Last week over 200 malicious packages were discovered in the npm registry targeting Azure developers with PII stealing malware. Reported by security firm JFrog, the malicious packages were uploaded to npm in a sort of typosquatting attack which targeted packages within the @azure scope. The attack method is simple: the attacker creates a malicious package […]
Azure developers targeted in supply chain attack Read More »
Earlier this month, the Vue.js JavaScript framework was subject to a supply chain attack via the npm ecosystem. The node-ipc package was sabotaged by its creator and was pulled into other people’s projects resulting in anti-war messages being displayed to users and, in some cases, data destruction. Node-ipc is a popular module used in the
Npm sabotaged by Ukraine protest Read More »
When the LAPSUS$ ransomware group broke into the network of Nvidia, the data they stole included two code signing certificates which are now being used to sign malware to help it bypass security defences. In order to prove that an application or driver is genuine and really does come from the named developer, a digital
Stolen Nvidia certs uses to sign malware Read More »
Russia’s deployment of troops into Ukraine is the physical side of a war that has been raging for some time in cyber space. How might your UK business get caught in the crossfire of this cyber war? On the 15th and 16th of February, the Ukranian banking sector was subject to a distributed denial of
What does the Russian invasion of Ukraine mean for UK cyber security? Read More »
The MoonBounce UEFI malware hit the headlines due to the novel way it hides from anti-virus software. UEFI malware is on the rise – but what is it, and how can you protect your network from this sophisticated security threat? Securing the Operating System The UEFI standard (Unified Extensible Firmware Interface) defines the way
What is Moonbounce Malware? Read More »
Blacksmith is a new kind of Rowhammer attack that has been proved to successfully bypass existing Rowhammer protections in modern DDR4 memory chips – allowing researchers to extract security secrets and change memory contents on victim computers. What is Rowhammer? Modern computer memory chips are physically very dense – with billions of memory cells (each
Blacksmith brings down the Rowhammer Read More »
Trojan Source is a new kind of source code and supply chain attack that causes the source code reviewed by a human to be different from the actual software generated by the compiler – meaning the behaviour of the software will not match what the source code appears to say. In 2000, a phishing attack
What is a Trojan Source attack? Read More »
A javascript library downloaded millions of times each week was compromised in a supply chain attack which targeted the npm software registry. npm describes itself as the worlds largest software registry, and is used to host and share thousands of open source and private software projects. The javascript library in question is used by companies
Javascript supply chain attack hits millions of users Read More »
The last 12 months has seen a notable increase in the number and scale of supply chain attacks. The global interconnected market has opened unexpected access to many organisations through the suppliers they trust. Headline grabbing attacks at organisations like SolarWinds, Kaseya and Mimecast are just the tip of the iceberg – the number of
What is a supply chain attack? Read More »
Kaseya provides remote management software used by thousands of IT support firms to manage millions of their end users computers. Kaseya was targeted in a supply chain attack to deliver ransomware to a claimed million of their customers computers. Managed Service Providers who provide outsourced IT support for small and medium sized enterprises rely on
What is the Kaseya Ransomware attack? Read More »