In this blog entry, Trend Micro researchers look at overly permissive cloud service credentials in Microsoft’s public-facing assets and assess their potential implications on software supply chain and software integrity.
We do this by exploring two scenarios involving PC Manager, a tool designed to help optimize and manage Windows computers. PC Manager includes features for cleaning up temporary files, managing startup programs, monitoring system health, and improving overall performance, and aims to provide users with a straightforward method for maintaining their machine’s efficiency and security. The two scenarios the researchers explore include one related to the official PC Manager website, and another to the WinGet package manager.
Read more…
Source: Trend Micro
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Fortinet confirms data breach after allegedly refusing to pay ransom
September 13, 2024
In an announcement posted on Fortinet’s website, the company said that someone gained access to a “limited number of files” stored on its instance of an unnamed third-party cloud-based shared file drive. The files included “limited data related to a small number of Fortinet customers,” the announcement added, stating that this affects less than 0.3% of ...
- Join the Cyber Security & Cloud Expo Europe on 1-2 October 2024
August 30, 2024
Amsterdam, Netherlands – 1-2 October 2024 – The Cyber Security & Cloud Expo Europe 2024 is poised to be a must-attend event, bringing together top-tier experts and innovators in cybersecurity and cloud computing. Set at the RAI Amsterdam, this year’s expo promises to deliver cutting-edge insights, transformative presentations, and invaluable networking opportunities for professionals dedicated ...
- Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
August 7, 2024
The number of threat actors leveraging legitimate cloud services in their attacks has grown this year as attackers have begun to realize their potential to provide low-key and low-cost infrastructure. Traffic to and from well known, trusted services such as Microsoft OneDrive or Google Drive may be less likely to raise red flags than communications with ...
- LianSpy: new Android spyware targeting Russian users
August 5, 2024
In March 2024, Kaspersky researchers discovered a campaign targeting individuals in Russia with previously unseen Android spyware they dubbed LianSpy. Kaspersky analysis indicates that the malware has been active since July 2021. This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs and app lists. The malicious actor behind LianSpy employs multiple ...
- Identifying a BOLA Vulnerability in Harbor, a Cloud-Native Container Registry
July 31, 2024
In a recent audit of open-source web applications, threat researchers from Unit 42 have identified a broken object-level authorization (BOLA) vulnerability that impacts Harbor versions prior to 2.9.5. Harbor is a widely used cloud-native container registry that plays a role in cloud environments by hosting container images and providing features such as role-based access control (RBAC), ...
- CloudSorcerer – A new APT targeting Russian government entities
July 8, 2024
In May 2024, Kaspersky researchers discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. The malware leverages cloud resources as its command and control (C2) servers, accessing them ...