August intrusion into LastPass development environment results in 2nd breach
Password management company says a threat actor used information from previous breach to access customer information. When a threat actor manages to gain access to an organization’s software development environment, bad things can happen. The latest to learn that lesson the hard way is password management vendor LastPass which in August 2022 experienced an incident […]
Read MoreMagecart actors ramp up exploit attempts against Magento/Adobe Commerce vulnerability
Sansec says it has observed more probes in November against the now-patched zero-day flaw (CVE-2022-24086) than the rest of the year combined. Seven threat groups affiliated with the Magecart cybercrime syndicate have begun heavily targeting a critical, arbitrary code execution vulnerability in the Magento 2 and Adobe Commerce platform that powers tens of thousands of […]
Read MoreConnectWise patches critical flaw in its Recover and R1Soft Server Backup Manager technology
Vulnerability gives attackers a way to target thousands of MSPs and their downstream customers. Company urges customers to treat issue as a top priority [298 words]. What: ConnectWise has patched a critical, remote code execution vulnerability in its ConnectWise Recover and R1Soft Server Backup Manager (SBM) software. The flaw exists in ConnectWise Recover SBM v2.9.7 […]
Read MoreGoogle’s open-source GUAC initiative will make information for securing the software supply chain readily available to everyone.
GUAC will allow developers, auditors, and risk management teams to evaluate risk more easily in their codebases. What: Google is seeking contributors to a new open-source project it has launched called Graph for Understanding Artifact Composition or GUAC. The goal of the effort, according to the company is to democratize the availability of software build, […]
Read MoreNewly disclosed vulnerability in PHP package repository highlights growing software supply chain risks
Key takeaway: Attackers are increasingly trying to infiltrate software development environments via malicious and poisoned packages on public code repositories. Robust SBOM and SCA practices are key to mitigating the threat [289 words] What: Researchers at SonarSource have disclosed a new vulnerability (CVE-2022-24828) in PHP package repository Packagist that gives attackers a way to execute […]
Read MoreAttackers Demonstrate Novel Way to Compromise EXSi Hypervisors
Key takeaway: Don’t allow vSphere Installation Bundles (VIBs) to become a vehicle for sneaking malware into your environment. (276 words) What happened: A China-based threat actor installed multiple backdoors on ESXi hypervisors at several organizations using malicious vSphere Installation Bundles. The backdoors enable a lot of bad things including persistent access, arbitrary command execution and […]
Read More