supply chain – SSL and internet security news

Micro-Star International Signing Key Stolen

May 15, 2023 infossl

ransomware, Security technology, signatures, supply chain, Uncategorized

Micro-Star International—aka MSI—had its UEFI signing key stolen last month. This raises the possibility that the leaked key could push out updates that would infect a computer’s most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn’t have an automated patching process the way Dell, HP, and many larger hardware … Read More “Micro-Star International Signing Key Stolen” »

North Korea Hacking Cryptocurrency Sites with 3CX Exploit

April 4, 2023 infossl

cryptocurrency, cybersecurity, hacking, malware, North Korea, Security technology, supply chain, Uncategorized, vulnerabilities

News: Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they’re based in “western Asia.” … Read More “North Korea Hacking Cryptocurrency Sites with 3CX Exploit” »

Trojaned Windows Installer Targets Ukraine

December 20, 2022 infossl

backdoors, malware, russia, Security technology, supply chain, torrents, ukraine, Uncategorized

Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System … Read More “Trojaned Windows Installer Targets Ukraine” »

Russian Software Company Pretending to Be American

November 16, 2022 infossl

russia, Security technology, smartphones, supply chain, Uncategorized

Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of Novosibirsk, where it is registered as a … Read More “Russian Software Company Pretending to Be American” »

NSA on Supply Chain Security

November 4, 2022 infossl

infrastructure, nsa, operational security, reports, Security technology, supply chain, Uncategorized

The NSA (together with CISA) has published a long report on supply-chain security: “Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.“: Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the … Read More “NSA on Supply Chain Security” »

More Russian SVR Supply-Chain Attacks

October 28, 2021 infossl

microsoft, russia, Security technology, supply chain, Uncategorized

Microsoft is reporting that the same attacker that was behind the SolarWinds breach — the Russian SVR, which Microsoft is calling Nobelium — is continuing with similar supply-chain attacks: Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain. This time, … Read More “More Russian SVR Supply-Chain Attacks” »

Details of the REvil Ransomware Attack

July 8, 2021 infossl

cyberattack, malware, ransomware, russia, Security technology, supply chain, Uncategorized, vulnerabilities, zero-day

ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical precision. According to Cybereason, the REvil affiliates first gained access to targeted environments and then used the zero-day in the Kaseya Agent Monitor to gain administrative control over the target’s … Read More “Details of the REvil Ransomware Attack” »

Vulnerabilities in Weapons Systems

June 8, 2021 infossl

cyberattack, cyberwar, cyberweapons, essays, military, Security technology, supply chain, Uncategorized

“If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.” That was Bruce’s response at a conference hosted by US Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the Internet. That may be necessary to keep in touch with … Read More “Vulnerabilities in Weapons Systems” »

The Story of the 2011 RSA Hack

May 27, 2021 infossl

china, cybersecurity, hacking, rsa, Security technology, supply chain, Uncategorized

Really good long article about the Chinese hacking of RSA, Inc. They were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come. Powered by WPeMatico

Backdoor Found in Codecov Bash Uploader

April 21, 2021 infossl

backdoors, credentials, hacking, Security technology, supply chain, Uncategorized

Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed the attackers to export information stored in its users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure,” the … Read More “Backdoor Found in Codecov Bash Uploader” »