Security News

Week in review: Popular npm package hijacked, zero trust security key tenets, wildcard certificate risks
2021-10-31 09:00

Apple fixes security feature bypass in macOSApple has delivered a barrage of security updates for most of its devices this week, and among the vulnerabilities fixed are CVE-2021-30892, a System Integrity Protection bypass in macOS, and CVE-2021-30883, an iOS flaw that's actively exploited by attackers. Good security habits: Leveraging the science behind how humans develop habitsIn this interview with Help Net Security, George Finney, CSO at Southern Methodist University, explains what good security habits are, how to successfully implement them and why are they important.

Popular nmp package hijacked, modified to deliver cryptominers
2021-10-26 11:04

The library's lightweight npm package is extremely popular: according to the numbers on its npm registry page, it surpasses 8 million weekly downloads. The compromised packages were removed from the repository and a security advisory was published.

If you're using this hijacked NPM library anywhere in your software stack, read this
2021-10-25 22:13

The US government's Cybersecurity and Infrastructure Security Agency has warned developers that a version of the ua-parser-js JavaScript library, available via NPM, was infected with data-stealing and cryptocurrency-mining malware. The NPM account hosting it was seemingly compromised by miscreants, who modified the package so that when installed, it would bring in various bits of malware on whatever system was running the code.

Popular NPM Package Hijacked to Publish Crypto-mining Malware
2021-10-24 03:38

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library. The supply-chain attack targeting the open-source library saw three different versions - 0.7.29, 0.8.0, 1.0.0 - that were published with malicious code on Thursday following a successful takeover of the maintainer's NPM account.

Popular NPM library hijacked to install password-stealers, miners
2021-10-23 16:51

Hackers hijacked the popular UA-Parser-JS NPM library, with millions of downloads a week, to infect Linux and Windows devices with cryptominers and password-stealing trojans in a supply-chain attack. The UA-Parser-JS library is used to parse a browser's user agent to identify a visitor's browser, engine, OS, CPU, and Device type/model.

Google: YouTubers’ accounts hijacked with cookie-stealing malware
2021-10-20 15:49

Google says YouTube creators have been targeted with password-stealing malware in phishing attacks coordinated by financially motivated threat actors. The threat actors used social engineering and phishing emails to infect YouTube creators with information-stealing malware, chosen based on each attacker's preference.

REvil ransomware shuts down again after Tor sites were hijacked
2021-10-17 23:19

The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog. The Tor sites went offline earlier today, with a threat actor affiliated with the REvil operation posting to the XSS hacking forum that someone hijacked the gang's domains.

Apache OpenOffice can be hijacked by malicious documents, fix still in beta
2021-09-20 20:52

Apache OpenOffice is currently vulnerable to a remote code execution vulnerability and while the app's source code has been patched, the fix has only been made available as beta software and awaits an official release. CVE-2021-33035: RCE in Apache OpenOffice up to 4.1.10 - pure memory corruption.

Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin
2021-08-26 20:50

When Colorado resident Andrew Schober downloaded the Electrum Atom Bitcoin wallet from Reddit, he also picked up a piece of clipboard hijacking malware that eventually redirected his 16.4552 Bitcoin to a wallet controlled by two teenagers living in the U.K. At today's price, 16.4552 Bitcoin would be worth ~$773,000. Because they were juveniles at the time of the alleged theft, Schober is suing their parents for the nearly $1 million he lost in the heist.

Spam is Chipotle's secret ingredient: Marketing email hijacked to dish up malware
2021-07-29 16:00

Chipotle.com, the deception would be evident upon examining the raw email header data. "It is important that recipients notice the discrepancy between a sender's display name and its actual email address," wrote Bukar Alibe, cyber security analyst at INKY, in a blog post provided to The Register.