On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- International law enforcement operation exposes the world’s most harmful cyber crime group
December 5, 2019
A Russian national who runs Evil Corp has been indicted in the United States following unprecedented collaboration between the NCA, the FBI and the National Cyber Security Centre. A Russian national who runs Evil Corp – the world’s most harmful cyber crime group that created and deployed malware causing financial losses totalling hundreds of millions of ...
- Ransomware attack hits major US data center provider
December 5, 2019
CyrusOne, one of the biggest data center providers in the US, has suffered a ransomware attack, ZDNet has learned. In an email after this article’s publication, a CyrusOne spokesperson confirmed the incident and said they are currently working with law enforcement and forensics firms to investigate the attack, and help customers restore systems impacted systems. “Six of ...
- New ransomware attacks target your NAS devices, backup storage
December 5, 2019
The number of ransomware strains targeting NAS and backup storage devices is growing, with users “unprepared” for the threat, researchers say. Ransomware comes in many forms and guises. The malware variant is popular with cybercriminals and is used in attacks against the enterprise, critical services — including hospitals and utilities — and individuals. Once deployed on a system, the malware ...
- ‘Ultimate’ MiTM Attack Steals $1M from Israeli Startup
December 5, 2019
Hackers pulled off an elaborate man-in-the-middle campaign to rip off an Israeli startup by intercepting a wire transfer from a Chinese venture-capital firm intended for the new business. New research by Check Point Software details how the security vendor uncovered the wire-transfer heist, in which an attacker used unique tactics—including communicating through email and even canceling a critical ...
- APT review: what the world’s threat actors got up to in 2019
December 4, 2019
What were the most interesting developments in terms of APT activity during the year and what can we learn from them? This is not an easy question to answer, because researchers have only partial visibility and it´s impossible to fully understand the motivation for some attacks or the developments behind them. However, let´s try to approach ...
- Buer, a new loader emerges in the underground marketplace
December 4, 2019
For several years, Proofpoint researchers have been tracking the use of first-stage downloaders, which are used by threat actors to install other forms of malware during and after their malicious email campaigns. In particular, over the last two years, these downloaders have become increasingly robust, providing advanced profiling and targeting capabilities. More importantly, downloaders and other ...