Thursday, March 30, 2023
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

trend micro research : cloud

Security TrendMicro 

Attacking The Supply Chain: Developer

admin , , , , , , ,

Credit to Author: David Fiser| Date: Wed, 25 Jan 2023 00:00:00 +0000

In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE), this proof considers the execution of malicious build scripts via injecting commands when the project or build is incorrectly “trusted”.

Read more
Security TrendMicro 

Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures

admin , , , , , , ,

Credit to Author: Peter Girnus| Date: Tue, 17 Jan 2023 00:00:00 +0000

We discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to distribute NjRAT (also known as Bladabindi) to infect victims across the Middle East and North Africa.

Read more
Security TrendMicro 

Abusing a GitHub Codespaces Feature For Malware Delivery

admin , , ,

Credit to Author: Nitesh Surana| Date: Mon, 16 Jan 2023 00:00:00 +0000

Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server.

Read more