supply chain attack
Ledger Supply Chain Breach: $600,000 Theft Unveiled
Wajahat Raja | | countermeasures, crypto drainer malware, cryptocurrency theft, cybercrime, Cybersecurity News, hardware wallet, ledger, Ledger Connect Kit, Legal Action, NPM account, phishing attack, Proactive Cybersecurity, rogue project, safeguarding cryptocurrency assets, security measures, software wallet, supply chain attack, supply chain breach, technical details, threat actors, unauthorized transactions, virtual assets, WalletConnect
Recent events have brought to light the Ledger supply chain breach, a cybercrime incident that led to the theft of $600,000 in virtual assets. For those who don’t know, Ledger is a ...
Navigating Open-Source Supply Chain Threats: Protecting Your Software Ecosystem
Artem Karasev | | Malware & Exploits, Open Source Threats, supply chain attack, Supply Chain Cybersecurity Attacks, Supply Chain threats
In today’s business world, companies are determined to create software faster than ever before. Developers are under immense pressure to deliver products to customers quickly. To accelerate this process, developers often rely ...
GitHub Repositories Victimized Amid Supply Chain Attack
Wajahat Raja | | Cyber Threats, Cybersecurity, Cybersecurity News, Dependabot, GitHub, GitHub repositories, Malware, supply chain attack
In a digital landscape rife with vulnerabilities, a recent and disconcerting phenomenon has come to light. GitHub repositories, the foundation of numerous software projects, have been victimized by a devious supply chain ...
MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches
Tom Eston | | Brushing, china, Complex Passwords, Cyber Security, cyberattack, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, Information Security, Infosec, military, MOVEit, Password, Password Rotations, passwords, Podcast, Podcasts, Privacy, security, Security Awareness, smartwatch, Smartwatches, supply chain, supply chain attack, technology, US Army, vulnerability, Weekly Edition
Several major organizations, including British Airways and the BBC, fell victim to the recent MOVEit cyberattack. We discuss the alarming trend of hackers targeting trusted suppliers to gain access to customer data, ...
Lazarus Assault Via 3CX Exposes Need to Rethink Security
When North Korean threat actors the Lazarus Group exploited a legitimate update to the 3CXDesktopApp—a softphone application from 3CX—security professionals didn’t initially pick up on the import of the activity and tactics ...
Security Boulevard
Supply Chain Dependency: What Your GitHub Connections May Trigger
Alon Jackson | | API Keys, CircleCI breach, connections, GitHub, GitHub repositories, supply chain attack
The writing is on the walls, and it’s hard to avoid after the significant spike in attacks against GitHub repositories. The recent CircleCI breach, in which customers’ secrets and encryption keys were ...
Security Boulevard
Teen Mastermind Behind Lapsus$ Ransomware Attacks
Just when it looked like a tired hacker stereotype was fading, it seems that a teenager orchestrated Lapsus$ attacks against high-profile targets like Microsoft and Nvidia—all from the comfort of the home ...
Security Boulevard
Supply Chain Security – Not As Easy As it Looks
The massive exploit of SolarWinds is a prime example of what is called a “supply chain” vulnerability. The vast majority of those impacted by the Russian SolarWinds attack probably had never even ...
Security Boulevard
Kaseya Starts Recovery After REvil Attack
Kaseya is now reporting the software-as-a-service (SaaS) instance of its Virtual System Administrator (VSA) platform will be back online sometime between 4:00 p.m. and 7:00 p.m. EST today. It expects the on-premises ...
Security Boulevard
REvil Makes Monkeys out of Kaseya Customers
Over the long weekend, a huge ransomware attack emerged. Kaseya seems to have been the common component ...
Security Boulevard