinformation to sell fake COVID passes
December 8, 2021
“For all those who do not wish to be vaccinated, here is an alternative.” This is how fake or fraudulent EU COVID certificates are being advertised online by criminal groups. Sky News has found evidence of these passes, which could be used as proof of vaccination to enter the UK, being advertised in at least nine European ...
- Tor blocked in Russia
December 8, 2021
The Tor browser, which allows users to surf the internet anonymously and access prohibited webpages, has been blocked across much of Russia, according to recent reports from an internet-monitoring group. The Open Observatory of Network Interference, or OONI, reported last week that Tor’s system of proxy servers in Russia had partly stopped working at around 5:21pm ...
- When Scammers Get Scammed, They Take It to Cybercrime Court
December 7, 2021
Blocked from legitimate courts, cybercriminals have set up their own system for settling disputes, handing over ultimate decision-making to senior underground forum administrators who have awarded claims totaling as much as $20 million. A new report from Analyst1 details activities inside these underground systems and found more than 600 requests for mediation on just one Russian-language ...
- Canadian indicted for launching ransomware attacks on orgs in US, Canada
December 7, 2021
The FBI and Justice Department unsealed indictments today leveling a number of charges against 31-year-old Canadian Matthew Philbert for his alleged involvement in several ransomware attacks. Officials from the Ontario Provincial Police held a press conference on Tuesday to announce the charges and Philbert’s arrest in Ottawa. In a statement, US Attorney Bryan Wilson of the District ...
- The story of the year: ransomware in the headlines
December 7, 2021
In the past twelve months, the word “ransomware” has popped up in countless headlines worldwide across both print and digital publications: The Wall Street Journal, the BBC, the New York Times. It is no longer just being discussed by CISOs and security professionals, but politicians, school administrators, and hospital directors. Words like Babuk and REvil ...