On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FBI: Conti Ransomware Attacks Impact Healthcare and First Responder Networks
May 20, 2021
The FBI identified at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the U.S. ...
- Microsoft: Massive malware campaign delivers fake ransomware
May 20, 2021
A massive malware campaign pushed the Java-based STRRAT remote access trojan (RAT), known for its data theft capabilities and the ability to fake ransomware attacks. In a series of tweets, the Microsoft Security Intelligence team outlined how this “massive email campaign” spread the fake ransomware payloads using compromised email accounts. Read more… Source: Bleeping Computer
- Conti ransomware gives HSE Ireland free decryptor, still selling data
May 20, 2021
The Conti ransomware gang has released a free decryptor for Ireland’s health service, the HSE, but warns that they will still sell or release the stolen data. Ireland’s HSE, the country’s publicly funded healthcare system, and the Department of Health were attacked by the Conti ransomware gang last Friday. Read more… Source: Bleeping Computer
- Healthcare organizations in Ireland, New Zealand and Canada facing intrusions and ransomware attacks
May 20, 2021
Three healthcare institutions in Canada, Ireland and New Zealand are in the midst of security incidents this week, highlighting the perilous cybersecurity landscape within some of the world’s most important organizations. Ireland’s Department of Health was attacked twice in the last week, eventually shutting down their entire IT system after a ransomware attack last Thursday. The ...
- BazarCall: Call Centers Help Spread BazarLoader Malware
May 19, 2021
BazarLoader (sometimes referred to as BazaLoader) is malware that provides backdoor access to an infected Windows host. After a client is infected, criminals use this backdoor access to send follow-up malware, scan the environment and exploit other vulnerable hosts on the network. The threat actor behind BazarLoader uses different methods to distribute this malware to potential ...
- Qlocker ransomware shuts down after extorting hundreds of QNAP users
May 19, 2021
The Qlocker ransomware gang has shut down their operation after earning $350,000 in a month by exploiting vulnerabilities in QNAP NAS devices. Starting on April 19th, QNAP NAS device owners worldwide suddenly discovered that their device’s files were replaced by password-protected 7-zip archives. Read more… Source: Bleeping Computer