supply chain attack – Computer Security Articles

Researchers have uncovered a supply chain attack that tricked app and website developers into using copies of popular npm packages that contained malicious code to steal form data.

The post IconBurst software supply chain attack offers malicious versions of NPM packages appeared first on Malwarebytes Labs.

Independent Krebs

Avast, NordVPN Breaches Tied to Phantom User Accounts

October 21, 2019 admin avast breach, data breaches, filehippo, jaya baloo, Kenneth White, nordvpn breach, Open Crypto Audit Project, secunia personal software inspector, supply chain attack, Techcrunch, zack whittaker

Credit to Author: BrianKrebs| Date: Tue, 22 Oct 2019 00:32:57 +0000

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Microsoft Security

Attack inception: Compromised supply chain within a supply chain poses new risks

July 26, 2018 admin coin miner, cryptocurrency mining, cybersecurity, in-browser cryptocurrency miner, Security Intelligence, Security Response, software supply chain, supply chain attack, windows, Windows 10, Windows 10 in S mode, Windows 10 S, Windows Defender Antivirus, Windows Defender Application Control, Windows Defender ATP, Windows Defender AV

Credit to Author: Windows Defender ATP| Date: Thu, 26 Jul 2018 13:00:13 +0000

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the apps legitimate installer the unsuspecting carrier of a

Kaspersky Security