On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- After Windows and Android, Operation Emmental Starts Targeting Apple Users
July 11, 2017
Security experts have discovered new malware that is specifically aimed at Apple customers, after previously targeting users running Windows and Android on their devices. Believed to be part of Operation Emmental, which was first spotted in 2012, the new malware is called Dok and is primarily targeting customers of Swiss banks, according to an in-depth analysis ...
- Private Decryption Key For Original Petya Ransomware Released
July 7, 2017
Rejoice Petya-infected victims! The master key for the original version of the Petya ransomware has been released by its creator, allowing Petya-infected victims to recover their encrypted files without paying any ransom money. But wait, Petya is not NotPetya. Do not confuse Petya ransomware with the latest destructive NotPetya ransomware (also known as ExPetr and Eternal Petya) attacks ...
- MCMC probing cyber attacks on online trading platforms
July 7, 2017
The Malaysian Communications and Multimedia Commission (MCMC) is looking into reports of suspected cyber attacks disrupting online trading at several local brokerages. The regulator said it was assisting the stock exchange in investigating the disruption, a report by Nikkei Markets said on Friday. This comes after several brokerages alerted clients that their online broking services had been ...
- Ukrainian Police Seize Servers of Software Firm Linked to NotPetya Cyberattack
July 5, 2017
Ukrainian National Police has released a video showing officers raiding company of M.E.Doc accounting software makers, whose systems have been linked to outbreak of Petya (NotPetya) ransomware that recently infected computers of several major companies worldwide. On 4th July, masked police officers from Ukrainian anti-cybercrime unit — carrying shotguns and assault rifles — raided the software ...
- Researchers Find BlackEnergy APT Links in ExPetr Code
July 3, 2017
Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks. According to researchers at Kaspersky Lab, there are strong similarities between older versions of BlackEnergy’s KillDisk ransomware compared to ExPetr code. Parallels were first identified in targeted extensions used by both BlackEnergy and ExPetr, ...
- Oil & Gas Industry Faces More Frequent & Sophisticated Cyber Attacks: Deloitte
June 27, 2017
Three out of four oil and natural gas companies fell victim to at least one cyber attack last year as hacking efforts against the industry become more frequent and sophisticated. That’s the finding from a report released Monday by industry consultant Deloitte LLP. Technology advances, such as Royal Dutch Shell Plc’s recent control of operations in Argentina ...