chain

15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks

Apr 2, 2022 by iHash Leave a Comment

A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code. "An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would … [Read more...] about 15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks

Exposing hidden cyber supply chain risks

May 26, 2021 by iHash Leave a Comment

We’re all tired of shortages. Things we took for granted are now hard to find or cost a lot more. Maybe you opened a new online account to locate that thing you need. Ah, the feeling of relief when it finally arrived. But what if that’s when your real troubles began? Let’s rewind. When you opened that new account, you added a new vendor to your personal supply chain. You handed … [Read more...] about Exposing hidden cyber supply chain risks

Threat Explainer: Supply Chain Attacks

May 10, 2021 by iHash Leave a Comment

Let’s say that you’re confident in your security posture. You have endpoint protection in place, firewalls defending the perimeter, and phishing filters on incoming email. You’ve leveraged tools to check for anomalies in your network traffic, rolled out an SSO solution, and implemented processes to securely connect to the network remotely. These defenses make it harder for bad … [Read more...] about Threat Explainer: Supply Chain Attacks

A Deep Dive into Lokibot Infection Chain

Jan 6, 2021 by iHash Leave a Comment

Cisco Blogs / Security / Threat Research / A Deep Dive into Lokibot Infection Chain News summary Lokibot is one of the most well-known information stealers on the malware landscape. In this post, we’ll provide a technical breakdown of one of the latest Lokibot campaigns. Talos also has a new script to unpack the dropper’s third stage. The actors behind Lokibot … [Read more...] about A Deep Dive into Lokibot Infection Chain

SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack

Dec 16, 2020 by iHash Leave a Comment

Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory page, the company urged its customers to update Orion Platform to version 2020.2.1 HF … [Read more...] about SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack

Threat Advisory: SolarWinds supply chain attack

Dec 15, 2020 by iHash Leave a Comment

Cisco Blogs / Security / Threat Research / Threat Advisory: SolarWinds supply chain attack Cisco Talos is monitoring yesterday’s announcements by FireEye and Microsoft that a likely state-sponsored actor compromised potentially thousands of high-value government and private organizations around the world via the SolarWinds Orion product. FireEye reported on Dec. 8 … [Read more...] about Threat Advisory: SolarWinds supply chain attack

« Previous Page

AdGuard VPN + Ad Blocker Family Security Suite for $49

Microsoft Office 2024 Home for Mac or PC: One-Time Purchase for $119

ASUS 14" Chromebook C424 (2021) Intel N4020 4GB RAM 128GB eMMC (Refurbished) for $174

Lenovo IdeaPad 5, 14" Touchscreen 2-in-1 Laptop (2024) AMD Ryzen 7, 16GB RAM 1TB SSD Windows 11 Home Cosmic Blue (Refurbished) for $649

Stacks Be Productive Plan: Lifetime Subscription for $29