NetStandard attack should make Managed Service Providers sit up and take notice

Credit to Author: Pieter Arntz| Date: Wed, 03 Aug 2022 16:48:37 +0000

The attack on MSP NetStandard reminds us once again that MSPs are a very attractive target for cybercriminals

The post NetStandard attack should make Managed Service Providers sit up and take notice appeared first on Malwarebytes Labs.

Read more

IconBurst software supply chain attack offers malicious versions of NPM packages

Credit to Author: Pieter Arntz| Date: Wed, 06 Jul 2022 14:11:31 +0000

Researchers have uncovered a supply chain attack that tricked app and website developers into using copies of popular npm packages that contained malicious code to steal form data.

The post IconBurst software supply chain attack offers malicious versions of NPM packages appeared first on Malwarebytes Labs.

Read more

Avast, NordVPN Breaches Tied to Phantom User Accounts

Credit to Author: BrianKrebs| Date: Tue, 22 Oct 2019 00:32:57 +0000

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Read more

Attack inception: Compromised supply chain within a supply chain poses new risks

Credit to Author: Windows Defender ATP| Date: Thu, 26 Jul 2018 13:00:13 +0000

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the apps legitimate installer the unsuspecting carrier of a

Read more

Read more