Blog

Last week over 200 malicious packages were discovered in the npm registry targeting Azure developers with PII stealing malware. Reported by security firm JFrog, the malicious packages were uploaded to npm in a sort of typosquatting attack which targeted packages within the @azure scope. The attack method is simple: the attacker creates a malicious packageRead more

Google has released a patch for a zero day exploit in Google Chrome – the second zero day patched so far this year. Tracked as CVE-2022-1096, this High severity Type Confusion vulnerability was reported on 23rd March and a patch was released just 48 hours later.  Google is aware that an exploit exists in theRead more

‘Use After Free’ is the name given to security vulnerabilities that occur because of a problem with the way an application is managing its memory. When one part of a program attempts to use some memory that another part of the program has released because it is no longer needed the application may crash, produceRead more

Earlier this month, the Vue.js JavaScript framework was subject to a supply chain attack via the npm ecosystem.  The node-ipc package was sabotaged by its creator and was pulled into other people’s projects resulting in anti-war messages being displayed to users and, in some cases, data destruction. Node-ipc is a popular module used in theRead more

HP has issued two security advisories describing remote code execution and denial of service vulnerabilities that affect hundreds of different HP network printers. Remote code execution and buffer overflow Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name ResolutionRead more

As a security manager you can only protect systems that you know about. Asset Management is the art and science of keeping track of all the devices connected to your network so that you can protect them. You can’t protect what you don’t track One of the developments in cybersecurity thinking in recent years hasRead more

When the LAPSUS$ ransomware group broke into the network of Nvidia, the data they stole included two code signing certificates which are now being used to sign malware to help it bypass security defences. In order to prove that an application or driver is genuine and really does come from the named developer, a digitalRead more

Our monthly summary of recent important security patches includes updates from Microsoft and HP Microsoft Patch Tuesday March 2022 The March security updates from Microsoft address 71 security vulnerabilities, including several rated as critical or zero-day: Microsoft Exchange Server remote code execution vulnerability ( CVE-2022-23277) allowing an authenticated malicious user to run their code with adminRead more

Akamai has published details of a DDoS attack which generated more than 53 million packets per second by abusing misconfigured PBX VoIP gateways. Amplification DDoS attacks work by abusing systems which send large responses to small queries.  Thus, an attacker can transmit a number of small requests which have the ‘reply-to’ address set to theRead more

A Linux kernel vulnerability dubbed ‘Dirty Pipe’ allows an attacker to change any file on the system – including read only files such as the password file. The flaw affects Linux Kernel 5.8 and later – including Android devices as well as mainstream Linux server distros. Tracked as CVE-2022-0847, the flaw in the way memoryRead more