On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
March 1, 2019
Necurs, the prolific and globally dispersed spam and malware distribution botnet, has been spotted using a fresh hiding technique to avoid detection while quietly adding more bots to its web. According to research from Black Lotus Labs, which is telecom and ISP provider CenturyLink’s network security arm, Necurs last year began implementing regular, sustained downtime segments ...
- RSA Security Conference: The race to plug a $6 trillion security hole
March 1, 2019
More than 50 thousand of the world’s top computer security professionals will be in San Francisco this week for the RSA Conference. While they talk, the hole in the cybersecurity world is getting bigger every year and is on track to swallow $6 trillion in annual damages by 2021 — a doubling from $3 trillion in ...
- Hackers target Elasticsearch clusters in fresh malware campaign
February 27, 2019
Security researchers have observed a spike in attacks from multiple threat actors targeting Elasticsearch clusters, in what is believed to be an attempt to spread malware on victims’ machines. Attackers appear targeting clusters using versions 1.4.2 and lower, and are leveraging old vulnerabilities to pass scripts to search queries and drop the attacker’s payloads, according to ...
- Russian national, author of NeverQuest banking trojan, pleads guilty
February 23, 2019
A Russian national pleaded guilty today in a New York court of creating, running, and infecting users with the NeverQuest banking trojan –also known as Snifula and Vawtrack. The man’s name is Stanislav Vitaliyevich Lisov, a Russian national who went online under the names of “Black” and “Blackf,” and who, according to a Department of Justice press ...
- Malspam campaign fakes Google reCAPTCHA images to fool victims
February 22, 2019
A recently discovered malspam campaign targeting customers of a Polish bank was found using forgeries of Google reCAPTCHA images to fake legitimacy. The banking malware was delivered via phishing emails that purported to seekin confirmation of a recent banking transaction that in reality never occurred, according to Feb. 21 blog post published week by Sucuri. Recipients who panicked at the ...
- DDoS Attacks Ranked As Highest Threat by Enterprises
February 22, 2019
US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. Another 75% of all professionals who took part in NISC’s study said that they are deeply concerned about “bot ...