Reading about the latest hacks by alleged nation state sponsored groups from China or Russia may make for interesting lunchtime reading. But do these groups pose a real threat to the typical business? Many security managers ask themselves: Do I really need to worry about nation state actors? In this article, we will answer thatRead more
Blog
Anti-virus company Avast has revealed they were breached over several months, after identifying the suspicious activity on their network on 23rd September according to a blog post by their CISO. Avast think their CCleaner software was the target of a supply chain attack – with the hackers attempting to repeat the 2017 insertion of maliciousRead more
Webmin, the web-based interface for system administration for Unix and Linux, had a remote code execution vulnerability deliberately introduced into its source code in April 2018. It was only publicised in August 2019 when a zero day exploit was published at DefCon 27. Webmin has been installed over a million times worldwide. The malicious codeRead more
Software Supply chain attacks – do you know what you are importing? Many websites and applications routinely import additional code modules from external repositories. These could be javascript libraries for a webpage or source code for an application. Two recent incidents illustrate the risks of supply chain attacks against the code of your applications andRead more
