Security News

Cyborg Security unveiled new capabilities within the HUNTER content platform. These capabilities are designed to defend against rapidly evolving threats, including growing attacks on critical infrastructure and supply chains, while reducing Mean-Time-to-Deployment of threat hunting and detection content.

A monster cyberattack on SITA, a global IT provider for 90 percent of the world's airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history. The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentially been traced back to the Chinese state-sponsored threat actor APT41, and analysts are warning airlines to hunt down any traces of the campaign concealed within their networks.

ESET researchers have linked a stealthy cyberespionage group known as Gelsemium to the NoxPlayer Android emulator supply-chain attack that targeted gamers earlier this year. Two years later, in 2016, new Gelsemium indicators of compromise showed up in a Verint Systems presentation at HITCON. In 2018, VenusTech unveiled an unknown APT group's malware samples linked to the Operation TooHash, which ESET later discovered were early versions of Gelsemium malware.

Severe security flaws uncovered in popular Visual Studio Code extensions could enable attackers to compromise local machines as well as build and deployment systems through a developer's integrated development environment. The vulnerable extensions could be exploited to run arbitrary code on a developer's system remotely, in what could ultimately pave the way for supply chain attacks.

A Fujitsu project management suite is causing red faces at the Japanese company's HQ after "Unauthorised access" resulted in data being stolen from government agencies, local reports say. The firm's ProjectWEB tool was reportedly accessed by an unidentified "Third party" who helped themself to data from, among others, Japan's Ministry of Foreign Affairs, its Cabinet Office Cyber Security Centre and the Ministry of Land.

Vanson Bourne surveyed 750 application security decision makers responsible for their organization's application development and security to get their perspectives on data breaches, top application security vulnerabilities, and the most important product capabilities needed to defend against multi-vector application attacks. Overall, the findings indicate that more needs to be done to protect against application security threats, particularly newer threats like bot attacks, API attacks, and supply chain attacks.

A Russian spymaster has denied that his agency carried out the infamous SolarWinds supply chain attack in a public relations move worthy of the Internet Research Agency. Sergei Naryshkin, head of the SVR spy agency, made his denial in a BBC interview broadcast on Tuesday.

Today, the UK government has announced a call for advice on defending against software supply-chain attacks and ways to strengthen IT Managed Service Providers across the country. The move comes after last week when President Biden had issued an executive order to increase cybersecurity defenses across the U.S. The government's invitation to provide feedback that will be open for almost two months comes at a time of prominent cyberattacks such as, the Colonial Pipeline incident, the Codecov supply-chain attack, and ransomware attacks on mission-critical organizations [1, 2] that continue to grow.

Addressing Fortune 500 business concerns, this virtual series will provide the supply chain analysis of the SunBurst compromise, while offering attendees new approaches and immediate actions they can take to mitigate future unknown software supply chain attacks. "Our team led the charge in dissecting the supply chain portion of this incident and introducing new approaches that businesses can use to detect and prevent future software supply chain attacks. Through this roadshow, our experts will help attendees better understand the anatomy of a supply chain attack and receive prescriptive recommendations to stop this kind of compromise."

Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. "A small subset of our source code repositories for internal tooling for our service was accessed by an unauthorized party outside of Rapid7," the Boston-based firm said in a disclosure.